security note - blackberry · pdf filehow bbm protects messages ... monitor bbm using log...

Security NoteBBM

May 2015

Published: 2015-05-29SWD-20150529152324490

ContentsDocument revision history.................................................................................................5

About this guide............................................................................................................... 6

How BBM protects messages........................................................................................... 7BlackBerry ID authentication in BBM................................................................................................................................ 7

TLS in BBM.......................................................................................................................................................................7

BBM encryption key..........................................................................................................................................................7

BBM database encryption.................................................................................................................................................8

BBM messaging architecture............................................................................................................................................ 8

BBM messaging for BlackBerry 10 devices ................................................................................................................8

BBM messaging for iOS, Android, and Windows Phone devices.................................................................................. 9

BBM messaging for BlackBerry OS devices.............................................................................................................. 10

BBM Voice and BBM Video architecture......................................................................................................................... 12

BBM Voice and BBM Video call setup...................................................................................................................... 13

BBM Voice and BBM Video call data transfer........................................................................................................... 14

Managing BBM using an EMM solution from BlackBerry................................................. 17BES12 managing BlackBerry 10 devices......................................................................................................................... 18

Monitor BBM using log files on regulated BlackBerry Balance and work space only devices...................................... 18

Preventing users from sharing work data during BBM Video screen sharing on BlackBerry Balance and regulated

BlackBerry Balance devices.................................................................................................................................... 18

Preventing access to work contacts when using BBM on BlackBerry Balance and regulated BlackBerry Balance

devices....................................................................................................................................................................18

Preventing the BBM Video feature on BlackBerry Balance and regulated BlackBerry Balance devices from using

your organization's networks....................................................................................................................................19

Preventing access to BBM on regulated BlackBerry Balance and work space only devices........................................19

Preventing users from using BBM Channels on regulated BlackBerry Balance and work space only devices..............19

BES12 IT policy rules that apply to BBM...................................................................................................................19

BES12 Cloud IT policy rules that apply to BBM......................................................................................................... 20

BES10 managing BlackBerry 10 devices......................................................................................................................... 22

Monitor BBM using log files on regulated BlackBerry Balance and work space only devices...................................... 22

Preventing users from sharing work data during BBM Video screen sharing on BlackBerry Balance and regulated

BlackBerry Balance devices.................................................................................................................................... 22

Preventing access to work contacts when using BBM on BlackBerry Balance and regulated BlackBerry Balance

devices....................................................................................................................................................................22

Preventing the BBM Video feature on BlackBerry Balance and regulated BlackBerry Balance devices from using

your organization's networks....................................................................................................................................23

Preventing access to BBM on regulated BlackBerry Balance and work space only devices........................................23

BES10 IT policy rules that apply to BBM...................................................................................................................23

BES5 managing BlackBerry OS devices...........................................................................................................................24

Monitoring BBM...................................................................................................................................................... 24

Controlling what users can do with BBM contact list information...............................................................................25

Preventing users from transferring files using BBM...................................................................................................25

BES5 IT policy rules that apply to BBM.....................................................................................................................26

Glossary......................................................................................................................... 27

Legal notice....................................................................................................................28

Document revision history

Date Description

28 May 2015 Updated to include support for BES12 Cloud.

2 March 2015 Added information about BBM database encryption on iOS and Android devices.

17 December 2014 Updated to include support for BES12 and Windows Phone devices

1

Document revision history

5

About this guide

BBM is an instant messaging app that is enhanced with voice chats, video chats, and social communities. BBM allows users to communicate with their friends, family, and coworkers. BBM is available for BlackBerry 10, BlackBerry OS, iOS, Android, and Windows Phone devices. This guide describes the security features of BBM.

This guide is intended for senior IT professionals responsible for evaluating the product and planning its deployment, as well as anyone who’s interested in learning more about BBM security features. After you read this guide, you should understand how BBM can help protect messages.

Note: This guide doesn’t describe the security features of BBM Protected. For more information, visit help.blackberry.com/detectLang/bbm-protected-security/ to see the BBM Protected Security Note.

