User guide
Battery power requirements for BlackBerry Device Software updates over the wireless network .................................112
Data flow: Preparing to send a BlackBerry Device Software update over the wireless network..................................... 112
How a device validates a BlackBerry Device Software update over the wireless network............................................. 113
Updating the BlackBerry Device Software from an update web site .................................................................................. 113
Protecting cryptographic services data when updating the BlackBerry Device Software from an update web site ....... 113
Data flow: Generating a BlackBerry services key that protects cryptographic services data ........................................ 114
Data flow: Backing up cryptographic services data using the BlackBerry Desktop Manager........................................ 115
Data flow: Restoring cryptographic services data using the BlackBerry Desktop Manager or BlackBerry
Application Web Loader
............................................................................................................................................ 115
15 Extending messaging security to a device .....................................................................................116
Extending messaging security using PGP encryption.........................................................................................................116
PGP public keys and PGP private keys ...................................................................................................................... 117
Retrieving PGP keys from a PGP Universal Server or LDAP servers............................................................................. 117
Encryption algorithms that the device supports for PGP encryption ........................................................................... 118
Data flow: Sending an email message using PGP encryption ......................................................................................118
Data flow: Receiving a PGP encrypted message ........................................................................................................ 119
Extending messaging security using S/MIME encryption................................................................................................... 120
S/MIME certificates and S/MIME private keys ............................................................................................................120
Retrieving S/MIME certificates and checking certificate status .................................................................................. 121
S/MIME encryption algorithms ..................................................................................................................................121
Data flow: Sending an email message using S/MIME encryption ................................................................................ 122
Data flow: Receiving an S/MIME-encrypted email message ....................................................................................... 123
Extending messaging security using IBM Notes encryption............................................................................................... 124
Protecting the password for an IBM Notes .id file....................................................................................................... 124
Data flow: Sending an email message using IBM Notes encryption.............................................................................125
Data flow: Receiving an IBM Notes encrypted message..............................................................................................126
Extending messaging security for attachments ................................................................................................................ 127
Data flow: Viewing an attachment in a PGP encrypted message or S/MIME-encrypted message .................................127
Data flow: Viewing an attachment that is encrypted using S/MIME encryption, PGP/MIME encryption, or OpenPGP
encryption ................................................................................................................................................................128
Data flow: Sending an S/MIME-protected email message that contains attachments that are located on a device........128
Data flow: Forwarding an S/MIME-protected email message that contains attachments that are not located on a
device.......................................................................................................................................................................129
16
Configuring two-factor authentication and protecting Bluetooth connections.................................131
BlackBerry Smart Card Reader.........................................................................................................................................131
Advanced Security SD cards ............................................................................................................................................131
Two-factor authentication ............................................................................................................................................... 132
Verifying that a device is bound to a smart card..........................................................................................................132
Data flow: Turning on two-factor authentication using a smart card............................................................................ 133
Creating two-factor authentication methods ..............................................................................................................133
Two-factor content protection ......................................................................................................................................... 134