Skip Navigation
BlackBerry Blog

Authentic Security: How BlackBerry Turns Smartphones Into RSA SecurID Tokens

Mobile devices have emerged as an excellent way to authenticate users on enterprise apps; after all, nearly everyone carries one nearly all of the time. And where mobile authentication is concerned, one of the biggest trends that’s emerged is the use of mobile phones as a Trust Factor. To that end, BlackBerry is one of the only enterprise mobility management (EMM) vendors that’s been supporting this trend through direct integration of RSA SecurID Soft Token Libraries with BlackBerry Access, formerly known as Good Access.

RSA, the security division of EMC, is an industry leader in authentication, including One-Time Passcodes (OTP). RSA Soft Tokens on a user’s mobile device can be leveraged to generate OTP tokens, which can then be used for accessing a web app from a desktop, laptop, or a mobile device. The OTP tokens can also be used as a second factor for several popular VPN solutions.


The RSA SecurID Soft Tokens are also integrated into the extended features of the BlackBerry Launcher, formerly known as the Good Launcher. Often referred to by our customers as the “new business desktop,” BlackBerry Launcher is included in all BlackBerry apps. This makes it an essential and iconic feature of the BlackBerry Dynamics ecosystem formerly known as Good Dynamics, and a key element of the BlackBerry Work, formerly known as Good Work, experience – and by association, a core component of the BlackBerry Enterprise Mobility Suite, formerly known as the Good Secure EMM Suites.

How It Works:

First, a software token is embedded with BlackBerry Access. With the token in place, seed files – which contain the necessary authentication settings for the token to function – are installed through BlackBerry Work, formerly known as Good Work. These files can also be bound to a particular device through a unique, user-generated device ID.

While the seed files are generated, the RSA Authentication Manager binds any unique IDs for subsequent distribution through BlackBerry Work or BlackBerry for Enterprise. A number of additional policy control options (see below) are available that allow IT to manage the deployment of RSA SecurID Soft Tokens.


Through BlackBerry Enterprise Mobility Suite, seed files can be provisioned through a secure channel, and users have access to a business-first, productivity-oriented experience. BlackBerry UEM (Unified Endpoint Manager), formerly known as BES12, meanwhile, provides a centralized platform for managing the RSA Soft Tokens and everything else in your mobile fleet. Most importantly, our implementation of RSA SecurID – which has the coveted RSA Secured Certification – eliminates the need to carry a separate key fob, offering a frictionless, seamless user experience.

That’s how you do “BlackBerry Work.”

Interested in learning more? Check out Introducing BlackBerry Enterprise Mobility Suite, or go Hands-on with BlackBerry Enterprise Mobility Suite. And if you want to see how your own business fits into the current EMM landscape, be sure to also view Making Sense of the EMM Alphabet Soup – a detailed look at MDM, MAM & MCM.

About Richard Ashley