2

About this guide

6

http://help.blackberry.com/detectLang/bbm-protected-security/

http://help.blackberry.com/detectLang/bbm-protected-security/

How BBM protects messages

BBM uses a combination of authentication and encryption to protect messages. BBM requires authentication with the BlackBerry ID to send and receive messages. Depending on the device type, BBM uses one or more encryption methods to send and receive messages:

• TLS for BlackBerry 10, BlackBerry OS over Wi-Fi, iOS, Android, and Windows Phone devices

• BBM encryption key for BlackBerry 10 and BlackBerry OS devices

BlackBerry ID authentication in BBMBBM uses BlackBerry ID, a single sign-on identity service, to authenticate all users. Every BBM user is assigned a personal identifier that is tied to the BlackBerry ID. This adds assurance that BBM messages are sent and received by authenticated users.

TLS in BBMBlackBerry 10, iOS, Android, and Windows Phone devices send all data to each other through the BlackBerry Infrastructure over a TLS connection. In certain scenarios, BlackBerry OS devices also send data this way. TLS is a common web standard used across all major desktop and mobile web browsers for secure online banking and shopping. A TLS connection between a device and the BlackBerry Infrastructure is designed to protect BBM messages from eavesdropping or manipulation by an attacker.

BBM encryption keyThe BBM encryption key is a Triple DES 168-bit key. A BlackBerry device uses this key to:

• Encrypt BBM messages that it sends to other BlackBerry devices

• Authenticate and decrypt BBM messages that it receives from other BlackBerry devices

Each device uses the same global BBM encryption key, which BlackBerry adds to the device during the manufacturing process.

3


7

BBM database encryptionOn iOS and Android devices, the BBM database is encrypted. BBM uses SQLCipher, initialized with a passphrase, to encrypt the BBM database. BBM asks the iOS or Android device for a block of random data (48 bytes) to use as the passphrase. The passphrase is random, unique to each BBM app, and used each time the BBM app starts on a device. BBM encrypts the passphrase and stores it in the device’s keystore.

BBM messaging architectureThe following diagrams show how BBM protects BBM messages, BBM Group messages, and BBM Channel messages on devices.

BBM messaging for BlackBerry 10 devicesOn BlackBerry Balance and work space only devices, BBM messages bypass BES12, BES12 Cloud, or BES10 and are sent directly to the BlackBerry Infrastructure using the BBM encryption key and TLS.

BBM between a BlackBerry 10 device on any wireless network and a BlackBerry OS device on a Wi-Fi network

BBM between a BlackBerry 10 device on any wireless network and a BlackBerry OS device on a mobile network


8

BBM between a BlackBerry 10 device on any wireless network and a BlackBerry 10 device on any wireless network

BBM between a BlackBerry 10 device on any wireless network and an iOS, Android, or Windows Phone device on any wireless network

BBM messaging for iOS, Android, and Windows Phone devicesBBM between an iOS, Android, or Windows Phone device on any wireless network and a BlackBerry OS device on a Wi-Fi network

BBM between an iOS, Android, or Windows Phone device on any wireless network and a BlackBerry OS device on a mobile network


9

BBM between an iOS, Android, or Windows Phone device on any wireless network and a BlackBerry 10 device on any wireless network

BBM between an iOS, Android, or Windows Phone device on any wireless network and an iOS, Android, or Windows Phone device on any wireless network

BBM messaging for BlackBerry OS devicesBBM between a BlackBerry OS device on a Wi-Fi network and a BlackBerry OS device on a Wi-Fi network


10

BBM between a BlackBerry OS device on a Wi-Fi network and a BlackBerry OS device on a mobile network

BBM between a BlackBerry OS device on a Wi-Fi network and a BlackBerry 10 device on any wireless network

BBM between a BlackBerry OS device on a Wi-Fi network and an iOS, Android, or Windows Phone device on any wireless network

BBM between a BlackBerry OS device on a mobile network and a BlackBerry OS device on a Wi-Fi network


11

BBM between a BlackBerry OS device on a mobile network and a BlackBerry OS device on a mobile network

BBM between a BlackBerry OS device on a mobile network and a BlackBerry 10 device on any wireless network

BBM between a BlackBerry OS device on a mobile network and an iOS, Android, or Windows Phone device on any wireless network

BBM Voice and BBM Video architectureThe following diagrams show the architecture and encryption for the setup and data transfer of BBM Voice and BBM Video chats on devices.

