GlobalSign First Pan-European Certification Authority Receiving Webtrust Accreditation

Independent auditor Deloitte & Touche confirms that Globalsign achieved the AICPA/CICA WebTrust Seal of Assurance for Certification Authorities.

GlobalSign, Europe’s leading Certificate Service Provider offering digital certificates and co-sourced PKI solutions, has announced that it received the WebTrust( Seal of Assurance for Certification Authorities after an audit conducted by Deloitte & Touche. GlobalSign is the first pan-European public Certification Authority to attain this accreditation level.

To increase consumer confidence in the application of Public Key Infrastructure (PKI) technology, the public accounting profession has developed and is promoting a set of principles and criteria for Certification Authorities (CAs), referred to as the AICPA/CICA WebTrust Program for CAs. It is an international e-commerce trust program developed and managed jointly by the American Institute of Certified Public Accountants (AICPA) and the Canadian Institute of Chartered Accountants (CICA). The WebTrust Seal of Assurance combines high standards for e-commerce activities with the requirement for an independent verification/audit. Together they build trust and confidence among consumers and enterprises conducting business over the Internet. By demonstrating compliance with WebTrust criteria, entities earn the right to display the WebTrust Seal of Assurance.

Confidentiality, authentication, integrity, and non-repudiation are the four most important ingredients required for trust in online transactions. The standard response to these requirements is the implementation of PKI technology. PKI utilises digital certificates and asymmetric cryptography to address these requirements. PKI provides a means for parties to know that another individual’s or entity’s public key actually belongs to that individual/entity. It requires the presence of an independent trusted third party, a Certification Authority, which issues and manages the digital certificates. The use of digital certificates is supported by default in popular Internet applications such as e-mail clients and browsers.

“Trust is at the heart of our business. In order to gain and keep this trust, a Certification Authority needs to put in place very tight quality control mechanisms.” said Johan Sys, General Manager of GlobalSign. “By achieving the WebTrust Seal of Assurance, we have the confirmation that our processes, procedures and control mechanisms meet the highest standards. The WebTrust Seal of Assurance also helps us to sustain our competitive advantage of being one of the few CAs in the world that is by default included in all leading browsers and e-mail clients. “

Audit and consulting firm Deloitte & Touche who is licensed by the AICPA/CICA to provide assurance services has evaluated and tested whether the services provided by GlobalSign meet the principles and criteria set forward by the WebTrust program for Certification Authorities. “We have advised GlobalSign throughout the certification process, which started in the summer of 2001. Thanks to the close partnership with GlobalSign the certification was attained within the budget and timeframe set forward.” said Chris Verdonck, Enterprise Risk Services Partner at Deloitte & Touche. “It was a unique project in many ways.” continues Verdonck. “After all GlobalSign is one of the few public CAs in the world to have attained this certification level. At Deloitte & Touche we combined our local expertise with the experience from colleagues in Denmark and the US as well as direct feedback from the Chairman of the WebTrust Committee. ”

GlobalSign sells digital certificates through its web site (www.globalsign.net) and through different partners. These digital certificates include personal certificates (PersonalSign(tm)), server certificates (ServerSign(tm)) and software signing certificates (ObjectSign(tm)). GlobalSign has recently been selected as the public Certification Authority for the Belgian project to deliver electronic identity cards to all Belgian citizens. GlobalSign also offers a co-sourced PKI solution called CorporateRA(tm), and a unique service called RootSign( aimed at corporate Certification Authorities who do not have their Root Certificate embedded in popular browsers.

About GlobalSign
GlobalSign is Europe’s leading Certificate Service Provider offering digital certificates and co-sourced PKI solutions. GlobalSign’s digital certificates allow individuals and businesses to secure e-mail communication, to conduct fully authenticated and confidential online business and to set-up trusted software distribution. GlobalSign also offers CorporateRA(tm), an out-of-the-box co-sourced PKI solution and a unique service called RootSign(tm) for corporate Certification Authorities who do not have their Root Certificate embedded in popular browsers. GlobalSign’s public root key is embedded by default in all major Internet applications such as e-mail clients and browsers. Consequently, GlobalSign certificates are globally accepted and are not limited by any application, geographic area or business sector. Furthermore GlobalSign is one of the few Certification Authorities in the world that attained the WebTrust accreditation level.

GlobalSign is part of the Ubizen group. Ubizen has a majority stake of 91% in GlobalSign.