Transitions the movian application business to meet demand for embedded virtual private network client offering


MISSISSAUGA, Ontario – September 2, 2004 – Certicom Corp. (TSX: CIC), the authority for strong, efficient cryptography, today announced its plans to capitalize on new opportunities in the embedded virtual private network (VPN) market with the launch of Security Builder® IPSec™, a developer toolkit for embedding the Internet Protocol security (IPSec) protocol into wireless handhelds and to secure Voice over IP (VoIP).

The market is demanding strong, transparent security that is embedded into the device and does not impact the user experience. For this reason, Certicom will migrate its existing movianVPN™ product from an end-user application to Security Builder IPSec, an embedded security toolkit. This move supports the company's announcement from March to focus on the embedded security market and its intellectual property licensing business. Certicom has recently signed a substantial licensing contract for Security Builder IPSec with a customer that cannot be disclosed for confidentiality reasons.

As growth within the mobile device industry moves from the consumer to the enterprise market, having strong, efficient security has become mission critical, but the challenge is to add security without compromising usability. The solution is to embed security directly into the device. Recent work with Motorola and Sierra Wireless validate this approach as Certicom IPSec technology was successfully embedded into the Motorola C620 and A760 phones and the Voq Professional Phone from Sierra Wireless.

Based on the award-winning movianVPN technology, Security Builder IPSec is a cross-platform, client-side IPSec toolkit that enables developers to easily embed standards-based VPN access into constrained devices. With the smallest code size and widest support for industry-leading VPN gateways, Security Builder IPSec provides efficient security and enables better performance than is normally achievable with traditional IPSec implementations. Security Builder IPSec will maintain movianVPN's wide support for VPN gateway vendors, such as Cisco, Nortel and NetScreen, as well as wide support of major smartphones and PDAs.

"With the launch of our Security Builder IPSec toolkit, we are taking full advantage of the new growth opportunities in the embedded VPN and secured VoIP markets," said Ian McKinnon, president and CEO of Certicom. "Our experience with the movianVPN application puts us in a unique position to understand device manufacturer, enterprise and end-user mobile security needs and to develop a market leading embedded VPN solution, Security Builder IPSec. This toolkit will enable device manufacturers to differentiate themselves by embedding security into new devices instead of asking users to deal with another intrusive security application."

Developers can also use Security Builder IPSec to develop a complete end-user application that enables secure network access from a wireless handheld device. Certicom Professional Services would help developers create a user interface (UI), build drivers, port the toolkit to a new platform or round out other functionality to create a VPN client based on movianVPN technology.

To fully capitalize on this industry shift to embedded security, Certicom will end the movian indirect channel program to remain focused on selling directly to original equipment manufacturers (OEMs) and independent software vendors (ISVs), who embed security in the design stage of a device. Certicom will continue to honor existing support agreements for movian products until October 31, 2005, or the last day of a customer's contract, whichever is earlier. Customers and channel partners have been notified of the change. Channel partners will continue to sell movian products until October 31, 2004.

After October 31, 2004, end-users who need a movianVPN license for existing devices should contact their VPN gateway and wireless handheld vendors, some of which have a license to distribute existing versions of movianVPN. A complete list of partners will be posted at http://www.certicom.com/movianVPN.

Like movianVPN, the functionality of the other movian products is now offered as part of a Certicom toolkit. movianMail™ functionality is part of Security Builder PKI™, a digital certificate management toolkit, and movianCrypt™ features are built from Security Builder Crypto™, a cross-platform cryptographic toolkit.

Security Builder IPSec is available immediately and priced with a license fee and royalties based on the number of devices. For more information on Security Builder developer toolkits, visit: http://www.certicom.com/securitybuilder.

About Certicom
Certicom Corp. (TSX:CIC) is the authority for strong, efficient cryptography required by software vendors and device manufacturers to embed security in their products. Adopted by the US Government’s National Security Agency (NSA), Certicom technologies for Elliptic Curve Cryptography (ECC) provide the most security per bit of any known public key scheme, making it ideal for constrained environments. Certicom products and services are currently licensed to more than 300 customers including Motorola, Oracle, Research In Motion, Terayon, Texas Instruments and XM Radio. Founded in 1985, Certicom is headquartered in Mississauga, ON, Canada, with offices in Ottawa, ON; Reston, VA; San Mateo, CA; and London, England. Visit www.certicom.com.

Certicom, Security Builder, Security Builder Crypto, Security Builder SSL, Security Builder PKI, Security Builder GSE, movianVPN, movianCrypt and movianMail are trademarks or registered trademarks of Certicom Corp. All other companies and products listed herein are trademarks or registered trademarks of their respective holders.

Forward-Looking Statements
Except for historical information contained herein, this news release contains forward-looking statements that involve risks and uncertainties. Actual results may differ materially. Factors that might cause a difference include, but are not limited to, those relating to the acceptance of mobile and wireless devices and the continued growth of e-commerce and m-commerce, the increase of the demand for mutual authentication in m-commerce transactions, the acceptance of Elliptic Curve Cryptography (ECC) technology as an industry standard, the market acceptance of our principal products and sales of our customer's products, the impact of competitive products and technologies, the possibility of our products infringing patents and other intellectual property of fourth parties, and costs of product development. Certicom will not update these forward-looking statements to reflect events or circumstances after the date hereof. More detailed information about potential factors that could affect Certicom's financial results is included in the documents Certicom files from time to time with the Canadian securities regulatory authorities.

The shares of the company described above have been offered only to qualified institutional buyers in reliance on Rule 144A under the Securities Act of 1933, as amended (the "Securities Act"), and outside the United States pursuant to Regulation S of the Securities Act. The shares have not been registered under the Securities Act and may not be offered or sold in the United States or to a U.S. Person absent registration or an applicable exemption from registration requirements.

This press release does not constitute an offer to sell or the solicitation of an offer to buy any security and shall not constitute an offer, solicitation or sale in any jurisdiction in which such offering would be unlawful.

For further information, please contact:

For Certicom    
Tim Cox Brendan Ziolo  
ZingPR Certicom Corp.  
(650) 369-7784 (613) 254-9267  
tim@zingpr.com bziolo@certicom.com