Note: BBM on Windows Phone devices doesn't support BBM Voice or BBM Video.


12

BBM Voice and BBM Video call setupBBM Voice or BBM Video between a device on a Wi-Fi network and a device on a Wi-Fi network

BBM Voice or BBM Video between a device on a Wi-Fi network and a device on a mobile network

BBM Voice or BBM Video between a device on a mobile network and a device on a Wi-Fi network


13

BBM Voice or BBM Video between a device on a mobile network and a device on a mobile network

BBM Voice and BBM Video call data transferBBM Voice and BBM Video use the path of least cost for data transfer. For example, between two devices on the same Wi-Fi network, BBM will route through the Wi-Fi access point, with no data transferred to the Internet or the BlackBerry Infrastructure.

BBM Voice or BBM Video between devices on the same Wi-Fi network

BBM Voice or BBM Video between a device on a Wi-Fi network and a device on a different Wi-Fi network

BBM Voice or BBM Video between a device on a Wi-Fi network and a device on a mobile network


14

BBM Voice or BBM Video between a device on a mobile network and a device on a Wi-Fi network

BBM Voice or BBM Video between a device on a mobile network and a device on a mobile network

BBM Voice or BBM Video between a device on a Wi-Fi network and a device on a Wi-Fi network through the BlackBerry Infrastructure


15

BBM Voice or BBM Video between a device on a Wi-Fi network and a device on a mobile network through the BlackBerry Infrastructure

BBM Voice or BBM Video between a device on a mobile network and a device on a Wi-Fi network through the BlackBerry Infrastructure

BBM Voice or BBM Video between a device on a mobile network and a device on a mobile network through the BlackBerry Infrastructure


16

Managing BBM using an EMM solution from BlackBerry

You can use IT policy rules to manage the use of BBM within your organization. The IT policy rules available depend on whether you are using BES12, BES12 Cloud, BES10, or BES5.

4


17

BES12 managing BlackBerry 10 devicesYou can use IT policy rules to configure BES12 or BES12 Cloud to monitor messaging from BBM on BlackBerry 10 devices.

Monitor BBM using log files on regulated BlackBerry Balance and work space only devicesYou can configure BES12 to monitor BBM communications from regulated BlackBerry Balance and work space only devices in your organization. You can configure BES12 to log BBM messages in log files. By default, logging of BBM messaging is turned off.

• If you want BES12 to log BBM messages, select the "Synchronize BBM logs" IT policy rule.

• If you want BES12 to log BBM Voice Chats, select the "Synchronize video chat logs" IT policy rule.

For more information about BES12 log files, see the Administration content.

Preventing users from sharing work data during BBM Video screen sharing on BlackBerry Balance and regulated BlackBerry Balance devicesYou can configure BES12 or BES12 Cloud to allow or prevent BlackBerry Balance and regulated BlackBerry Balance device users from sharing work screens with other BBM Video chat participants during a BBM Video chat. If you want to deny users access to work data when using BBM Video screen sharing, make sure that the "Allow sharing work data during BBM Video screen sharing" IT policy rule is not selected.

Preventing access to work contacts when using BBM on BlackBerry Balance and regulated BlackBerry Balance devicesOn BlackBerry Balance and regulated BlackBerry Balance devices, contact lists can include both work and personal contacts. You can configure BES12 to control access to work contacts in BBM. If you want to deny users access to work contacts when using BBM, set the "Allow personal apps to access work contacts" IT policy rule to None.


18

Preventing the BBM Video feature on BlackBerry Balance and regulated BlackBerry Balance devices from using your organization's networksYou can configure BES12 or BES12 Cloud to prevent the use of your organization's Wi-Fi network, VPN, or the BlackBerry MDS Connection Service for incoming and outgoing BBM Video chats on BlackBerry Balance and regulated BlackBerry Balance devices. If you want to prevent BBM Video from using your organization's networks, make sure that the "Allow BBM Video over work networks" IT policy rule is not selected.

