Skip Navigation

How
CylancePROTECT Mobile
collects and uses data

For complete information about this product, see the Cylance Endpoint Security docs.
Item
Data collection and use
User information
BlackBerry
collects the following information to manage users:
  • First name
  • Last name
  • Email address
Endpoint data
BlackBerry
collects the following endpoint data to detect suspicious activity, privilege escalations, or security misconfigurations:
  • Device name
  • IP addresses
  • MAC addresses
  • OS type
  • OS version
  • Security patch level (
    Android
    only)
  • Device lock screen settings
  • Device status
  • Device manufacturer and model
Android
mobile app data
BlackBerry
collects the following information to detect malicious or suspicious applications on
Android
devices:
  • APK names
  • APK developer signature
  • APK binary hash
  • APK version
  • APK package name
  • APK installation source
Scanning for malicious apps on
Android
devices
  • The
    CylancePROTECT Mobile
    app regularly scans the apps on a user’s
    Android
    device. If any apps have a hash that the
    CylancePROTECT Mobile
    cloud services (located in Northern Virginia, US) have not previously processed, the .apk files for that app are uploaded.
  • The
    CylancePROTECT Mobile
    cloud services use AI and machine learning to analyze the app package and produce a confidence score that it returns to the
    CylancePROTECT Mobile
    app.
  • The APK files that are uploaded to the
    CylancePROTECT Mobile
    services are kept private and anonymous, with no links back to users, devices, or organizations.
  • The
    CylancePROTECT Mobile
    cloud services do not store any user data. The app packages that are uploaded are never shared with a third party.
  • The
    CylancePROTECT Mobile
    app will only upload app files to the cloud services over a
    Wi-Fi
    connection.
  • The
    CylancePROTECT Mobile
    cloud services retain app binaries and a corresponding confidence score for security purposes.
iOS
mobile app data
BlackBerry
collects the following information to detect malicious or suspicious applications on
iOS
devices:
  • iOS
    developer
  • iOS
    signer cert hash
Scanning URLs in SMS text messages for
iOS
  • When a user receives an SMS text message from an unknown sender that contains a URL, the
    CylancePROTECT Mobile
    app sends the message to the
    CylancePROTECT Mobile
    cloud services in real time.
  • The
    CylancePROTECT Mobile
    cloud services collect the entire contents of the message, however, only URLs are retained. No additional metadata or user identifiers are collected or stored. The data that is collected is never shared with a third party or used by
    BlackBerry
    for any purpose other than providing protection from malicious URLs.
  • The
    CylancePROTECT Mobile
    cloud services use advanced machine learning capabilities and accumulated knowledge from threat intelligence feeds to provide an instant assessment of the safety of the URL.
  • New incoming text messages from known contacts are automatically considered to be safe and only messages that contain URLs from unknown senders are scanned and assessed.
Scanning URLs in SMS text messages for
Android
  • When a user receives an SMS text message that contains a URL, the
    CylancePROTECT Mobile
    app sends the unaltered URL to the
    CylancePROTECT Mobile
    cloud services in real time.
  • New incoming text messages from known contacts and unknown senders are scanned and assessed.
  • The
    CylancePROTECT Mobile
    cloud services collect plain text URLs for analysis and assessment. No additional metadata or user identifiers are collected or stored. The data that is collected is never shared with a third party or used by
    BlackBerry
    for any purpose other than providing protection from malicious URLs.
  • The
    CylancePROTECT Mobile
    cloud services use advanced machine learning capabilities and accumulated knowledge from threat intelligence feeds to provide an instant assessment of the safety of the URL.
Unsafe network and insecure
Wi-Fi
checks
On
iOS
and
Android
devices, the
CylancePROTECT Mobile
app will periodically try to connect to the
CylancePROTECT Mobile
cloud services. If the connection is not successful,
CylancePROTECT Mobile
determines that the network is not safe.
On
Android
devices, the
CylancePROTECT Mobile
app periodically checks the properties of the current
Wi-Fi
access point to determine if it is secure (you can configure which
Wi-Fi
access algorithms your organization considers secure and insecure). When the
CylancePROTECT Mobile
app detects an unsafe network or insecure
Wi-Fi
access point, it is reported in the app and in the management console.
Data storage
  • BlackBerry
    uses the data described above to facilitate the performance of the EULA under which
    BlackBerry
    ’s services and products are offered. The data is shared only with necessary third-party services that are needed to fulfill the intended purpose of the services.
  • BlackBerry
    will not sell, lease, or otherwise distribute this information.
  • The endpoint data that is collected is stored in one of the following subprocessors:
    • Amazon Web Services
      ; Asia Pacific (Australia), Europe (Germany), North America (United States)
    • Google
      Firebase (message notification identifiers only): United States
    • MessageBird (SMTP relay service only): United States

Data retention

Personal data processed
Data retention period
User information
Data is removed at the end of the contract. Administrators can remove data using the management console.
Endpoint data
Data is removed 60 days after the end of the contract.
Mobile app data:
Android
&
iOS
Data is removed 60 days after the end of the contract.
SMS message data:
Android
&
iOS
Hyperlinks contained within messages are de-identified and retained indefinitely.
Potentially malicious mobile applications
Data is de-identified and retained indefinitely.