Configuring software tokens for BlackBerry devices

The BlackBerry Enterprise Server is designed to work with the RSA Authentication Manager to provide software token support for use with layer 2 and layer 3 Wi-Fi authentication on Wi-Fi enabled BlackBerry devices.

When you configure a software token for users, BlackBerry devices are designed to use the passcode to authenticate the users to the Wi-Fi network and VPNs automatically using the PEAPv1, EAP-GTC, and EAP-TTLS or EAP-GTC authentication methods.

You can configure multiple software tokens for each user. For example, you can configure one software token that a user can use with Wi-Fi authentication and a second software token that a user can use with VPN authentication. When users try to open a Wi-Fi or VPN connection that requires two-factor authentication on the BlackBerry devices, the BlackBerry devices prompt the users to type the software token PIN and submit the current tokencode for the connection type to create the passcode for two-factor authentication.

For more information about how the BlackBerry Enterprise Server supports software tokens, see the BlackBerry Enterprise Solution Security Technical Overview.