Preventing access to BBM on regulated BlackBerry Balance and work space only devicesYou can configure BES12 or BES12 Cloud to prevent any use of BBM or BBM Video and BBM Voice on regulated BlackBerry Balance and work space only devices. To restrict access to BBM, you can configure the following IT policy rules:

• If you want to restrict access to BBM on regulated BlackBerry Balance and work space only devices, make sure that the "Allow BBM" IT policy rule is not selected.

• If you want to restrict access to BBM Video and BBM Voice on regulated BlackBerry Balance and work space only devices, make sure that the "Allow BBM Video/BBM Voice" IT policy rule is not selected.

Preventing users from using BBM Channels on regulated BlackBerry Balance and work space only devicesYou can configure BES12 or BES12 Cloud to prevent users from using BBM Channels on regulated BlackBerry Balance and work space only devices. You can control whether your users can use BBM Channels by configuring the “Allow BBM Channels” IT policy rule. For more information, visit http://www.blackberry.com/go/kbhelp to read KB36333.

BES12 IT policy rules that apply to BBMIT policy rules Activation types

Synchronize BBM logs • Work Space only

• Work and personal - Regulated

Synchronize video chat logs • Work Space only



19

http://www.blackberry.com/go/kbhelp

IT policy rules Activation types

Allow personal apps to access work contacts • Work and personal - Corporate


Allow sharing work data during BBM Video screen sharing • Work and personal - Corporate


Allow BBM Video over work networks • Work and personal - Corporate


Allow BBM • Work space only


Allow BBM Video/BBM Voice • Work space only


Allow BBM Channels • Work Space only


For more information about IT policy rules, download the Policy Reference Spreadsheet at help.blackberry.com/detectLang/bes12/current/policy-reference-spreadsheet-zip/.

BES12 Cloud IT policy rules that apply to BBMIT policy rules Activation types

Allow personal apps to access work contacts • Work and personal - Corporate


Allow sharing work data during BBM Video screen sharing • Work and personal - Corporate


Allow BBM Video over work networks • Work and personal - Corporate


Allow BBM • Work space only


20

http://help.blackberry.com/detectLang/bes12/current/policy-reference-spreadsheet-zip/

http://help.blackberry.com/detectLang/bes12/current/policy-reference-spreadsheet-zip/

IT policy rules Activation types


Allow BBM Video/BBM Voice • Work space only


Allow BBM Channels • Work Space only


For more information about IT policy rules, download the Policy Reference Spreadsheet at help.blackberry.com/detectLang/bes12-cloud/latest/policy-reference-spreadsheet/.


21

http://help.blackberry.com/detectLang/bes12-cloud/latest/policy-reference-spreadsheet/

http://help.blackberry.com/detectLang/bes12-cloud/latest/policy-reference-spreadsheet/

BES10 managing BlackBerry 10 devicesYou can use IT policy rules to configure BES10 to monitor messaging from BBM on BlackBerry 10 devices.

Monitor BBM using log files on regulated BlackBerry Balance and work space only devicesYou can configure BES10 to monitor BBM communications from regulated BlackBerry Balance and work space only devices in your organization. You can configure BES10 to log BBM messages in log files. By default, logging of BBM messaging is turned off.

• If you want BES10 to log BBM messages, set the "BBM Log Wireless Synchronization" IT policy rule to Yes.

• If you want BES10 to log BBM Voice Chats, set the "Video Chat Log Wireless Synchronization" IT policy rule to Yes.

For more information about BES10 log files, see the BlackBerry Device Service Advanced Administration Guide.

Preventing users from sharing work data during BBM Video screen sharing on BlackBerry Balance and regulated BlackBerry Balance devicesYou can configure BES10 to allow or prevent BlackBerry Balance and regulated BlackBerry Balance device users from sharing work screens with other BBM Video chat participants during a BBM Video chat. If you want to deny users access to work data when using BBM Video screen sharing, set the "Share Work Data During BBM Video Screen Sharing" IT policy rule to Disallow.

