Code Signing Is More Important Than Ever
1 like1,037 views
Code signing is becoming increasingly important for software developers and publishers to establish trust with customers and distribution platforms like mobile networks and Microsoft, and to deter the proliferation of malware. It provides assurances to customers by verifying the identity of the publisher and confirming the code has not been tampered with. Microsoft's SmartScreen filter blocks unsigned code, deterring users, while Symantec's EV code signing closes gaps to keep malware out and gains immediate reputation with SmartScreen. Code signing benefits developers by maximizing distribution, reducing security warnings, protecting code integrity and reputation, and speeding time to market.
Code Signing Is More Important Than Ever
- 1. SYMANTEC CODE SIGNING an essential security feature to add to your software
- 2. CODE SIGNING IS MORE IMPORTANT THAN EVER Two trends make code signing more important than ever: the explosion of consumer applications for mobile and desktop devices and the proliferation of malware. Cybercriminals recognize this as an opportunity and seek to trick us into installing malicious software (malware). Software publishers and mobile network providers increasingly require code signing from a trusted Certificate Authority (CA) before accepting code for distribution. By code signing software, developers can ensure the integrity of their application, protect their intellectual property and brand image and help combat malware.
- 3. Code signing provides customers with the reassurance they need by confirming that: CUSTOMERS WANT REASSURANCE An independent third party has verified the identity of the publisher1 The code hasn’t been tampered with since it was published2 Warning messages increasingly issued by operating systems and browsers can deter users from downloading and accessing applications online
- 4. REDUCE SECURITY WARNINGS CODE SIGNING IN ACTION Code Signing Certificate in action Users feel safe to proceed Unsigned, self-signed or an obscure CA Users are unlikely to proceed
- 5. MICROSOFT’S SMARTSCREEN® FILTER DETERS USERS Since IE8 launched, SmartScreen has delivered over 1.5 billion malware blocks to Internet Explorer users*. To help better protect consumers from malware downloads, Internet Explorer checks the reputation of downloaded programs and warns users only if the downloaded program does not have established reputation. *Protect Your Applications— and Reputation— with Symantec EV Code Signing; http://www.symantec.com/code-signing/extended-validation/ 95% of IE9 users choose to delete or NOT RUN SOFTWARE when they receive SmartScreen’s warning 90% of program downloads no longer show browser security warnings when SmartScreen is enabled
- 6. EV CODE SIGNING Encrypted digital signature EV Code Signing closes any gaps to keep malware out EV CODE SIGNING STANDARD CODE SIGNING Requires rigorous extended validation of organization Immediate reputation with Microsoft SmartScreen Requires two-factor authentication using a hardware token Symantec has partnered with Microsoft to integrate EV Code Signing certificate status with their SmartScreen® reputation services in Internet Explorer and Windows 8. Without an EV Code Signing Certificate, developers’ work may be blocked by the SmartScreen filter.
- 7. Benefits of Code Signing WHY CODE SIGNING IS KEY Maximize Distribution and Revenue on More Platforms1 Reduce Security Warnings by Relying on a Trusted Certificate Authority2 Protect Your Code Integrity and Your Reputation3 Speed Time to Market with Streamlined Security4 Ensure a Safe, Secure Experience for Customers5 Symantec Code Signing Certificates are the best choice for code signing solutions because they support more platforms than any other code signing certificate provider* Seven out of 10 software publishers choose Symantec Code Signing Certificates** Symantec Code Signing, an essential security feature to add to your software *To increase downloads, instill trust first; http://www.symantec.com/code-signing/microsoft-authenticode/data-sheets-white-papers/ **Online interactive survey of software developers and decision makers, conducted by Symantec, 10/2011.
- 8. To learn more about Symantec, contact your Security Advisor today: For specific country offices and contact numbers, please visit our website. For product information in the US, Call: +1 650-527-8000 Symantec Corporation 350 Ellis Street Mountain View CA 94043 USA https://www.symantec.com/code-signing Copyright © 2016 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Circle Logo and the Norton Secured Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.