There’s no better place to start than by offering the highest level of security with your software. With billions of downloads every year and thousands of options to choose from, you want every advantage you can get to offer the best experience possible to your end-users. Warning messages can cause loss of trust and revenue, which is why it’s wise to do everything possible to avoid having them attached to your organization’s name.
The DigiCert Extended Validation (EV) Code Signing Certificate is the ultimate tool of trust. With the use of two-factor authentication and an encrypted digital signature, this EV code signing cert helps you avoid warning messages, tamper-proof your software and offer secure downloads for your users.
The most important benefit offered by the DigiCert EV code signing certificate is that it instantly builds trust with Microsoft’s SmartScreen® Application Reputation filter. Microsoft SmartScreen warnings are one of the most frustrating problems software publishers have to deal with—it’s a big, scary warning that effectively kills software installs. SmartScreen is notoriously sensitive, often flagging new software packages as dangerous simply because Microsoft doesn’t have enough data on the file or publisher yet. Fortunately, there’s a simple solution: DigiCert EV code signing.
An encrypted token containing the private key is stored on a USB device that you receive after you purchase your certificate. Only those who have the physical device can sign code with your EV code signing certificate, providing reinforced authentication and enhanced security.
Adding an optional timestamp means your signature lives on even after the original EV code signing certificate used to sign it has expired. Without a timestamp, your signature expires when the certificate expires, requiring you to re-sign your code.
Microsoft’s SmartScreen® Application Reputation filter reduces warning messages, increasing brand reputation and end-user trust.
EV code signing certificates can be installed on HSMs, giving you more control over your certificates and their private keys. Anyone in your organization with authorized access to the HSM can use the stored certificate
to sign code.
There is no need to reissue your certificate to sign code for a different platform (e.g., Authenticode, Kernel Mode, etc.)
Manual TLS Management Is Dying – And 47-Day Cert Validity Will Be the Final Nail in the Coffin