Regarding code signing, Extended Validation (EV) Code Signing Certificates offer the highest level of security and trust. Certum EV Code Signing Certificates design to protect software from tampering and ensure end-users download software from a verified source. But what exactly does it take to obtain this level of validation? This post will explore the validation process and the documents required for a Certum EV Code Signing Certificate.

What is an EV Code Signing Certificate?

An Extended Validation (EV) Code Signing Certificate provides a robust digital signature for software, adding a layer of authentication that verifies the software publisher’s identity. Unlike standard code signing certificates, EV certificates add credibility and prevent security warnings in newer operating systems and browsers, especially for Windows and macOS.

The Verification Process

To activate a Certum EV Code Signing Certificate, Certum requires verification of the applicant’s identity, ensuring that only legitimate organizations and software publishers can sign their code with an EV certificate. The subscriber must pass stringent checks, and Certum offers several methods for identity verification:

  1. Automatic Identity Verification (Recommended): This is the quickest method for verifying the subscriber’s identity. Certum uses automated tools to cross-reference public records and business directories, streamlining the verification process.
  2. Verification at a Registration Point or Identity Confirmation Point: For those who prefer or require in-person verification, Certum allows identity confirmation at designated points. Certum typically authorizes these registration points to confirm personal identity. You can download the necessary declaration forms from Certum’s website, which you must submit in person.
  3. Notarial Confirmation of Identity: If automatic or in-person verification is not an option, Certum accepts notarized identity confirmation. It involves having a notary public authenticate your identification documents, such as your passport or national ID.
  4. Document Verification (Photos of ID): Certum also allows verification via submitted photographs of identity documents, such as a passport, national ID card, driver’s license, or permanent residency card. It would help to get both sides of the document submitted for review.

Required Documents for EV Code Signing Certificate

The documents required for Certum EV Code Signing Certificates ensure that the person applying for the certificate is legally authorized to represent the organization. Here’s a breakdown of what’s needed:

  • Authorization/Power of Attorney: A signed power of attorney is required if the applicant is not the company’s official representative. This document proves the relationship between the applicant and the organization.
  • Utility Bill: To verify the company’s physical address, Certum requires a recent utility bill (gas, electricity, water, or telephone) issued to the organization.
  • Company Registration Documents: If your company is not publicly listed in the business registry, you must submit official company registration documents, such as a certificate of incorporation.
  • ID Documents: The primary contact for the certificate must submit personal identification documents, such as a passport, national ID card, or driving license, which Certum uses to confirm identity.
  • Optional Qualified Certificate: Certum also offers the option to confirm the subscriber’s identity using a valid qualified certificate that has already been issued to the subscriber by Certum.

How to Submit Documents:

After gathering the necessary documents, you can submit them to Certum through several methods:

  • Upload the documents in My Account on the Certum website.
  • Send the documents as a password-protected email file to Certum’s customer support (contact them to arrange password delivery).
  • Mail the documents to Certum’s office at Bajeczna 13, 71-838 Szczecin, Poland.

The Importance of an EV Code Signing Certificate

EV Code Signing Certificates are essential for large organizations, software developers, and businesses prioritizing security. By providing a higher level of trust, EV certificates allow your software to bypass security warnings that might otherwise deter users from downloading it. Microsoft’s SmartScreen Filter, for instance, specifically recognizes EV Code Signing Certificates, offering an immediate reputation boost that helps avoid those intimidating “Unknown Publisher” warnings.

In conclusion, while obtaining a Certum EV Code Signing Certificate might seem rigorous, the high level of trust and security it provides for your software makes it a worthwhile investment. EV certificates protect your software from tampering and safeguard your brand’s reputation by ensuring end-users can trust your applications.

Visited 4 times, 1 visit(s) today
Was this article helpful?
YesNo

Leave a Reply

Your email address will not be published. Required fields are marked *

Close Search Window