Partnership Further Differentiates IdentiPHI Enterprise Security Suite for Governmental Agencies

AUSTIN, Texas – (May 2, 2006)–IdentiPHI LLC, an industry leader in Enterprise Advanced Authentication, Single Sign-On and Endpoint Management, announced today a strategic partnership with Certicom Corp, an industry leader in elliptic curve cryptography.

The partnership means IdentiPHI will use the Certicom Security Architecture™ to add a FIPS 140-2-Validated module that includes Suite B algorithms. By adding this level of security into its Enterprise Security Suite of Advanced Authentication and Single Sign-On products, IdentiPHI meets the National Security Agency's Suite B Cryptography recommendations. Suite B is a set of cryptographic algorithms that include elliptic curve cryptography -- part of the NSA's increasing desire to have a "flexible and adaptable cryptographic strategy for protecting national security information."

"Meeting Suite B security requirements will be the determining factor regarding who can do business with government agencies going forward." said Peter Gilbert, CEO of IdentiPHI. "The NSA has outlined a comprehensive list of security must-haves ? a list that the IdentiPHI Software Suite now meets and exceeds."

"The U.S. government's crypto modernization program coupled with the heightened need for strong security has moved ECC and Suite B into the forefront," said Ian McKinnon, Certicom's president and CEO. "Organizations buying security today need to ensure it includes ECC: for strength, Suite B interoperability and long cryptographic life span."

The competitive advantages of deploying IdentiPHI's Software Suite at governmental agencies are:

  • Based on Elliptic Curve Cryptography: Faster, more secure, and more cost-effective than aging RSA & Diffie-Hellman Keys
  • Provides Suite B algorithms within a FIPS 140-2 module
  • Provides users and administrators with the most flexible authentication methods, such as CAC, PIV, and biometric authentication
  • Leverages network authentication to securely manage application passwords, removing the inherent weaknesses associated with managing multiple passwords

"Suite B is the future of elliptic curve cryptography," added Gilbert. "Solutions that fail to meet these requirements will increasingly be viewed as offering yesterday's technology."

Partnership Extends Benefits to Other Industries

The partnership will also strengthen IdentiPHI's offerings in the private sector.

"For the financial sector, The IdentiPHI Enterprise Security Suite provides an effective solution to manage user authentication in line with Gramm-Leach-Bliley Act (GLBA) regulations," said John Atkinson, VP Worldwide Sales and Marketing, IdentiPHI. "The inclusion of Certicom's Elliptic Curve Cryptography-based technology serves to greatly enhance financial sector data and communications security. The combination provides a robust solution for current compliance with consideration for where GLBA regulations are quickly heading."

Atkinson added that the Healthcare industry will also welcome standards-compliant solutions through the IdentiPHI Enterprise Security Suite.

"To meet HIPAA regulations, we offer healthcare-specific security assessments in addition to our software-based solutions," said Atkinson. "HIPAA legislation mandates the protection of patient records and other sensitive electronic data. For many healthcare providers - especially those still relying on hard-copy records - it's difficult to know where to start. Our Healthcare assessments focus on guiding these first, critical business decisions by outlining a path to building a secure network infrastructure. The implementation of IdentiPHI's targeted technology then provides the right security solution to aid in meeting regulatory HIPAA compliance."

About IdentiPHI 
IdentiPHI is an innovative technology company offering a comprehensive suite of enterprise security solutions. Comprised of experienced partners and thought leaders in the industry, IdentiPHI is setting the standard for what companies are looking for in a security software solution. IdentiPHI provides flexible tools that meet or exceed current legislative requirements to strengthen an identity management and authentication system. IdentiPHI is defining security technology to meet the evolving challenges of today's fast-paced business needs.

IdentiPHI's suite of products offers modular solutions that allow the end user to Identify and Authenticate for Network Login and Access Applications. Flexible configuration, central management and ease of deployment are all features of IdentiPHI. Reduce your costs today by lowering the number of separately administered accounts and authentication credentials you manage. For more information call 888-436-8744, or visit

About Certicom
Certicom protects the value of your content, software and devices with government-approved security. Adopted by the National Security Agency (NSA) for classified and sensitive but unclassified government communications, Elliptic Curve Cryptography (ECC) provides the most security per bit of any known public-key scheme. As the undisputed leader in ECC, Certicom security offerings are currently licensed to more than 300 customers including General Dynamics, Motorola, Oracle, Research In Motion and Unisys. Founded in 1985, Certicom's corporate offices are in Mississauga, ON, Canada with worldwide sales headquarters in Reston, VA and offices in the US, Canada and Europe. Visit

Certicom, Certicom Security Architecture, Certicom Trust Infrastructure, Certicom CodeSign, Certicom KeyInject, Security Builder, Security Builder API, Security Builder BSP, Security Builder Crypto, Security Builder ETS, Security Builder GSE, Security Builder IPSec, Security Builder NSE, Security Builder PKI and Security Builder SSL are trademarks or registered trademarks of Certicom Corp. All other companies and products listed herein are trademarks or registered trademarks of their respective holders.

Forward-Looking Statements
Except for historical information contained herein, this news release contains forward-looking statements that involve risks and uncertainties. Actual results may differ materially. Factors that might cause a difference include, but are not limited to, those relating to the acceptance of mobile and wireless devices and the continued growth of e-commerce and m-commerce, the increase of the demand for mutual authentication in m-commerce transactions, the acceptance of Elliptic Curve Cryptography (ECC) technology as an industry standard, the market acceptance of our principal products and sales of our customer's products, the impact of competitive products and technologies, the possibility of our products infringing patents and other intellectual property of fourth parties, and costs of product development. Certicom will not update these forward-looking statements to reflect events or circumstances after the date hereof. More detailed information about potential factors that could affect Certicom's financial results is included in the documents Certicom files from time to time with the Canadian securities regulatory authorities.

The shares of the company described above have been offered only to qualified institutional buyers in reliance on Rule 144A under the Securities Act of 1933, as amended (the "Securities Act"), and outside the United States pursuant to Regulation S of the Securities Act. The shares have not been registered under the Securities Act and may not be offered or sold in the United States or to a U.S. Person absent registration or an applicable exemption from registration requirements.

This press release does not constitute an offer to sell or the solicitation of an offer to buy any security and shall not constitute an offer, solicitation or sale in any jurisdiction in which such offering would be unlawful.

For further information, please contact:

For Certicom    
Lisa Courtney Lloyd Wendy Moore-Bayley  
Jolita Communications Certicom Corp.  
(613) 271-7512 (613) 254-9268