Preventing access to work contacts when using BBM on BlackBerry Balance and regulated BlackBerry Balance devicesOn BlackBerry Balance and regulated BlackBerry Balance devices, contact lists can include both work and personal contacts. You can configure BES10 to control access to work contacts in BBM. If you want to deny users access to work contacts when using BBM, set the "Personal Apps Access to Work Contacts" IT policy rule to None.


22

Preventing the BBM Video feature on BlackBerry Balance and regulated BlackBerry Balance devices from using your organization's networksYou can configure BES10 to prevent the use of your organization's Wi-Fi network, VPN, or the BlackBerry MDS Connection Service for incoming and outgoing BBM Video chats on BlackBerry Balance and regulated BlackBerry Balance devices. If you want to prevent BBM Video from using your organization's networks, set the "BBM Video Access to Work Network" IT policy rule to Disallow.

Preventing access to BBM on regulated BlackBerry Balance and work space only devicesOn regulated BlackBerry Balance and work space only devices, you can prevent any use of BBM or BBM Video and BBM Voice. To restrict access to BBM, you can configure the following IT policy rules in the "Software" IT policy group:

• If you want to restrict access to BBM on regulated BlackBerry Balance and work space only devices, set the "BBM" IT policy rule to Disallow.

• If you want to restrict access to BBM Video and BBM Voice on regulated BlackBerry Balance and work space only devices, set the "BBM Video/BBM Voice" IT policy rule to Disallow.

BES10 IT policy rules that apply to BBMIT policy group Activation types IT policy rules

Logging • Work Space only


• BBM Log Wireless Synchronization

• Video Chat Log Wireless Synchronization

Security • Work and personal - Corporate


• Personal Apps Access to Work Contacts

• Share Work Data During BBM Video Screen Sharing

Software • Work and personal - Corporate


• BBM Video Access to Work Network


23

IT policy group Activation types IT policy rules

• Work space only


• BBM

• BBM Video/BBM Voice

For more information about IT policy rules, visit docs.blackberry.com/BES10 to read the BlackBerry Device Service Policy Reference Spreadsheet.

BES5 managing BlackBerry OS devicesYou can use IT policy rules to configure BES5 to monitor messaging from BBM on BlackBerry OS devices.

Monitoring BBMYou can configure BES5 to monitor messaging from the BlackBerry devices in your organization. BES5 can monitor messages, file transfers, and status changes from BBM. There are two ways to monitor messaging from BBM:

• You can configure BES5 to log messaging from BBM in a log file.

• You can configure BES5 to make devices send audit reports of messaging from BBM to a specific email address.

Monitor BBM using log filesYou can configure BES5 to log messaging from BBM in log files. By default, logging of messaging is turned off.

1. In the BlackBerry Administration Service, on the BlackBerry solution management menu, expand Policy.

2. Click Manage IT policies.

3. In the list of IT policies, click an IT policy.

4. Click Edit IT policy.

5. On the PIM Synchronization tab, in the Disable BlackBerry Messenger Wireless Synchronization drop-down list, click No.

6. Click Save all.

After you finish:

For more information about BES5 log files, see the BlackBerry Enterprise Server Administration Guide.


24

http://docs.blackberry.com/BES10

Monitor BBM using email messagesYou can audit the use of BBM in your organization’s environment by configuring BES5 to make BlackBerry devices send BBM audit reports to an email address that you specify.

1. In the BlackBerry Administration Service, on the BlackBerry solution management menu, expand Policy.

2. Click Manage IT policies.

3. In the list of IT policies, click an IT policy.

4. Click Edit IT policy.

5. On the BlackBerry Messenger tab, perform the following tasks:

a. In the Messenger Audit Email Address field, type the email address that you want the device to send email messages to.

b. In the Messenger Audit UID field, type the SRP identifier for your organization's BES5.

c. In the Messenger Audit Report Interval field, specify the interval (in hours) that must elapse before the device sends an email message if the user is using BBM.

d. In the Messenger Audit Max Report Interval field, specify the interval (in hours) that must elapse before the device sends an email message if the user isn't using BBM.

