The BlackBerry Enterprise Server for Novell® GroupWise® supports this IT policy rule in BlackBerry Device Software Version
4.0 and later.
Force Smart Card Two Factor Challenge Response IT policy rule
This rule specifies whether the user must choose a smart card certificate to use with smart card two-factor authentication.
This feature is designed to increase the security of smart card two-factor authentication, but when it is turned on, the
BlackBerry® device requires more time to unlock.
Default setting
The default setting is False.
If you set this IT policy rule to True, when the user unlocks the BlackBerry device, the device sends a challenge to the smart
card to verify the authenticator module for the smart card.
If you set this IT policy rule to True, to use the BlackBerry device, users must have a BlackBerry® Smart Card Reader, and
must install a smart card driver and a BlackBerry Smart Card Reader driver on their BlackBerry device.
The BlackBerry device uses this IT policy rule only if you set the Password Required and Force Smart Card Two Factor
Authentication IT policy rules to True.
Minimum requirements
Java® based BlackBerry device
BlackBerry® Device Software Version 4.2
BlackBerry Smart Card Reader software Version 1.5
BlackBerry® Enterprise Server Version 4.0 SP6
BlackBerry® Connect™ Transport Stack Version 4.0
Key Store Password Maximum Timeout IT policy rule
This rule specifies the maximum number of minutes that elapse before the cached password timeout expires in the key store.
After the timeout expires, the BlackBerry® device prompts the user to type the password.
Default setting
The default setting is 1 minute.
Policy Reference Guide
Security policy group