Overview

Amidst an increasing number of phishing reports involving digital certificates, several Certificate Authorities (CAs) have banded together. For the first time, these arbiters of digital trust are cooperating in an effort to proactively ensure the certificates they’re providing (OV and EV Certificates, see below) to financial institutions and others are worthy of the trust that consumers place in them.

In late June — less than a month before Google released the 64th version of its Chrome browser, which began labeling unencrypted websites as unsafe — Comodo CA, Entrust Datacard, GlobalSign, GoDaddy, and Trustwave came to a broad agreement. Dubbed the London Protocol, the pact was announced by the CA Security Council during a CA/Browser Forum event in its namesake. It boils down to an initial promise to share URLs amongst themselves that have been flagged as potentially malicious through an agreed upon protocol.

Book a Meeting with the Author

Related content

November 18, 2025
2025 Dark Web Threat Intelligence Vendor Scorecard

Javelin’s newest cybersecurity scorecard, the 2025 Dark Web Threat Intelligence Vendor Scorecard, evaluates leading dark web threat intelligence vendors on the market today. This i...

November 06, 2025
2026 Cybersecurity Trends

In the year ahead, financial services will face several trending challenges as they try to keep organizations and customers safe. Zero trust will come to the forefront of supply ch...

October 21, 2025
Social Signals, Malicious Motives: Emojis as a Cyber Weapon

Cybercriminals leverage emojis to evade defenses and use them in phishing and spoofing attacks to deceive victims and steal sensitive information. Emojis are also used to control c...

Make informed decisions in a digital financial world

Let's Connect