Authenticating and authorizing BlackBerry Pushcast Player users
The BlackBerry® Pushcast™ Player on a BlackBerry device uses SSL security, RSA® encryption and digital signatures, and the email address of a BlackBerry® Pushcast™ Software user to authenticate and authorize a device to receive content. The first time that a BlackBerry device user accesses the BlackBerry Pushcast Software, a key exchange occurs that establishes the cryptographic keys that the device uses to authenticate with the BlackBerry Pushcast Software. The BlackBerry Pushcast Software uses an email address that is associated with the device to verify that the device is associated with the user account. If a potentially malicious user reconstructs a content request and sends it to the BlackBerry Pushcast Software, the BlackBerry Pushcast Software does not process the request because it is not signed with the correct key.