Blackberry PRD-09695-004 Security Guide - Page 18

BlackBerry Smart Card Reader 18 See "Appendix F: Smart card binding information" on page 26 for more information. Confirming that the BlackBerry device is bound to the correct smart card After a user turns on two-factor authentication, whenever the BlackBerry device prompts the user to insert the smart card into the BlackBerry Smart Card Reader, the BlackBerry device prompt indicates the label and the card type of the correct (bound) smart card. The user can also view smart card information in the BlackBerry device Security Options. Field Name Initialized Description indicates the type of the installed smart card indicates whether the BlackBerry device is authenticated with and bound to the smart card • a value of Yes indicates that the BlackBerry device is bound to the smart card • a value of No indicates that the BlackBerry device is not bound to the smart card Unbinding the smart card from the BlackBerry device When you or the user start the process that lets the BlackBerry device erase its stored user and application data, the BlackBerry device deletes the smart card binding information from its NV store. When the process completes, a user can authenticate with the BlackBerry device using a new smart card. You can delete the smart card binding information from the BlackBerry device manually in the following ways: • Send the Erase Data and Disable Device IT Admin command to the BlackBerry device to delete the binding between a user's current smart card and the BlackBerry device. • When the user turns off two-factor authentication, the BlackBerry device turns off two-factor authentication with the installed smart card and deletes the smart card binding information from the BlackBerry device. Setting two-factor authentication on the computer See the Microsoft Windows documentation for information about configuring a computer to require the user to connect to a supported smart card reader from the Microsoft Windows login screen to use the computer. www.blackberry.com