Smart Card Reader (front)

OK time to get your enterprise propeller hat on, the BlackBerry Smart Card reader has now been given FIPS 140-2 approval.  If you know what that means, you're excited at this good news and can now scroll down and click on the link to the NIST Computer Security Resource Center for more enterprise pr0n.  If you have no idea what a FIPS certification on a Smart Card reader is, I'll give you a quick snapshot without putting you to sleep.

We got a real world glimpse of the Smart Card reader in action just last week when Kevin posted the video inside the next generation police car powered by a BlackBerry PlayBook.  Essentially the Smart Card reader provides two-factor authentication to use your BlackBerry.  First factor presumably would be the device password and the second is your smart card inserted in the card reader and is witinh the 30-foot Bluetooth range of your BlackBerry smartphone.

That's really all it is.  This is a product that would be used by the extremely sensitive crowd who can't risk the content stored on a BlackBerry be compromised. Some may ask "Isn't the BlackBerry password good enough?  After 10 tries it wipes the device back to factory out-of-the-box doesn't it?"

Well yes it does, but if I put my device down it could be anywhere from 5 to 30 minutes before the lock enables itself.  If a police officer leaves this next generation police car in pursuit of a suspect and leaves the BlackBerry in the vehicle with the smart card reader in his pocket, the BlackBerry will lock up when the two pieces leave Bluetooth range. Keep reading for more.

OK so what is a FIPS 140.2 certification?  FIPS - Federal Information Processing Standard - this is the cryptographic gold standard for the US government and is the required standard for many government agencies on their computers and handheld devices.  The FIPS 140-2 certification is issued by the National Institute of Standards and Technology.  A FIPS 140-2  certificate applies to an exact module name, hardware, software, firmware and/or applet version.  Translation: if RIM needs to 'tweek' something on this device it will need to be re-certified by NIST to maintain the 140-2.

There you go, now we're all smart card and FIPS 140-2 experts! Well, not really, but in the wake of all the news lately that RIM's customers are jumping ship, they still hold one very strong position in the very secure corporate and government needs.  For the other smartphone competitors, there is no app for that.

More information on the BlackBerry Smart Card Reader
Not for the faint of heard - NIST FIPS Certifications