Dubai: A senior technology expert is questioning media accounts published yesterday in the UAE and Oman that suggest BlackBerry maker Research in Motion (RIM) has given UAE regulators the encryption key to decipher emails, messaging and web browsing on BlackBerry mobile phones.
Leif-Olof Wallin, Gartner's research vice-president, said his firm's latest information is that BlackBerry phones are still highly encrypted.
The Telecommunications Regulatory Authority (TRA) could not be reached for comment to confirm if it had received encryption keys following a deal reached in October to allow BlackBerry phones to continue operating in the UAE.
"As far as Gartner is aware, a mobile e-mail between a BlackBerry Enterprise Server (BES) and a BlackBerry device is heavily encrypted and the only location where the encryption key is stored in readable format is in the BES and requires administrative access privileges to that server," Wallin told Gulf News.
"Furthermore, the encryption key used is unique per [each] BlackBerry device and not known to neither [the] operators nor Research in Motion, the company behind BlackBerry, and [is] changed at certain intervals," he added.
"BlackBerry Messages [BBM] exchanged between BlackBerry devices are encrypted using the same key for all devices and this key is known by RIM and installed by them on all devices, hence the level of security is much lower," Wallin said.
"In order to stay compliant with local regulation around lawful intercept, Gartner believes that RIM will assist authorities when [the] grounds for lawful intercept [are] established."
Muscat-based newspaper Al Roya quoted a Symantec official as saying that the encryption keys were provided by PGP, a company owned by RIM, to the TRA to help decipher BlackBerry content on individuals' mobile phones when court orders are issued.
Asked to confirm the Al Roya story, a Symantec spokesperson declined and said the company was misquoted. Symantec issued a statement to Gulf News following the story.
"This is the correct quote from Ramzi Itani," the spokesperson said.Itani serves as Symantec's Regional Channel & Alliance Manager.
"IDC is expecting 55 per cent increase in [the] sales of mobile devices and Gartner is projecting 1.2 billion users in 2011," Itani said in the statement.
"This will mean hackers will start looking at opportunities to [steal] information on devices that do not have security," he said.
"Since more and more organisations are building their business on mobile solutions, as Symantec we offer many security solutions to organisations such as encryption since we acquired PGP and BlackBerry devices are loaded with PGP encryption."
Itani added: "I am not in a state to comment on what the agreement between UAE, TRA and RIM could contain. There was an article in the news that Saudi Arabia installed RIM servers to monitor BlackBerry Messenger, so [we] wonder if UAE did the same or not. What I am confident on [is] that we offer to organisations encryption solutions to protect content."
RIM remains mum
Canadian BlackBerry manufacturer RIM declined to elaborate on negotiations that resulted in the UAE withdrawing plans to ban BlackBerry phones in October. In a statement issued on Monday to Gulf News, RIM said it will not divulge the content of talks between itself and the UAE government.
"RIM operates in over 175 countries today and provides a security architecture that is widely accepted by security-conscious customers and governments around the world," the statement read.
"RIM respects both the regulatory requirements of government and the security and privacy needs of corporations and consumers. RIM does not disclose confidential regulatory discussions that take place with any government however RIM assures its customers that it is committed to continue delivering highly secure and innovative products that satisfies the needs of both customers and governments."