Elliptic Curve Cryptography Provides Increased Speed and Security to Check 21 Solution

MISSISSAUGA, Ontario – May 19, 2004 – Certicom Corp. (TSX: CIC), the authority for strong, efficient cryptography, today announced that Unisys Corporation has licensed Certicom’s Security Builder toolkits to embed Elliptic Curve Cryptography (ECC) in its medium-speed NDP Quantum Series and its high-speed NDP850-2000 document processor families. The highly optimized implementations of ECC, found in the Security Builder toolkit, enable Unisys to digitally sign over 10,000 images per minute and address the security requirements of Check 21 (Check clearing for the 21st Century Act) image exchange.

Check 21-enabled image exchange provides significant opportunity for improved efficiencies and reduced costs in the U.S. financial industry but also creates opportunities for fraud as the images move through the payment system. This agreement between Unisys and Certicom provides the U.S. financial industry with security technologies to protect against fraud.

“Embedding Certicom security technology allows Unisys customers to be confident of the integrity of each check image which is the optimal way to eliminate the risk of image alteration fraud,” said Gary Wallen, Vice President Unisys Payment Systems. “And Certicom’s optimized implementations allow us to meet the demanding requirement to sign 10,000 images per minute.”

Check 21 encourages financial institutions to exchange digital images rather than paper to process checks with each other. The security around these digital images is very important because they must guarantee the same legal status as a paper check and eliminate the possibility of fraud while ensuring long-term storage. These requirements present a number of challenges: first, machines scan thousands of checks per minute; second, each image has to be signed to ensure that check values are not tampered with; and third, the encryption must be very strong so that the images can be transferred safely.

To achieve maximum efficiency, the digital signature must be small and fast. However, security cannot be compromised, so the signature must also be very strong. With Security Builder PKI, Unisys has integrated an ECC-based digital signature, ECDSA, which offers high security using much smaller key sizes than any other public key scheme available today. It is the only technology capable of digitally signing over 10,000 images per minute. It also allows Unisys to be consistent with the ANSI (American National Standards Institute) DSTU X9.37 Specifications for Electronic Exchange of Check and Image Data.

“This contract is another example of how ECC is the ideal public key cryptosystem for a growing number of applications that require strong, efficient cryptography. This selection by Unisys further validates our toolkits as the most highly optimized implementations on the market today,” said Ian McKinnon, President and CEO at Certicom. “Our Security Builder toolkits enable Unisys to integrate ECC-based digital signatures quickly and easily into their solutions in order to conform with the emerging Check21 requirements. This will create new opportunities for Certicom in the financial sector.”

Security Builder® PKI™ enables developers to add robust, standards-based digital certificates and key management to applications and devices. With optimized libraries, FIPS-approved algorithms and a common API across multiple platforms, Security Builder PKI enables you to get to market quickly using proven security. Any financial institution or application developer can integrate Security Builder PKI to provide all the necessary logic to validate the certificates and signatures generated by other institutions. For more information about Security Builder toolkits, visit www.certicom.com/securitybuilder.

Certicom stands to receive additional license and royalty revenues when third-party developers integrate Security Builder toolkits into their financial applications that validate these digital signatures.

About Certicom
Certicom is a leading provider of wireless security solutions, enabling developers, governments and enterprises to add strong security to their devices, networks and applications. Designed for constrained devices, Certicom’s patented technologies are unsurpassed in delivering the strongest cryptography with the smallest impact on performance and usability. Certicom products and technologies are currently licensed to more than 300 customers including Cisco Systems, Motorola, the National Security Agency, Palm, Research In Motion, Sony Ericsson and Texas Instruments. Founded in 1985, Certicom is headquartered in Mississauga, ON, Canada, with offices in Ottawa, ON; Reston, VA; San Mateo, CA; and London, England. Visit www.certicom.com.

Certicom, Security Builder, Security Builder Crypto, Security Builder SSL, Security Builder PKI, Security Builder GSE, movianVPN, movianCrypt and movianMail are trademarks or registered trademarks of Certicom Corp. MOTOROLA and the Stylized M Logo are registered trademarks in the US Patent & Trademark Office. Java and all other Java-based marks are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries. The Bluetooth trademarks are owned by their proprietor and used by Motorola, Inc. under license. All other companies and products listed herein are trademarks or registered trademarks of their respective holders.

Forward-Looking Statements
Except for historical information contained herein, this news release contains forward-looking statements that involve risks and uncertainties. Actual results may differ materially. Factors that might cause a difference include, but are not limited to, those relating to the acceptance of mobile and wireless devices and the continued growth of e-commerce and m-commerce, the increase of the demand for mutual authentication in m-commerce transactions, the acceptance of Elliptic Curve Cryptography (ECC) technology as an industry standard, the market acceptance of our principal products and sales of our customer's products, the impact of competitive products and technologies, the possibility of our products infringing patents and other intellectual property of fourth parties, and costs of product development. Certicom will not update these forward-looking statements to reflect events or circumstances after the date hereof. More detailed information about potential factors that could affect Certicom's financial results is included in the documents Certicom files from time to time with the Canadian securities regulatory authorities.

The shares of the company described above have been offered only to qualified institutional buyers in reliance on Rule 144A under the Securities Act of 1933, as amended (the "Securities Act"), and outside the United States pursuant to Regulation S of the Securities Act. The shares have not been registered under the Securities Act and may not be offered or sold in the United States or to a U.S. Person absent registration or an applicable exemption from registration requirements.

This press release does not constitute an offer to sell or the solicitation of an offer to buy any security and shall not constitute an offer, solicitation or sale in any jurisdiction in which such offering would be unlawful.

For further information, please contact:

For Certicom    
Tim Cox Brendan Ziolo  
ZingPR Certicom Corp.  
(650) 369-7784 (613) 254-9267  
tim@zingpr.com bziolo@certicom.com