Certicom Security Architecture for Mobility reduces the time and cost to embed security across multiple families of mobile devices

MISSISSAUGA, Ontario – (September 13, 2004)– Certicom Corp. (TSX: CIC), the authority for strong, efficient cryptography, today announced the Certicom Security Architecture™ for Mobility enabling device manufacturers to quickly and cost-effectively embed security across multiple families and generations of devices. To develop this overall architecture, Certicom worked with Intel and device manufacturers to develop a comprehensive security platform that is optimized for the Intel® Wireless Trusted Platform.

“ Device manufacturers understand that security is best integrated early in the design cycle, which is why Intel developed the Intel Wireless Trusted Platform. This security co-processor, which is incorporated into the Intel PXA27x processor family, offers fundamental cryptographic algorithms that are optimized to run faster than in software,” said Gary Forni, director of independent software vendor enabling for Intel’s Cellular and Handheld Group. “The Certicom Security Architecture provides the toolkits device manufacturers need to take advantage of the Intel Wireless Trusted Platform, by integrating them into a common API across multiple operating systems, platforms and high level protocols such as IPSec and SSL.”

Enterprises, content providers and carriers are demanding that mobile handsets support security functionality such as secure messaging, secure voice over IP (VoIP), and digital rights management (DRM). To differentiate their mobile handsets, device manufacturers need to cost-effectively embed security functionality to meet their customer’s security requirements while preserving margins in a highly competitive marketplace. Moreover, device manufacturers often support multiple chipsets and operating systems, which can impact their time-to-market as the required security functionality must be integrated and optimized for each chipset.

To address these requirements, Certicom developed Security Builder® Middleware™, an optimized hardware abstraction layer that provides portable, hardware-based security across multiple devices and processors. Security Builder Middleware works with the Security Builder® API™, a common interface to all toolkits within the Certicom Security Architecture, to link applications with the strongest and/or fastest security available on the device. This results in a common security architecture that allows software vendors and device manufacturers to quickly enable hardware-optimized security across multiple platforms. The Security Builder API also provides backwards compatibility that allows existing Certicom customers to take advantage of the new optimized security functionality available through Security Builder Middleware for Intel Wireless Trusted Platform and future supported chipsets.

“ In a standardized industry, one of the biggest challenges facing embedded developers is how to differentiate their products without affecting margins. For some time now, we at Embedded Market Forecasters have pointed to security as this key differentiator, especially as more and more embedded devices become connected,” said Dr. Jerry Krasner, Vice President and Chief Analyst at Embedded Market Forecasters (www.embeddedforecast.com), the premier market intelligence and advisory firm in the embedded technology industry. “The Certicom Security Architecture for Mobility was designed to specifically address the need for a comprehensive security platform that can be quickly and cost-effectively added across multiple devices.”

In addition to Security Builder Middleware, Certicom Security Architecture integrates a software cryptographic provider to deliver security functionality that is not provided on the chip and ties together all of Certicom’s proven developer toolkits to create a plug-and-play security development architecture that includes higher level protocol functionality such as SSL, IPSec and PKI. The Security Builder® developer toolkits now integrated into the Certicom Security Architecture for Mobility include:

  • Security Builder ® Crypto™, a cross-platform cryptographic toolkit;
  • Security Builder® GSE™, a FIPS 140-2 validated cryptographic module;
  • Security Builder® PKI™, a digital certificate management toolkit;
  • Security Builder® SSL™, a complete secure sockets layer toolkit; and
  • Recently announced Security Builder® IPSec™, a client-side virtual private network toolkit.

“ The new Security Builder Middleware toolkit is a key component of an evolving trusted computing platform that provides developers a single security API for all applications to use in accessing the fastest and/or strongest security available on the device’s chipset,” said Roy Pereira, vice-president, marketing and product management at Certicom. “Intel provided valuable insight into the development of the Certicom Security Architecture and combined with the Intel Wireless Trusted Platform it enables device manufacturers to build in the secure computing platform required today.”

Security Builder Middleware for Intel Trusted Wireless Platform, a key component of the Certicom Security Architecture, will be available in Q4 with support for other processors to follow. Other Security Builder toolkits in the Certicom Security Architecture for Mobility are available immediately. For more information, visit http://www.certicom.com/csa.

About Certicom
Certicom Corp. (TSX:CIC) is the authority for strong, efficient cryptography required by software vendors and device manufacturers to embed security in their products. Adopted by the US Government’s National Security Agency (NSA), Certicom technologies for Elliptic Curve Cryptography (ECC) provide the most security per bit of any known public key scheme, making it ideal for constrained environments. Certicom products and services are currently licensed to more than 300 customers including Motorola, Oracle, Research In Motion, Terayon, and Texas Instruments. Founded in 1985, Certicom is headquartered in Mississauga, ON, Canada, with offices in Ottawa, ON; Reston, VA; San Mateo, CA; and London, England. Visit www.certicom.com.

Certicom, Security Builder, Security Builder Crypto, Security Builder GSE, Security Builder IPSec, Security Builder Middleware,Security Builder PKI, Security Builder SSL, movianVPN, movianCrypt and movianMail are trademarks or registered trademarks of Certicom Corp. All other companies and products listed herein are trademarks or registered trademarks of their respective holders.

Forward-Looking Statements
Except for historical information contained herein, this news release contains forward-looking statements that involve risks and uncertainties. Actual results may differ materially. Factors that might cause a difference include, but are not limited to, those relating to the acceptance of mobile and wireless devices and the continued growth of e-commerce and m-commerce, the increase of the demand for mutual authentication in m-commerce transactions, the acceptance of Elliptic Curve Cryptography (ECC) technology as an industry standard, the market acceptance of our principal products and sales of our customer's products, the impact of competitive products and technologies, the possibility of our products infringing patents and other intellectual property of fourth parties, and costs of product development. Certicom will not update these forward-looking statements to reflect events or circumstances after the date hereof. More detailed information about potential factors that could affect Certicom's financial results is included in the documents Certicom files from time to time with the Canadian securities regulatory authorities.

The shares of the company described above have been offered only to qualified institutional buyers in reliance on Rule 144A under the Securities Act of 1933, as amended (the "Securities Act"), and outside the United States pursuant to Regulation S of the Securities Act. The shares have not been registered under the Securities Act and may not be offered or sold in the United States or to a U.S. Person absent registration or an applicable exemption from registration requirements.

This press release does not constitute an offer to sell or the solicitation of an offer to buy any security and shall not constitute an offer, solicitation or sale in any jurisdiction in which such offering would be unlawful.

For further information, please contact:

For Certicom    
Tim Cox Brendan Ziolo  
ZingPR Certicom Corp.  
(650) 369-7784 (613) 254-9267  
tim@zingpr.com bziolo@certicom.com