6. Click Save all.

Controlling what users can do with BBM contact list informationBBM contact lists can include BlackBerry device users' PINs and email addresses. To control what users can do with BBM contact list information, you can configure the following IT policy rules in the "BlackBerry Messenger" IT policy group:

• If you want to prevent users from storing BBM contact lists in the BlackBerry Infrastructure, set the "Disable Server Based Contact List Synchronization" IT policy rule to Yes.

• If you want to prevent users from registering email addresses with the BBM server if the email addresses aren’t associated with a BES5, set the "Disallow External Email Address for Server Registration" IT policy rule to Yes.

• If you want to prevent users from forwarding BBM contacts to other users, set the "Disallow Forwarding of Contacts" IT policy rule to Yes.

Preventing users from transferring files using BBMBy default, BlackBerry device users can transfer files using BBM. To prevent users from transferring files using BBM, you can configure the following IT policy rules in the "Instant Messaging" IT policy group:

• If you want to prevent users from transferring files, set the "Disallow File Transfer Types" IT policy rule to *.


25

• If you want to prevent users from transferring files of a specific file type, specify the file types in the "Disallow File Transfer Types" IT policy rule.

• If you want to limit the size of the files that users can transfer, specify the file size in the "Maximum File Transfer Size (MB)" IT policy rule.

BES5 IT policy rules that apply to BBMIT policy group IT policy rules

BlackBerry Messenger • BBM Voice

• Disable BlackBerry Messenger

• Disable BlackBerry Messenger Groups

• Disable Check for Updates

• Disable Location Requests, Responses, and Proximity Alerts

• Disable Server Based Contact List Synchronization

• Disallow External Email Address for Server Registration

• Disallow Forwarding of Contacts

• Disallow Setting a Subject on Conversations

• Enforce Security Question in BlackBerry Messenger Invitation

• Messenger Audit Email Address

• Messenger Audit Max Report Interval

• Messenger Audit Report Interval

• Messenger Audit UID

Instant Messaging • Disallow File Transfer Types

• Maximum File Transfer Size (MB)

PIM Synchronization • Disable BlackBerry Messenger Wireless Synchronization

Security • Firewall Block Incoming Messages

For more information about IT policy rules, visit docs.blackberry.com/BES5 to read the BlackBerry Enterprise Server Policy Reference Guide.


26

http://docs.blackberry.com/BES5

Glossary

BES5 BlackBerry Enterprise Server 5

BES10 BlackBerry Enterprise Service 10

BES12 BlackBerry Enterprise Service 12

EMM Enterprise Mobility Management

TCP Transmission Control Protocol

TLS Transport Layer Security

Triple DES Triple Data Encryption Standard

UDP User Datagram Protocol

VPN virtual private network

5

Glossary

27

Legal notice

©2015 BlackBerry. All rights reserved. BlackBerry® and related trademarks, names, and logos are the property of BlackBerry Limited and are registered and/or used in the U.S. and countries around the world.

Android is a trademark of Google Inc. iOS is a trademark of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other countries. iOS® is used under license by Apple Inc. Wi-Fi is a trademark of the Wi-Fi Alliance. All other trademarks are the property of their respective owners.

This documentation including all documentation incorporated by reference herein such as documentation provided or made available on the BlackBerry website provided or made accessible "AS IS" and "AS AVAILABLE" and without condition, endorsement, guarantee, representation, or warranty of any kind by BlackBerry Limited and its affiliated companies ("BlackBerry") and BlackBerry assumes no responsibility for any typographical, technical, or other inaccuracies, errors, or omissions in this documentation. In order to protect BlackBerry proprietary and confidential information and/or trade secrets, this documentation may describe some aspects of BlackBerry technology in generalized terms. BlackBerry reserves the right to periodically change information that is contained in this documentation; however, BlackBerry makes no commitment to provide any such changes, updates, enhancements, or other additions to this documentation to you in a timely manner or at all.

