Important:
This is retired content. This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.
4/14/2010

When developing applications for Windows Mobile devices, you will soon encounter the Windows Mobile Security Model. As Windows Mobile devices became more sophisticated, and began to include phone and other networking capabilities, it became necessary to protect users - and telephone networks - from malicious software. In most situations, before your application can be deployed to a general audience, you must confirm your identity, or your company's identity, by having your application code-signed.

The code signing process adds encrypted information that the Windows Mobile device uses to decide whether to "trust" the application. When an application is trusted, it can be installed without issuing warning statements. In some situations, depending on the supplier of the device, the device simply cannot install un-trusted applications.

To sign an application for public release, you need an account with one of several companies that provide this service. Microsoft does not own or manage the code signing process.

You do not need to repeatedly sign an application during its development However, you may need to contact the OEM or supplier of your development device to ensure that the device will permit installation of applications that have been signed with the default certificates from the Windows Mobile Professional SDK and Windows Mobile Standard SDK. Determine this before buying a development device.

Related Sections

Signing an Application or Cabinet File for Release to the Public

Provides information about code signing applications, and links to code sign partners.

Testing How an Application Will Behave Under Different Security Configurations

Describes the restrictions enforced by the security model, and how to test your application accordingly.

See Also