ComodoSSLstore Loading

Why Do I Need EV Code Signing?

EV Code Signing is the only way to gain instant trust in Microsoft SmartScreen

So, what's the difference between an EV Code Signing Certificate and a regular one? After all, they both let you sign your software and distrubite it online. The difference is two fold, one is better private key security, the other more important difference is only an EV Code Signing certificate can get you trusted immediately by Microsoft SmartScreen.

What is Microsoft SmartScreen

Microsoft SoftScreen is a browser filter for IE10 and Edge users that protects against:

  • Phishing
  • Malware Sites
  • Malicious Downloads

It's that last item, regarding downloads, that gives software developers headaches. Just like any other filter SmartScreen is distrustful by nature. What's different from other browser filters is that SmartScreen uses a metric called Application Reputation. It takes time to establish Application reputation. You start from zero.

Building Application Reputation in MS SmartScreen

It's not easy building reputation with SmartScreen. It checks your software against a list of malicious program. That’s no problem for you, you're legitimate. Then it checks against a list of 'trusted," regularly downloaded programs. This is where the trouble starts for new developers.

You're trying to build reputations, but Microsoft's warnings are actively killing your conversions.

EV Code Signing Establishes Reputation in MS SmartScreen

Because of the level of validation required to acquire an EV Code Signing certificate, Microsoft SmartScreen is willing to afford those developers with a considerable degree of trust up front. Comodo is essentially vouching that you're a good actor and will be distributing safe software.

How Does EV Code Signing Offer Better Security

With any code signing certificate the private key is like the holy grail. It's what applies the digital signature that allows your software to be trusted by the browser. If it ever gets compromised a litany of bad things could happen. EV SSL helps to prevent this by storing your private key on an external hardware token so unauthorized access can't occur.

EV Code Signing Gives you the Competitive Edge

You can't afford to lose almost 20% of your potential customers. And that's what will happen if you aren't trusted by Microsoft SmartScreen. You could spend months trying to gain reputation and stop having your downloads flagged. Or you could skip to the front of the line. Why wait?