After the user specifies a password for the BlackBerry® Wallet, each time the user types the password, the BlackBerry Wallet uses the SHA-256 double hashing function to hash the password, and uses the hash to verify the password.
The BlackBerry Wallet encrypts its data using the AES-256 algorithm. It uses the SHA-256 function to hash the data, using the BlackBerry Wallet password as the common key. If the user changes the password, the BlackBerry Wallet re-encrypts all of the data with the new password.
BlackBerry® device users must specify a password when they open the BlackBerry® Wallet for the first time. Users must provide the password each time they open the BlackBerry Wallet and each time they return to the BlackBerry Wallet after ten minutes of inactivity.
If a user types the password incorrectly ten times, the BlackBerry Wallet permanently deletes the data records and clears the password. To use the BlackBerry Wallet after it clears the password, the user must specify a new password and create new data records.