Advanced Security SD cards
Similar to the BlackBerry® Smart Card Reader, an Advanced Security SD card permits a user to prove the user’s identity to the BlackBerry device using what the user has (smart card) and what the user knows (smart card password). The BlackBerry® Enterprise Solution supports Advanced Security SD cards that use the security system for the MCEX smart card.
- unlock the BlackBerry device and access BlackBerry services and PKI applications using two-factor authentication
- digitally sign and encrypt email messages and PIN messages using S/MIME encryption when the user installs the S/MIME Support Package for BlackBerry® smartphones on the BlackBerry device
- decrypt S/MIME-encrypted email messages and PIN messages
- import certificates that are stored on the Advanced Security SD card into the NV store of the BlackBerry device flash memory
- open SSL connections
To configure the BlackBerry device to support an Advanced Security SD card, a user must insert the Advanced Security SD card into the BlackBerry device and install the smart card driver of the Advanced Security SD card on the BlackBerry device using the BlackBerry® Desktop Manager. After the user installs the smart card driver on the BlackBerry device, the user can configure the driver settings in the security options, on the Smart Card screen.
To control how a BlackBerry device can use an Advanced Security SD card, you can use the Force Smart Card Two-Factor Authentication IT policy rule, Force Smart Card Two Factor Challenge Response IT policy rule, or Disable Certificate or Key Import From External Memory IT policy rule.
For more information about configuring the BlackBerry device to support an Advanced Security SD card, see the user guide for the BlackBerry device. For more information about using IT policy rules, see the BlackBerry Enterprise Server Policy Reference Guide.