To prevent tampering or compromise of applications by unauthorized parties, software developers digitally sign their programs with code signing certificates.

Code signing is the process of digitally signing application executables and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was signed. The process uses  a cryptographic hash to validate authenticity and integrity of the applications underlying code. This greatly improves the ability of the anti-virus to determine if a software application has been compromised.

A Code Signing Certificate works on Public Key Infrastructure (PKI)  consisting of a public key and private key. The private key is used to sign the data, and the public key is used to confirm the signature of the data. Upon signing the software code, the applications are timestamped to avoid unwanted expirations of the digital certificate.

Our Continuous Build Server is programmed to Code sign an application whenever it is compiled for testing and/or release,

The Certificate of Authority is handled by SSL Digital Authentication Services. For more information on Code Signing visit:

//www.ssl.com/certificates/code-signing/