With Certicom technology and elliptic curve cryptography Visto stays ahead of evolving standards

MISSISSAUGA, Ontario – (October 31, 2006) –Certicom Corp. (TSX: CIC) today announced that Visto Corporation has licensed Certicom technology to ensure its mobile email and messaging platform provides authentication and confidentiality to secure users access to email and files.

This contract is an expansion of an existing agreement between the two companies that dates back to 2001. Under the agreement, Visto will pay a one-time license fee, entitling them to deploy a fixed number of seats. The agreement provides for additional revenue through royalties.

By using Certicom’s Security Builder® Crypto™ (with support for Palm, Symbian, and Windows CE operating systems) in its Visto Mobile push email platform, Visto can offer its customers the latest and most secure mobile email access. Security Builder is optimized for small code size and includes elliptic curve cryptography- (ECC) based and legacy algorithms, as well as the latest certifications, and support for new versions of operating systems and platforms. Because of its strength and efficiency, and use in government and commercial standards, a growing number of organizations are implementing ECC.

“Our customers want to know that their valuable files are being protected and authenticated by proven, mature security implementations that don’t compromise the performance of their applications’ primary functions,” said Jean Tripier, executive VP and chief operating officer at Visto. “Certicom’s business is security. They have a team of cryptography and security experts who have spent the past two decades developing strong and efficient security implementations for constrained devices. Few, if any, other companies can offer that level of experience and competence.”

Visto also appreciates the flexible Certicom® Security Architecture™ that helps them to meet the evolving needs of today’s wireless networks. The architecture enables companies to use a common application programming interface (API) across multiple platforms and devices to easily add security features as needed. The common API maximizes code reuse thereby enabling developers to get to market faster.

“The ever-increasing value of content being sent across wireless networks demands a reliable security solution that keeps pace with evolving standards and protocols,” said Ian McKinnon, president and CEO of Certicom. “Our solutions offer that level of security. Visto is one of several leading wireless platform and device manufacturers that have come to rely on us for it.”

Security Builder Crypto is one of several modules that comprise the Certicom Security Architecture, a comprehensive and portable solution designed to allow developers to quickly and cost-effectively embed security across multiple families and generations of devices.

About Certicom
Certicom protects the value of your content, applications and devices with government-approved security. Adopted by the National Security Agency (NSA) for classified and sensitive but unclassified government communications, Elliptic Curve Cryptography (ECC) provides the most security per bit of any known public-key scheme. As the undisputed leader in ECC, Certicom security offerings are currently licensed to more than 300 customers including General Dynamics, Motorola, Oracle, Research In Motion and Unisys. Founded in 1985, Certicom's corporate offices are in Mississauga, ON, Canada with worldwide sales headquarters in Reston, VA and offices in the US, Canada and Europe. Visit www.certicom.com

Certicom, Certicom ECC Core, Certicom Security Architecture, Certicom Trust Infrastructure, Certicom CodeSign, Certicom KeyInject, Security Builder, Security Builder API, Security Builder BSP, Security Builder Crypto, Security Builder ETS, Security Builder GSE, Security Builder IPSec, Security Builder MCE, Security Builder NSE, Security Builder PKI and Security Builder SSL are trademarks or registered trademarks of Certicom Corp. All other companies and products listed herein are trademarks or registered trademarks of their respective holders. Information subject to change.

Forward-Looking Statements
Except for historical information contained herein, this news release contains forward-looking statements that involve risks and uncertainties. Actual results may differ materially. Factors that might cause a difference include, but are not limited to, those relating to the acceptance of mobile and wireless devices and the continued growth of e-commerce and m-commerce, the increase of the demand for mutual authentication in m-commerce transactions, the acceptance of Elliptic Curve Cryptography (ECC) technology as an industry standard, the market acceptance of our principal products and sales of our customer's products, the impact of competitive products and technologies, the possibility of our products infringing patents and other intellectual property of fourth parties, and costs of product development. Certicom will not update these forward-looking statements to reflect events or circumstances after the date hereof. More detailed information about potential factors that could affect Certicom's financial results is included in the documents Certicom files from time to time with the Canadian securities regulatory authorities.

The shares of the company described above have been offered only to qualified institutional buyers in reliance on Rule 144A under the Securities Act of 1933, as amended (the "Securities Act"), and outside the United States pursuant to Regulation S of the Securities Act. The shares have not been registered under the Securities Act and may not be offered or sold in the United States or to a U.S. Person absent registration or an applicable exemption from registration requirements.

This press release does not constitute an offer to sell or the solicitation of an offer to buy any security and shall not constitute an offer, solicitation or sale in any jurisdiction in which such offering would be unlawful.

For further information, please contact: