Strength of elliptic curve cryptography meets government and commercial security requirements

MISSISSAUGA, Ontario – (January 31, 2007) – Certicom Corp. (TSX: CIC) today announced that Certicom’s Suite B Power Bundle will be included in the Infineon smart card microcontrollers. This will allow Certicom and Infineon customers to quickly comply with the U.S. government’s Suite B specifications by providing Infineon ECC-enabled smart card microcontrollers and Certicom software tools for the U.S. government’s Personal Identity Verification (PIV) cards and other applications. The need for stronger security is driving the demand for ECC, which is recommended by the U.S. government and is also being adopted by industry to protect valuable information.

ECC is a computationally efficient form of cryptography--an essential building block in security applications--that offers equivalent security to other competing technologies but with much smaller key sizes. This efficiency results in faster computations, lower power consumption, as well as memory and bandwidth savings, thereby making it ideal for today’s servers and enterprise applications. Because of this efficiency, organizations can meet growing security requirements, and reduce the number of servers required to manage the cryptographic keys. For example, depending on the hardware platform used, ECC can provide better than a 10:1 performance advantage over RSA and reduces the number of servers required by 7.5:1

“As a leader in the security chipcard market, we understand our customers’ needs for more advanced security and to be compliant with the latest government standards. By offering an ECC-enabled smart card processor with Certicom’s Suite B Power Bundle software tools, we allow our customers to upgrade to these features,” said Joerg Borchert, vice president of Chipcard and Security ICs, of Infineon Technologies North America. “By working with Certicom, it will ensure that customers will have the ECC tools available to allow an efficient implementation of Suite B.”
ECC is used in a growing number of sectors ranging from consumer electronics, wireless devices and semiconductors to government and financial services. In 2005, The National Security Agency’s (NSA) recommended ECC as the public-key cryptosystem to protect classified and unclassified government communications.  These recommendations, known as Suite B, are part of an initiative to upgrade the security infrastructure of the government’s communications to meet present and future security needs. 
“ECC security technology meets the demanding requirements of many customers, including the U.S. government,” said Ian McKinnon, president and CEO of Certicom. “By working with Infineon, we will provide our customers the critical public key infrastructure needed to develop end-to-end ECC-enabled solution for the PIV market with the highest performance implementations available.”  
Infineon and Certicom will promote Suite B Power Bundle Product capabilities based on IFX smart card processors at the RSA Conference 2007, Feb. 5-9, Moscone Center, San Francisco, CA.

About Certicom
Certicom protects the value of your content, applications and devices with government-approved security. Adopted by the National Security Agency (NSA) for classified and sensitive but unclassified government communications, Elliptic Curve Cryptography (ECC) provides the most security per bit of any known public-key scheme. As the undisputed leader in ECC, Certicom security offerings are currently licensed to more than 300 customers including General Dynamics, Motorola, Oracle, Research In Motion and Unisys. Founded in 1985, Certicom's corporate offices are in Mississauga, ON, Canada with worldwide sales headquarters in Reston, VA and offices in the US, Canada and Europe. Visit www.certicom.com

Certicom, Certicom ECC Core, Certicom Security Architecture, Certicom Trust Infrastructure, Certicom CodeSign, Certicom KeyInject, Security Builder, Security Builder API, Security Builder BSP, Security Builder Crypto, Security Builder ETS, Security Builder GSE, Security Builder IPSec, Security Builder MCE, Security Builder NSE, Security Builder PKI and Security Builder SSL are trademarks or registered trademarks of Certicom Corp. All other companies and products listed herein are trademarks or registered trademarks of their respective holders. Information subject to change.

Forward-Looking Statements

Except for historical information contained herein, this news release contains forward-looking statements that involve risks and uncertainties. Factors which could cause actual results or events to differ materially from current expectations include, among other things: the ability of the Company to successfully implement its strategic initiatives and whether such strategic initiatives will yield the expected benefits; the ability of the Company to develop, promote and protect its proprietary technology security breaches or defects in the Company’s products; competitive conditions in the businesses in which the Company participates; changes in consumer spending; the outcome of legal proceedings as they arise; general economic conditions and normal business uncertainty; consolidation in the Company’s industry and by its customers; customer preferences towards product offerings; the risk that customers may cancel their contracts with the Company; reliance on a limited number of customers; demand for ECC-based technology; performance of the Company’s management team and the Company’s ability to attract and retain skilled employees; operating the Company’s business profitably; fluctuations in revenue and foreign currency exchange rates; interest rate fluctuations and other changes in borrowing costs; the ability to develop and maintain strategic relationships; and other factors identified under the heading “Risk Factors” in the Company’s annual information form dated July 26, 2006 and filed on SEDAR at www.sedar.com.

For further information, please contact:

For Certicom    
John Callahan
(703) 234-2357    
j callahan@certicom.com