Overview

Amidst an increasing number of phishing reports involving digital certificates, several Certificate Authorities (CAs) have banded together. For the first time, these arbiters of digital trust are cooperating in an effort to proactively ensure the certificates they’re providing (OV and EV Certificates, see below) to financial institutions and others are worthy of the trust that consumers place in them.

In late June — less than a month before Google released the 64th version of its Chrome browser, which began labeling unencrypted websites as unsafe — Comodo CA, Entrust Datacard, GlobalSign, GoDaddy, and Trustwave came to a broad agreement. Dubbed the London Protocol, the pact was announced by the CA Security Council during a CA/Browser Forum event in its namesake. It boils down to an initial promise to share URLs amongst themselves that have been flagged as potentially malicious through an agreed upon protocol.

Learn More About This Report & Javelin

Related content

March 28, 2025
Leverage MITRE Frameworks for Effective Cyber Investment

Cyber defense strategies in 2025 will lean more heavily on open-source frameworks like MITRE ATT&CK and MITRE OCCULT as financial institutions align risk to investment prioritizati...

February 11, 2025
Trump’s Cyber Avalanche and the Impact on U.S. Financial Institutions

For U.S. financial institutions, the twists and turns of the last few weeks around political promises that have quickly resulted in short-term wins for banks should be viewed with ...

January 30, 2025
New Stakes for Cyber Resiliency in the Era of Cyberwarfare

The war in Ukraine, the Iran-Israel conflict, and increasing tension between the United States and China have raised new concerns and emphasis around geopolitical risks. Attacks ag...

Make informed decisions in a digital financial world

Let's Connect