Why can’t TrustID | EV Code Signing | Organization Identity | Hardware Storage Certificates be issued in the browser as software certificates?
The TrustID® Certificate Policy that governs this type of certificate establishes that TrustID | EV Code Signing | Organization Identity | Hardware Storage Certificates must be issued on hardware devices compliant with FIPS 140-2 Level 2 or higher security assurance. IdenTrust offers USB tokens for this purpose. This additional security requirement not only offers two-factor authentication but also prohibits the private key from being exported, thus offering additional assurance to relying parties on the ownership of the certificate holder.
IdenTrust also offers a EV Code Signing | Organization Identity | Hardware Storage (HSM) certificate for those who have their own storage device.