x Abu Dhabi, UAEWednesday 17 January 2018

Security that appeals to BlackBerry users is heart of the problem

Authorities are increasingly citing security and social concerns over the communication device.

ABU DHABI // The unique encryption code that gives the BlackBerry phone one of its most appealing features to users - security of information - has made it a concern for many governments, analysts say. Following Saudi Arabia, Kuwait and Bahrain, the UAE is only the latest GCC country to voice concerns over state authorities' inability to access data passed between the devices.

According to Matthew Reed, a senior research analyst with Informa Telecoms and Media, it is the growing popularity of the BlackBerry that has prompted growing calls from governments for control over messages passed among its users. "There is a clash between the local authorities to have some control of the information for social, cultural or fiscal reasons and the fact that technologies like BlackBerry work in a different way," Mr Reed said.

"This comes as the BlackBerry has become essential to commerce in the region. There's a mismatch there." In many Gulf countries, the BlackBerry Messenger service has been increasingly used for social purposes such as dating, which has raised the ire of local authorities, he said. "The discussion expanded to a national security issue saying that the BlackBerry service could harm the country," he said.

The BlackBerry encryption used by Research In Motion (RIM) has been one of the device's main selling points, helping it gain a loyal following since its introduction in 1999. The security features behind the BlackBerry were originally designed to provide corporate users with the ability to transmit their information wirelessly with the knowledge that not even RIM could access their data. According to documents RIM provided to a US computer security agency, each BlackBerry device generates its own "master key" that is used to encrypt outgoing messages.

The data is then sent to a "network operating centre" located in either Canada or the UK. From there, the messages are relayed to the recipient's wireless provider, which in turn delivers them to their BlackBerry device and decrypts them. The "master key" is kept on the device for 30 days, after which a new key is generated. The old key is kept on the device for seven days before it is deleted.

In a statement released in 2008 following requests from the Indian government to obtain the BlackBerry security codes, RIM said it does not possess a "master key", nor is there any "back door" in the system that would allow the company or any third party to gain unauthorised access to the key or corporate data. "RIM would simply be unable to accommodate any request for a copy of a customer's encryption key since at no time does RIM, or any wireless network operator, ever possess a copy of the key," it said.

* with additional reporting by Tom Gara