Process flow: Applying the key information to a user account
- A BlackBerry® device user installs the Chalk™ Pushcast™ Player or accepts a registration request from a new content provider.
Chalk Pushcast Player generates an
RSA® key pair and sends a web services message to the
Chalk™ Pushcast™ Software to
initiate a key exchange.
The web services message contains the public key that the Chalk Pushcast Software uses to authenticate the BlackBerry device user. The Chalk Pushcast Player sends a web service message through a highly secure HTTPS transport.
- The Chalk Pushcast Software sends a random string that is encrypted using the device public key in an email message to the user's inbox to determine whether the device is associated with the user account. If the device is associated with the user account, the device can decrypt the email message.
- The device decrypts the random string.
- The device sends a web services message to the Chalk Pushcast Software that contains the random string that the device decrypted to complete the key exchange.
- The Chalk Pushcast Software checks the web services message to determine which device it was sent from by locating the random string that the web services created for the user account and verifying the digital signature.
- The web services compares
the random string with the random string that it sent to the device and
performs one of the following actions:
- If the random strings do not match, the Chalk Pushcast Software rejects the request.
- If the random strings match, the Chalk Pushcast Software applies the key information to the user account. All subsequent email messages and web services messages that the Chalk Pushcast Player sends to the Chalk Pushcast Software require this digital signature to receive email messages and content from the Chalk Pushcast Software.
- The Chalk Pushcast Player user accesses content in the Chalk Pushcast Player.