Opening An Encrypted And Authenticated Connection To The Blackberry Smart Card Reader; Secure Pairing Pin - Blackberry PRD-09695-004 - SMART Card Reader Overview

IT policy rule
Maximum PC Long Term Timeout
Maximum PC Bluetooth Traffic Inactivity
Timeout
Maximum Number of PC Transactions
Maximum Number of PC Pairings
The BlackBerry Smart Card Reader also uses the Disable Radio When Cradled IT policy rule, which controls whether
the wireless adapter is turned off when the BlackBerry device is connected to USB peripherals. If you change this
rule to Yes, the Bluetooth wireless adaptor of the BlackBerry Smart Card Reader is turned off whenever the
BlackBerry Smart Card Reader is connected to a computer using a USB connection.
For more information. see the BlackBerry Enterprise Server Policy Reference Guide.
Opening an encrypted and authenticated connection to the
BlackBerry Smart Card Reader
Before the BlackBerry® Smart Card Reader and a BlackBerry device or computer can open an encrypted and
authenticated connection between them, the BlackBerry Smart Card Reader and the BlackBerry device or computer
must perform a Bluetooth® pairing process to open a Bluetooth connection. The BlackBerry Smart Card Reader and
the BlackBerry device or computer can then perform a secure pairing process to open a connection between the
smart card and the BlackBerry device or computer. The secure pairing process is designed to allow the BlackBerry
Smart Card Reader and the BlackBerry device or computer to encrypt and authenticate the data that they send
between them over the application layer.
During the secure pairing process the following events occur:
•
the initial key establishment protocol creates a shared device transport key on the BlackBerry device or
computer and the BlackBerry Smart Card Reader that the BlackBerry device or computer and the
BlackBerry Smart Card Reader use to encrypt and decrypt the data that they send between them
•
the connection key establishment protocol creates a shared connection key on the BlackBerry device or
computer and the BlackBerry Smart Card Reader that the BlackBerry device or computer and the
BlackBerry Smart Card Reader use to send data between them
The user must perform a Bluetooth pairing process once only but must perform a secure pairing each time that the
BlackBerry device or computer deletes the secure pairing information. You can control when the BlackBerry device or
computer deletes the secure pairing information using BlackBerry Enterprise Server IT policy rules for the BlackBerry
Smart Card Reader.

Secure pairing PIN

The first time that the BlackBerry® Smart Card Reader connects to a BlackBerry device or computer, the BlackBerry
Smart Card Reader pairs with the BlackBerry device or computer using Bluetooth® technology and generates a
secure pairing PIN. The secure pairing PIN is designed to protect data as it travels between the BlackBerry Smart
Description
This rule specifies the maximum time, in hours, after a computer and
the BlackBerry Smart Card Reader open the secure pairing connection
between them that the computer and the BlackBerry Smart Card
Reader delete the secure pairing information.
This rule specifies the maximum time, in minutes, of inactivity over the
Bluetooth connection between the BlackBerry Smart Card Reader and
a computer before the computer and the BlackBerry Smart Card
Reader delete the secure pairing information.
This rule specifies the maximum number of transactions (smart card–
related operations) that a computer and the BlackBerry Smart Card
Reader can send and receive between them before the computer and
the BlackBerry Smart Card Reader delete the secure pairing
information.
A transaction is any request and response set of data packets other
than a connection heartbeat.
This rule specifies the maximum number of computers that can pair
with the BlackBerry Smart Card Reader.
14