Specifications
How the BlackBerry Device Service protects
a TCP/IP connection to the BlackBerry
Infrastructure
After the BlackBerry Device Service and the BlackBerry Infrastructure open an SRP connection, the BlackBerry Device
Service uses a persistent TCP/IP connection to send data to the BlackBerry Infrastructure.
The TCP/IP connection between the BlackBerry Device Service and BlackBerry Infrastructure is secure because the
BlackBerry Device Service and device encrypt the data that they send to each other. No intermediate point decrypts and
encrypts the data again.
After the activation process begins, no data traffic of any kind can occur between the BlackBerry Device Service and an
activated device unless the BlackBerry Device Service can decrypt the data using a valid device transport key. Only the
BlackBerry Device Service and the device have the correct device transport key.
You must configure your organization’s firewall or proxy server to permit the BlackBerry Device Service to start and
maintain an outgoing connection to the BlackBerry Infrastructure over TCP port 3101.
Security Technical Overview How the BlackBerry Device Service and the BlackBerry Infrastructure authenticate with each other
14