Strength of elliptic curve cryptography meets government and commercial security requirements

MISSISSAUGA, Ontario – (January 30, 2007) –Certicom Corp. (TSX: CIC) today announced that Cybertrust, the global information security specialist, has licensed Certicom’s Suite B Power Bundle Products for use in its range of PKI-based identity management solutions. The need for stronger security is driving the demand for elliptic curve cryptography (ECC), which is recommended by the U.S. government and is also being adopted by industry to protect valuable information. Cybertrust will offer elliptic curve certificates through its managed Certification Authority services, including its certified Shared Service Provider program, Secure Sockets Layer (SSL) services and its in-house PKI offering, UniCERT.

ECC is a computationally efficient form of cryptography--an essential building block in security applications--that offers equivalent security to other competing technologies but with much smaller key sizes. This efficiency results in faster computations, lower power consumption, as well as memory and bandwidth savings, thereby making it ideal for today’s servers and enterprise applications. Because of this efficiency, organizations can meet growing security requirements, and reduce the number of servers required to manage the cryptographic keys. For example, depending on the hardware platform used, ECC can provide better than a 10:1 performance advantage over RSA and reduces the number of servers required by 7.5:1

“By offering ECC certificates by default in our broad range of identity management solutions, we provide our customers with stronger security that is compliant with the latest government standards,” said Stijn Bijnens, Cybertrust senior vice president identity management. “The collaboration with Certicom ensures that our customers will have the most efficient and secure implementation of ECC available.”

ECC is used in a growing number of sectors ranging from consumer electronics, wireless devices and semiconductors to government and financial services. In 2005, The National Security Agency’s (NSA) recommended ECC as the public-key cryptosystem to protect classified and unclassified government communications. These recommendations, known as Suite B, are part of an initiative to upgrade the security infrastructure of the government’s communications to meet present and future security needs.

“ECC security technology meets the demanding requirements of many customers, including the U.S. government,” said Ian McKinnon, president and CEO of Certicom. “The Cybertrust collaboration provides our government and enterprise customers the critical public key infrastructure needed to develop end-to-end ECC solutions with the highest performance implementations available.”

Cybertrust will promote its next generation certificate authority capabilities at Certicom’s ECC World booth #1236 at the RSA Conference 2007, Feb. 5-9, Moscone Center, San Francisco, CA. The Cybertrust exhibit, booth #1919, will highlight the company’s broad range of security services and solutions.

About Certicom
Certicom protects the value of your content, applications and devices with government-approved security. Adopted by the National Security Agency (NSA) for classified and unclassified government communications, Elliptic Curve Cryptography (ECC) provides the most security per bit of any known public-key scheme. As the undisputed leader in ECC, Certicom security offerings are currently licensed to more than 300 customers including General Dynamics, Motorola, Oracle, Research In Motion and Unisys. Founded in 1985, Certicom’s corporate offices are in Mississauga, ON, Canada with worldwide sales headquarters in Reston, VA and offices in the US, Canada and Europe. Visit

# # #

Forward-Looking Statements
Except for historical information contained herein, this news release contains forward-looking statements that involve risks and uncertainties. Actual results may differ materially. Factors that might cause a difference include, but are not limited to, those relating to the acceptance of mobile and wireless devices and the continued growth of e-commerce and m-commerce, the increase of the demand for mutual authentication in m-commerce transactions, the acceptance of Elliptic Curve Cryptography (ECC) technology as an industry standard, the market acceptance of our principal products and sales of our customer's products, the impact of competitive products and technologies, the possibility of our products infringing patents and other intellectual property of fourth parties, and costs of product development. Certicom will not update these forward-looking statements to reflect events or circumstances after the date hereof. More detailed information about potential factors that could affect Certicom's financial results is included in the documents Certicom files from time to time with the Canadian securities regulatory authorities.

The shares of the company described above have been offered only to qualified institutional buyers in reliance on Rule 144A under the Securities Act of 1933, as amended (the "Securities Act"), and outside the United States pursuant to Regulation S of the Securities Act. The shares have not been registered under the Securities Act and may not be offered or sold in the United States or to a U.S. Person absent registration or an applicable exemption from registration requirements.

This press release does not constitute an offer to sell or the solicitation of an offer to buy any security and shall not constitute an offer, solicitation or sale in any jurisdiction in which such offering would be unlawful.

For further information, please contact:

For Certicom    
John Callahan
(703) 234-2357