This documentation might contain references to third-party sources of information, hardware or software, products or services including components and content such as content protected by copyright and/or third-party websites (collectively the "Third Party Products and Services"). BlackBerry does not control, and is not responsible for, any Third Party Products and Services including, without limitation the content, accuracy, copyright compliance, compatibility, performance, trustworthiness, legality, decency, links, or any other aspect of Third Party Products and Services. The inclusion of a reference to Third Party Products and Services in this documentation does not imply endorsement by BlackBerry of the Third Party Products and Services or the third party in any way.

EXCEPT TO THE EXTENT SPECIFICALLY PROHIBITED BY APPLICABLE LAW IN YOUR JURISDICTION, ALL CONDITIONS, ENDORSEMENTS, GUARANTEES, REPRESENTATIONS, OR WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION, ANY CONDITIONS, ENDORSEMENTS, GUARANTEES, REPRESENTATIONS OR WARRANTIES OF DURABILITY, FITNESS FOR A PARTICULAR PURPOSE OR USE, MERCHANTABILITY, MERCHANTABLE QUALITY, NON-INFRINGEMENT, SATISFACTORY QUALITY, OR TITLE, OR ARISING FROM A STATUTE OR CUSTOM OR A COURSE OF DEALING OR USAGE OF TRADE, OR RELATED TO THE DOCUMENTATION OR ITS USE, OR PERFORMANCE OR NON-PERFORMANCE OF ANY SOFTWARE, HARDWARE, SERVICE, OR ANY THIRD PARTY PRODUCTS AND SERVICES REFERENCED HEREIN, ARE HEREBY EXCLUDED. YOU MAY ALSO HAVE OTHER RIGHTS THAT VARY BY STATE OR PROVINCE. SOME JURISDICTIONS MAY NOT ALLOW THE EXCLUSION OR LIMITATION OF IMPLIED WARRANTIES AND CONDITIONS. TO THE EXTENT PERMITTED BY LAW, ANY IMPLIED WARRANTIES OR CONDITIONS RELATING TO THE DOCUMENTATION TO THE EXTENT THEY CANNOT BE EXCLUDED AS SET OUT ABOVE, BUT CAN BE LIMITED, ARE HEREBY LIMITED TO NINETY (90) DAYS FROM THE DATE YOU FIRST ACQUIRED THE DOCUMENTATION OR THE ITEM THAT IS THE SUBJECT OF THE CLAIM.

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW IN YOUR JURISDICTION, IN NO EVENT SHALL BLACKBERRY BE LIABLE FOR ANY TYPE OF DAMAGES RELATED TO THIS DOCUMENTATION OR ITS USE, OR PERFORMANCE OR NON-PERFORMANCE OF ANY SOFTWARE, HARDWARE, SERVICE, OR ANY THIRD PARTY PRODUCTS AND SERVICES REFERENCED HEREIN INCLUDING WITHOUT LIMITATION ANY OF THE FOLLOWING DAMAGES: DIRECT, CONSEQUENTIAL,

6

Legal notice

28

EXEMPLARY, INCIDENTAL, INDIRECT, SPECIAL, PUNITIVE, OR AGGRAVATED DAMAGES, DAMAGES FOR LOSS OF PROFITS OR REVENUES, FAILURE TO REALIZE ANY EXPECTED SAVINGS, BUSINESS INTERRUPTION, LOSS OF BUSINESS INFORMATION, LOSS OF BUSINESS OPPORTUNITY, OR CORRUPTION OR LOSS OF DATA, FAILURES TO TRANSMIT OR RECEIVE ANY DATA, PROBLEMS ASSOCIATED WITH ANY APPLICATIONS USED IN CONJUNCTION WITH BLACKBERRY PRODUCTS OR SERVICES, DOWNTIME COSTS, LOSS OF THE USE OF BLACKBERRY PRODUCTS OR SERVICES OR ANY PORTION THEREOF OR OF ANY AIRTIME SERVICES, COST OF SUBSTITUTE GOODS, COSTS OF COVER, FACILITIES OR SERVICES, COST OF CAPITAL, OR OTHER SIMILAR PECUNIARY LOSSES, WHETHER OR NOT SUCH DAMAGES WERE FORESEEN OR UNFORESEEN, AND EVEN IF BLACKBERRY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW IN YOUR JURISDICTION, BLACKBERRY SHALL HAVE NO OTHER OBLIGATION, DUTY, OR LIABILITY WHATSOEVER IN CONTRACT, TORT, OR OTHERWISE TO YOU INCLUDING ANY LIABILITY FOR NEGLIGENCE OR STRICT LIABILITY.

