User guide
BlackBerry Smart Card Reader Security 11
IT policy rule Recommended use
Lock on Smart Card Removal Specify whether or not the BlackBerry device locks when the user
removes the smart card from a supported smart card reader or
disconnects a supported smart card reader from the BlackBerry
device.
Warning: Not all smart card reader drivers support smart card
removal detection.
Note: Use Microsoft Windows Local Security Policy settings to
specify whether or not a computer locks when the user removes the
smart card from a supported smart card reader or disconnects a
supported smart card reader from the computer.
Maximum Connection Heartbeat Period Specify the maximum heartbeat period, in seconds. During each
heartbeat period, the paired BlackBerry device or computer sends a
heartbeat, which the BlackBerry Smart Card Reader acknowledges.
If either side fails to send or acknowledge a heartbeat in the
maximum heartbeat period, the BlackBerry device or computer
closes the Bluetooth connection.
Note: When the Bluetooth connection closes, the disconnected
timer starts if you or the user enabled that feature on the BlackBerry
device or computer. The BlackBerry device or computer clears the
secure pairing keys when the disconnected timer expires. Use this IT
policy rule to prevent an attacker from using a low-level Bluetooth
heartbeat to keep the Bluetooth connection open between the
BlackBerry device or computer and the BlackBerry Smart Card
Reader and the secure pairing keys present, for an extended period
after the BlackBerry device and BlackBerry Smart Card Reader
should close the Bluetooth connection.
Maximum BlackBerry Disconnected
Timeout
Specify the maximum time, in seconds, after the BlackBerry device
and the BlackBerry Smart Card Reader close the Bluetooth
connection between them that the disconnected timeout fires.
Note: You can use the Force Erase All Keys on BlackBerry
Disconnected Timeout IT policy rule to specify whether or not the
secure pairing keys for the current BlackBerry device and computer
connections to the BlackBerry Smart Card Reader are cleared when
the disconnected timeout fires.
Maximum BlackBerry Long Term
Timeout
Specify the maximum time, in hours, after the BlackBerry device and
the BlackBerry Smart Card Reader establish the secure pairing
information between them, that the BlackBerry device and the
BlackBerry Smart Card Reader remove their secure pairing
information.
Maximum BlackBerry Bluetooth Traffic
Inactivity Timeout
Specify the maximum time, in minutes, of secure Bluetooth traffic
inactivity permitted between the BlackBerry Smart Card Reader and
the BlackBerry device before the secure pairing information is
removed from the BlackBerry device and the BlackBerry Smart Card
Reader.
Maximum Smart Card Not Present
Timeout
Specify the maximum time, in seconds, after the user removes the
smart card from the BlackBerry Smart Card Reader that the secure
pairing information is removed from the BlackBerry device and the
BlackBerry Smart Card Reader.
www.blackberry.com