Font Size

- Aa +

Tue 3 Aug 2010 05:54 PM

Font Size

- Aa +

BlackBerry's response: RIM statement in full

Research in Motion, maker of the BlackBerry, hits back to reassure customers on security.

Dear Valued BlackBerry Customer:

Due to recent media reports, Research In Motion (RIM) recognizes that some customers are curious about the discussions that occur between RIM and certain governments regarding the use of encryption in BlackBerry products. RIM also understands that the confidential nature of these discussions has consequently given rise to speculation and misinterpretation.

RIM respects both the regulatory requirements of government and the security and privacy needs of corporations and consumers. While RIM does not disclose confidential regulatory discussions that take place with any government, RIM assures its customers that it is committed to continue delivering highly secure and innovative products that satisfy the needs of both customers and governments.

Many public facts about the BlackBerry Enterprise Server security architecture have been well established over the years and remain unchanged. A recap of these facts, along with other general industry facts, should help our customers maintain confidence about the security of their information.

• RIM operates in over 175 countries today and provides a security architecture that is widely accepted by security conscious customers and governments around the world.

• Governments have a wide range of resources and methodologies to satisfy national security and law enforcement needs without compromising commercial security requirements.

• The use of strong encryption in wireless technology is not unique to the BlackBerry platform. Strong encryption is a mandatory requirement for all enterprise-class wireless email services.

• The use of strong encryption in information technology is not limited to the wireless industry. Strong encryption is used pervasively on the Internet to protect the confidentiality of personal and corporate information.

• Strong encryption is a fundamental requirement for a wide variety of technology products that enable businesses to operate and compete, both domestically and internationally.

• The BlackBerry security architecture was specifically designed to provide corporate customers with the ability to transmit information wirelessly while also providing them with the necessary confidence that no one, including RIM, could access their data.

• The BlackBerry security architecture for enterprise customers is based on a symmetric key system whereby the customer creates their own key and only the customer ever possesses a copy of their encryption key. RIM does not possess a "master key", nor does any "back door" exist in the system that would allow RIM or any third party to gain unauthorized access to the key or corporate data.

• The BlackBerry security architecture for enterprise customers is purposefully designed to exclude the capability for RIM or any third party to read encrypted information under any circumstances. RIM would simply be unable to accommodate any request for a copy of a customer's encryption key since at no time does RIM, or any wireless network operator, ever possess a copy of the key.

• The BlackBerry security architecture was also purposefully designed to perform as a global system independent of geography. The location of data centers and the customer's choice of wireless network are irrelevant factors from a security perspective since end-to-end encryption is utilized and transmissions are no more decipherable or less secure based on the selection of a wireless network or the location of a data center. All data remains encrypted through all points of transfer between the customer's BlackBerry Enterprise Server and the customer's device (at no point in the transfer is data decrypted and re-encrypted).

RIM assures customers that it will not compromise the integrity and security of the BlackBerry Enterprise Solution.

For all the latest UAE news from the UAE and Gulf countries, follow us on Twitter and Linkedin, like us on Facebook and subscribe to our YouTube page, which is updated daily.
Marina Matt 9 years ago

At least they are sticking by their product - which is clearly an excellent one otherwise it wouldn't have been banned. What this does do, it raise two questions: 1) Does this mean that all the other phone systems that are available here are not secure? 2) What happens in future when other phone developers start to beef up the security on phones and other communication devices for their customers? Will later generations of iPhones get banned too?

Jiten Menda 9 years ago

All other phone systems are networked directly with the service provider and all voice/data goes through their systems - in essence allowing them to monitor anything that goes through. With the BlackBerry BIS/BES solutions this isn't the case because of the security they've build and guranteed their customers both personal and corporate. The Govts must have thought about banning these services a long time ago. In Dubai's case, once the telco realized this would hurt their income they decided to create a 'patch' as a workaround which as you all know blew out of the water in no time. They just had no choice but to proceed with an all out ban at this point. Now it will be interesting to see what RIM does if anything to control the potential domino effect happening in the middle east and surrounding countries.

Mohammed Al Ali 9 years ago

i strongly believe it's UAE right as well All other goverment to have access toall data transmitetion, if a durg dealer, terrorist, ...etc plan somthing bad and comunicate with outsider's then RIM will not support the gov to find who's behind it. and as public all we need and look for safity, tha'ts why thousands of indian, east asian, latin americans and more nation love to live in UAE, the peace and the safity, so hope the keep bannding RIM, till the provide the needed

rob 9 years ago

this is all nonsense. as usual it is the local phone providers just working out that with instant messenger they are losing revenue and they are hiding behind rules for this. sure if BB was to cut them in on the revenue overnight this would disappear. do not be narrow minded about drug dealers and terrorists. what do you think they used before BB arrived.... :)

typical less than sterling performance by TRA 9 years ago

All the rest is blah blah blah.... The second point clearly states that governments have "other" means to satisfy their security needs. I translate for you: "other governments have the hardware and software to break the encryption" The UAE do not seem to be able to get the same technology. (I suspect the usual reasons that we see in other sectors.) Therefore they try to pressure RIM. That might work for India and Saudi as they are big markets, that might not work for the UAE. RIM might just decide that they can develop their business without 0.1% of the world's population.

Tarek Merhebi 9 years ago

At the end RIM will go my the UAE rules coz that is the way it should go we don’t have doubt about ur security RIM but still u have to go by every country policy thank you

Madzone 9 years ago

1- Any terrorist and Drug Dealer never use commercial products for communication. What do you think they will send each other emails or messages through blackberry. If US President is using blackberry it means it is secure. :-) 2- Yes , It is very sorry to say that It is true mostly mobile email communications are not secure. That includes your favorite IPHONE. I think you are completely unaware of security problems. 2.1 - I have a question from all Iphone lovers, What is the reason IPHONE sold in millions is far away from entering enterprise world. Simple Answer : Because it is not considered secure. for more information search Google. 3- Main beauty of BB is that secure communication and instant delivery of emails and data. I have designed solution for number of devices but in content delivery no one can beat blackberry, this is the reason in Business Communication till now no one can beat blackberry. 4- Blackberry services are purely for Business use do not try to compare it with phone or services used by kids or normal tom dick and harry. 5- RIM Always support Govt. IF THERE IS A PROPER REGISTERED CASE they can provide access to communication but not open monitoring. 6- My question is What if Some one starts using PGP for communication with very very strong encryption in emails. Then What will happen ?

Kishani 9 years ago

You have to respect RIM for sticking to its morals. As mentioned by previous readers there are other ways to go about creating national security!

nab78 9 years ago

i wonder they the above "statement" is not on RIM or BB website? Mr. free media !

Kazim Kirmani 9 years ago

Security services agencies in USA 'reportedly' have access to data transmitted over BB services. While I can understand and appreciate the need to secure all data from public viewing; giving access to law enforcement agencies should be excluded from such an arrangement. Also, if you note; the whole statement talks about Enterprises holding the encryption keys to their respective companies data (which I'm assuming refers to corporate email). What about BB Messenger and web browsing on BB devices? No company I know of allows the exchange of confidential matters over these 2 applications, so why is RIM so fussed about giving access to law enforcement agencies on these 2 applications? And what about BB devices issued to individual customers? Which 'enterprise' client are they linked to and who holds their encryption keys?? UAE has every right to take decisions of national interest, and I believe we need to respect its sovereign right to refuse to entertain BB services in its territory if RIM does not comply with its security requirements.o