THE LIMITATIONS, EXCLUSIONS, AND DISCLAIMERS HEREIN SHALL APPLY: (A) IRRESPECTIVE OF THE NATURE OF THE CAUSE OF ACTION, DEMAND, OR ACTION BY YOU INCLUDING BUT NOT LIMITED TO BREACH OF CONTRACT, NEGLIGENCE, TORT, STRICT LIABILITY OR ANY OTHER LEGAL THEORY AND SHALL SURVIVE A FUNDAMENTAL BREACH OR BREACHES OR THE FAILURE OF THE ESSENTIAL PURPOSE OF THIS AGREEMENT OR OF ANY REMEDY CONTAINED HEREIN; AND (B) TO BLACKBERRY AND ITS AFFILIATED COMPANIES, THEIR SUCCESSORS, ASSIGNS, AGENTS, SUPPLIERS (INCLUDING AIRTIME SERVICE PROVIDERS), AUTHORIZED BLACKBERRY DISTRIBUTORS (ALSO INCLUDING AIRTIME SERVICE PROVIDERS) AND THEIR RESPECTIVE DIRECTORS, EMPLOYEES, AND INDEPENDENT CONTRACTORS.

IN ADDITION TO THE LIMITATIONS AND EXCLUSIONS SET OUT ABOVE, IN NO EVENT SHALL ANY DIRECTOR, EMPLOYEE, AGENT, DISTRIBUTOR, SUPPLIER, INDEPENDENT CONTRACTOR OF BLACKBERRY OR ANY AFFILIATES OF BLACKBERRY HAVE ANY LIABILITY ARISING FROM OR RELATED TO THE DOCUMENTATION.

Prior to subscribing for, installing, or using any Third Party Products and Services, it is your responsibility to ensure that your airtime service provider has agreed to support all of their features. Some airtime service providers might not offer Internet browsing functionality with a subscription to the BlackBerry® Internet Service. Check with your service provider for availability, roaming arrangements, service plans and features. Installation or use of Third Party Products and Services with BlackBerry's products and services may require one or more patent, trademark, copyright, or other licenses in order to avoid infringement or violation of third party rights. You are solely responsible for determining whether to use Third Party Products and Services and if any third party licenses are required to do so. If required you are responsible for acquiring them. You should not install or use Third Party Products and Services until all necessary licenses have been acquired. Any Third Party Products and Services that are provided with BlackBerry's products and services are provided as a convenience to you and are provided "AS IS" with no express or implied conditions, endorsements, guarantees, representations, or warranties of any kind by BlackBerry and BlackBerry assumes no liability whatsoever, in relation thereto. Your use of Third Party Products and Services shall be governed by and subject to you agreeing to the terms of separate licenses and other agreements applicable thereto with third parties, except to the extent expressly covered by a license or other agreement with BlackBerry.

The terms of use of any BlackBerry product or service are set out in a separate license or other agreement with BlackBerry applicable thereto. NOTHING IN THIS DOCUMENTATION IS INTENDED TO SUPERSEDE ANY EXPRESS WRITTEN AGREEMENTS OR WARRANTIES PROVIDED BY BLACKBERRY FOR PORTIONS OF ANY BLACKBERRY PRODUCT OR SERVICE OTHER THAN THIS DOCUMENTATION.

BlackBerry Limited2200 University Avenue EastWaterloo, Ontario

Legal notice

29

Canada N2K 0A7

BlackBerry UK Limited200 Bath RoadSlough, Berkshire SL1 3XEUnited Kingdom

Published in Canada

Legal notice

30

security note - blackberry · pdf filehow bbm protects messages ... monitor bbm using log...

Documents