Blackberry

From Swivel Knowledgebase Wiki

Contents 1 Overview 2 Installing the Client 2.1 Over the air 2.2 Blackberry Desktop 3 Navigation 4 Configuration 5 Provisioning 6 Downloading Strings 7 Authentication 8 Configuring the PINsafe Authentication 9 Known Issues 10 Tested Mobile Phones

Overview

The PINsafe Mobile Phone Client allows 99 security strings or One Time Codes for PINless authentication to be stored on the Blackberry. These can be updated at any time from the client.

For Blackberry Devices of OS Version 4.5 and later a Blckberry Client app exists as described below. For earlier devices the Swivel Swivlet can be installed; please refer to the Swivlet How To Guide

There are two versions of the Blackberry Mobile Phone client one for Versions 3.8 and later and one for earlier versions.

This article covers the Blackberry client for PINsafe, for other phones see Mobile Phone Client

Installing the Client

There are a number of ways of installing the client. Over the air is the recommended approach.

All the files required for either method are available here Blackberry Software

Over the air

To install the client over-the-air you need to use the browser on you blackberry device and navigate to the location of the client .jad file.

This will instigate the download and installation of the client.

You may be prompted to allow the application "trusted status". You should respond Yes to this. You do not need to edit the applications permissions.

You can place the files required to perform OTA provision on a web-server of your choosing or you can install the client from the demo site.

https://demo.swivelsecure.com/Rim/PinsafeClient.jad

If you wish to use the client with PINsafe 3.7 or older, you can use a version that is backward compatible.

https://demo.swivelsecure.com/Rim/pre38/PinsafeClient.jad

When used in conjuntion with pre 3.8 versions, there is no requirement to provision the client

Blackberry Desktop

It is also possible to install the application via the Blackberry Desktop software.

For this you need to extract the application. From the desktop software select import and then select the .alx file.

However the .alx file may need to be edited to reflect your device Java and OS version.

Navigation

You can navigate either using the selectable buttons on the user-interface or the menus. Certain devices lend themselves to different methods.

To get back to the main screen from any other screen use the cancel option.

Configuration

Before you can provision the client you need to configure it. The configuration screen has the following entries

Debug This is a message field that shows the last error encountered or action completed relating to the cient attempting to connect to the Swivel server. It is a read-only field

Username As recognised by the Swivel Authentication Platform

Server The host name of the Swivel Authentication Platform as accessible by the client. nb No http:// or https:// prefix required.

Context The context or path the client should use on the host to me able to communicate with the platform. For appliances this would be proxy by default.

Port The port the client should use on the host to me able to communicate with the platform. For appliances this would be 8443 by default.

SSL Is SSL communication required. Default is yes for appliances.

PINless Is the user a pinless user.

Once these settings are complete the client can be provisioned.

If using in pre version 3.8 client there will be no debug field but there will be a pre38 setting which must be selected to use the client with a pre 3.8 version.

If pre38 is set then there is no need to provision the client.

Provisioning

In order to provision the client you need to obtain a provision code. This will usually be sent to you by the administrator of your Swivel Platform or you maybe able to request one to be sent. A provision code is a 10 character code that you enter on the provision screen. Once you enter the code and select provision, the client will contact the platform and if the code is valid you device will be provisioned. See also Mobile Provision Code.

Downloading Strings

To download security strings select the refresh option.

Authentication

To authenticate using the client select the authenticate option. This will then display the security string you need to use to authenticate. Note the actual format you need to enter into the login-form is 1234,56 where 1234 represents your one-time code and 56 represents the string index.

Configuring the PINsafe Authentication

PINsafe can authenticate users by RADIUS or Agent-XML authentication

• For RADIUS authentication see RADIUS Configuration Note: The access device must be configured to use PAP for authentication.

• For Agent-XML authentication see XML Authentication Configuration

Known Issues

Tested Mobile Phones

The following phones have been tested

Mobile Phone Compatibility

Manufacturer	Model	Version	Operator	Compatible Y/N	Client Version
Blackberry	Curve 8520	v4.2.0.135	O2	Y	1.0.1
Blackberry	Curve 8900	(Emulator)	N/A	Y	1.0.1
Blackberry	9300	v6.6.0.195	Not Known	Y	Not Known
Blackberry	9300	v6.6.0.207	Not Known	Y	Not Known
Blackberry	Torch 9810	v6	O2	Y	1.0.1