User guide
BlackBerry Smart Card Reader Security 12
IT policy rule Recommended use
Maximum Number of BlackBerry
Transactions
Specify the maximum number of transactions (smart card–related
operations) that the BlackBerry device and the BlackBerry Smart
Card Reader can send and receive before the secure pairing
information is removed from the BlackBerry device.
Maximum Bluetooth Range Specify the maximum power range, as a value between 30% (the
shortest range) and 100% (the longest range), that the BlackBerry
Smart Card Reader uses to send Bluetooth packets.
Maximum PC Disconnected Timeout Specify the maximum time, in seconds, after the computer and the
BlackBerry Smart Card Reader close the Bluetooth connection
between them that the secure pairing information for that dropped
connection is removed from the computer and the BlackBerry Smart
Card Reader.
Maximum PC Long Term Timeout Specify the maximum time, in hours, after the computer and the
BlackBerry Smart Card Reader establish the secure pairing
information between them that the computer and the BlackBerry
Smart Card Reader remove their secure pairing information.
Maximum PC Bluetooth Traffic
Inactivity Timeout
Specify the maximum time, in minutes, of secure Bluetooth traffic
inactivity permitted between the BlackBerry Smart Card Reader and
the computer before the secure pairing information is removed from
the computer and the BlackBerry Smart Card Reader.
Maximum Number of PC Transactions Specify the maximum number of transactions (smart card–related
operations) that the computer and the BlackBerry Smart Card
Reader can send and receive between them before the secure
pairing information is removed from the computer and the
BlackBerry Smart Card Reader.
Note: A transaction is any request and response set of packets other
than a connection heartbeat.
Maximum Number of PC Pairings Specify the maximum number of computers that can pair with the
BlackBerry Smart Card Reader.
Note: The BlackBerry Smart Card Reader also recognizes the Disable Radio When Cradled IT policy rule, which
controls whether or not the wireless transceiver is turned off when the BlackBerry device is connected to USB
peripherals. If you set this IT policy rule to True, the Bluetooth wireless transceiver of the BlackBerry Smart Card
Reader is turned off whenever the BlackBerry Smart Card Reader is connected to a computer using USB.
See the Policy Reference Guide for more information.
Establishing an encrypted and authenticated connection to the BlackBerry
Smart Card Reader
Before the smart card and the BlackBerry device can establish an encrypted and authenticated connection
between them, the BlackBerry Smart Card Reader and the BlackBerry device or computer must perform a
Bluetooth pairing process to establish a Bluetooth connection between the BlackBerry device or computer and
the BlackBerry Smart Card Reader. The BlackBerry device or computer and the BlackBerry Smart Card Reader
can then perform a secure pairing process to establish a connection between the smart card and the BlackBerry
device or computer that is designed to allow the BlackBerry Smart Card Reader and the BlackBerry device or
computer to encrypt and authenticate the data that they send between them over the application layer.
During the secure pairing process
• the initial key establishment protocol creates a shared master encryption key on the BlackBerry device or
computer and the BlackBerry Smart Card Reader that the BlackBerry device or computer and the BlackBerry
Smart Card Reader use to encrypt and decrypt the data that they send between them
www.blackberry.com