Overview

Amidst an increasing number of phishing reports involving digital certificates, several Certificate Authorities (CAs) have banded together. For the first time, these arbiters of digital trust are cooperating in an effort to proactively ensure the certificates they’re providing (OV and EV Certificates, see below) to financial institutions and others are worthy of the trust that consumers place in them.

In late June — less than a month before Google released the 64th version of its Chrome browser, which began labeling unencrypted websites as unsafe — Comodo CA, Entrust Datacard, GlobalSign, GoDaddy, and Trustwave came to a broad agreement. Dubbed the London Protocol, the pact was announced by the CA Security Council during a CA/Browser Forum event in its namesake. It boils down to an initial promise to share URLs amongst themselves that have been flagged as potentially malicious through an agreed upon protocol.

Book a Meeting with the Author

Related content

April 30, 2026
2026 U.S. Identity Protection Services Market Report: U.S. Market Poised to Hit $18 Billion by 2027

The U.S. identity theft protection services (IDPS) market is forecast to hit $18 billion by the end of 2027, as consumer investment in identity theft protection continues to grow. ...

March 31, 2026
Iran Cyber Risk: ‘Five-Alarm Fire’ for U.S. Banks, Critical Infrastructure

Iran-linked cyber activity is no longer hypothetical for U.S. financial institutions. International tensions, collaboration by adversaries, and gaps in oversight are reshaping fina...

February 25, 2026
Data Transparency in the Age of Cyber and Privacy Risk

As open banking and new privacy regulations accelerate, financial institutions face rising pressure to enhance privacy and cybersecurity transparency to strengthen consumer trust. ...

Make informed decisions in a digital financial world

Let's Connect