SYMANTEC CODE SIGNINGan essential security feature to add to your software

CODE SIGNING IS MORE IMPORTANT THAN EVERTwo trends make code signing more important than ever: the explosion of consumer applications for mobile and desktop devices and the proliferation of malware.

Cybercriminals recognise this as an opportunity and seek to trick us into installing malicious software (malware).

Software publishers and mobile network providers increasingly require code signing from a trusted Certificate Authority (CA) before accepting code for distribution.

By code signing software, developers can ensure the integrity of their application, protect their intellectual property and brand image and help combat malware.

Code signing provides customers with the reassurance they need by confirming that:

CUSTOMERS WANT REASSURANCE

An independent third party has verified the identity of the publisher1

The code hasn’t been tampered with since it was published2

Warning messages increasingly issued by operating systems and browsers can deter users from downloading and accessing applications online

REDUCE SECURITY WARNINGSCODE SIGNING IN ACTION

Code Signing Certificate in actionUsers feel safe to proceed

Unsigned, self-signed or an obscure CAUsers are unlikely to proceed

MICROSOFT’S SMARTSCREEN® FILTER DETERS USERSSince IE8 launched, SmartScreen has delivered over 1.5 billion malware blocks to Internet Explorer users*. To help better protect consumers from malware downloads, Internet Explorer checks the reputation of downloaded programs and warns users only if the downloaded program does not have established reputation.

*Protect Your Applications— and Reputation— with Symantec EV Code Signing; http://www.symantec.com/code-signing/extended-validation/

95% of IE9 users choose to delete or NOT RUN SOFTWARE when they receive SmartScreen’s warning

90% of program downloads no longer show browser security warnings when SmartScreen is enabled

EV CODE SIGNING

Encrypted digital signature

EV Code Signing closes any gaps to keep malware out EV CODESIGNING

STANDARDCODE SIGNING

Requires rigorous extended validation of organisation

Immediate reputation with Microsoft SmartScreen

Requires two-factor authentication using a hardware token

Symantec has partnered with Microsoft to integrate EV Code Signing certificate status with their SmartScreen® reputation services in Internet Explorer and Windows 8. Without an EV Code SigningCertificate, developers’ work may be blocked by the SmartScreen filter.

Benefits of Code Signing

WHY CODE SIGNING IS KEY

Maximize Distribution and Revenue on More Platforms1Reduce Security Warnings by Relying on a Trusted Certificate Authority 2Protect Your Code Integrity and Your Reputation3Speed Time to Market with Streamlined Security4Ensure a Safe, Secure Experience for Customers5

Symantec Code Signing Certificates are the best choice for code signing solutions because they support more platforms than any other code signing certificate provider*

Seven out of 10 software publishers choose Symantec Code Signing Certificates**

Symantec Code Signing, an essential security feature to add to your software

*To increase downloads, instill trust first; http://www.symantec.com/code-signing/microsoft-authenticode/data-sheets-white-papers/

**Online interactive survey of software developers and decision makers, conducted by Symantec, 10/2011.

To learn more about Symantec, visit our website: www.symantec.com/en/aa/ssl

For specific country offices and contact numbers, please visit our website. For product information in the APAC region:

Australia: +61 3 9674 5500New Zealand: +64 9 9127 201Singapore: +65 6622 1638Hong Kong: +852 30 114 683Taiwan: +886 2 2162 1992China: +86 411 3966 0400

Or email: ssl_sales_au@symantec.com ssl_sales_asia@symantec.com

Symantec World Headquarters350 Ellis StreetMountain View, CA 94043 USA

No part of the contents of this white paper may be reproduced or transmitted in any form or by any means without the written permission of the publisher.

Copyright © 2016 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Circle Logo and the Norton Secured Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.