Join Our 3 MILLION+ Members Today! Register Here | Login
 
 
 
 
 
 
Home»BlackBerry News»News & Rumors, Enterprise

BlackBerry Smart Card reader receives FIPS approval

by Isaac Kendall on 21 Jul 2011 10:28 AM
13
 
Smart Card Reader (front)

OK time to get your enterprise propeller hat on, the BlackBerry Smart Card reader has now been given FIPS 140-2 approval.  If you know what that means, you're excited at this good news and can now scroll down and click on the link to the NIST Computer Security Resource Center for more enterprise pr0n.  If you have no idea what a FIPS certification on a Smart Card reader is, I'll give you a quick snapshot without putting you to sleep.

We got a real world glimpse of the Smart Card reader in action just last week when Kevin posted the video inside the next generation police car powered by a BlackBerry PlayBook.  Essentially the Smart Card reader provides two-factor authentication to use your BlackBerry.  First factor presumably would be the device password and the second is your smart card inserted in the card reader and is witinh the 30-foot Bluetooth range of your BlackBerry smartphone.

That's really all it is.  This is a product that would be used by the extremely sensitive crowd who can't risk the content stored on a BlackBerry be compromised. Some may ask "Isn't the BlackBerry password good enough?  After 10 tries it wipes the device back to factory out-of-the-box doesn't it?"

Well yes it does, but if I put my device down it could be anywhere from 5 to 30 minutes before the lock enables itself.  If a police officer leaves this next generation police car in pursuit of a suspect and leaves the BlackBerry in the vehicle with the smart card reader in his pocket, the BlackBerry will lock up when the two pieces leave Bluetooth range. Keep reading for more.

OK so what is a FIPS 140.2 certification?  FIPS - Federal Information Processing Standard - this is the cryptographic gold standard for the US government and is the required standard for many government agencies on their computers and handheld devices.  The FIPS 140-2 certification is issued by the National Institute of Standards and Technology.  A FIPS 140-2  certificate applies to an exact module name, hardware, software, firmware and/or applet version.  Translation: if RIM needs to 'tweek' something on this device it will need to be re-certified by NIST to maintain the 140-2.

There you go, now we're all smart card and FIPS 140-2 experts! Well, not really, but in the wake of all the news lately that RIM's customers are jumping ship, they still hold one very strong position in the very secure corporate and government needs.  For the other smartphone competitors, there is no app for that.

More information on the BlackBerry Smart Card Reader
Not for the faint of heard - NIST FIPS Certifications

Filed Under: News & Rumors, Enterprise; Tags: Enterprise, Smart Card
Send to a Friend
 
Login or Register to post comments

13 Comments

Posted by seb.hebert Thursday, Jul 21, 2011 307 days ago

This is awesome!! (first)

 
 
Posted by eKafara Thursday, Jul 21, 2011 307 days ago

Always nice to see them get FIPS 140-2 approval. : )

 
 
Posted by mnemanov Thursday, Jul 21, 2011 307 days ago

while I dont need FIPS level security, the ability to pair a phone with ANY bluetooth device and as long as it's within range, the device stays unlocked, and then locks automatically when it goes out of range, would be pretty convenient for us regular folks.

 
 
Posted by Kerri Neill Thursday, Jul 21, 2011 307 days ago

Some of the Air Force recruiting teams have these for their BlackBerrys. I've actually seen one in action and they are pretty cool. I can see how this would bring peace of mind to those who have highly sensitive data on their devices.

 
 
Posted by JR750 Thursday, Jul 21, 2011 307 days ago

My IT department is very excited about this.. They have been notifying everyone that they will be implimenty the BB Smart Card in the up coming months.. I think its a great idea!

 
 
Posted by Disparishun Thursday, Jul 21, 2011 307 days ago

Slightly unrelated, but this reminds me of the Motorola Titanium stories we all read last week -- Motorola's ruggedized Blackberry knock-off that meets MilSpec 810G. Would love to see RIM transition the Curve into a ruggedized model that, in addition to FIPS 140-2, can meet MilSpec 810G.

 
 
Posted by Charlieo132 Thursday, Jul 21, 2011 307 days ago

"strong position in the very secure corporate and government needs.  For the other smartphone competitors, there is no app for that."

Couldn't have said it better myself. Very funny btw.

 
 
Posted by 00stryder Thursday, Jul 21, 2011 306 days ago

+1

 
 
Posted by cdoggLBC Thursday, Jul 21, 2011 307 days ago

"Essentially the Smart Card reader provides two-factor authentication to use your BlackBerry. First factor presumably would be the device password and the second is your smart card inserted in the card reader"...

You do get 2-factor auth, but this isn't exactly how it works. The password is actually the decryption key to the small memory on the smart card. That decryption key unlocks the smart card which allows a your private key PKI digital certificate to be transferred to the BlackBerry from the card. The certificate itself is what decrypts data on the device, unlocks the device, etc..

 
 
Posted by flyersfan76 Thursday, Jul 21, 2011 307 days ago

But, But, But. How can this be. Research in Motion ONLY makes smartphones, says the Haters.

Yup RIM knows how to deverisfy.

This should help defend RIM even more. So no people can scan there cards to enter their security room that houses the QNX power Nuclear Power Plant computer.

 
 
Posted by lnichols Thursday, Jul 21, 2011 307 days ago

Playbook Crypto Kernel just FIPS approved at noon today. Certificate 1578!

http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm

 
 
Posted by Canada Panda Thursday, Jul 21, 2011 307 days ago

Amazing. Now how about a personal version? :D My inbox gets some confidential law enforcement mumbo jumbo but I'm pretty certain we won't be getting smart cards just yet.

Also, some good news for BlackBerry fans, I have yet to see any iPhone or Android device in the hands of front line law enforcement. It's all BlackBerry, and they get used (and abused) A LOT. This is one userbase where the competitors don't seem to have even made a dent.

 
 
Posted by Thetnaung Sunday, Jul 24, 2011 304 days ago

what about if the police also leave the card in vehicle with the playbook :)