Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

Adobe AIR Development

Reply
Contributor
Posts: 22
Registered: ‎12-17-2010
My Device: Not Specified

App World Cryptography Restrictions

In 2009 RIM said sth like ...

 

"... in that our currently Guidelines do not allow certain types of encryption, unless being used for banking purposes, authentication, digital signature or copyright protection.

I cannot comment on applications that are currently available for download from App World, but I do encourage you to submit your application.  We review each application on an individual basis, as well we plan to open up the Guidelines with regards to encryption in the coming version of App World."

 

Source: http://supportforums.blackberry.com/t5/BlackBerry-App-World-Development/Cryptographic-functionality/...

 

So I wonder what happens if your app uses HTTPS to transmit data to the cloud? When i submitted my app I saw that I had to answer alot of crypt related questions. Does anybody of you make some experience regarding HTTPS? Has your (blackberry) app been accepted?

Developer
Posts: 6,541
Registered: ‎10-27-2010
My Device: HTC One, PlayBook, LE Z10, DE Q10
My Carrier: Verizon

Re: App World Cryptography Restrictions

As far as I can see, no one has been accepted (or rejected) on any grounds.  You're probably OK with SSL/HTTPS.  I think they are looking at applications that might be out of the norm.

Developer
Posts: 1,008
Registered: ‎12-12-2010
My Device: Passport (Red Limited Edition)
My Carrier: Mobile Vikings

Re: App World Cryptography Restrictions

HTTPS/SSL is allowed. You just have to state in the app submission that you're app uses one of these protocols.

-------------------------------------------
BlackBerry Certified Builder for Native Application Development -- Proud member of the Belgian BlackBerry Developer group
Samples: Park in Ghent
Feeling generous? Nominate me for BB Elite member!
Developer
Posts: 278
Registered: ‎10-27-2010
My Device: Playbook

Re: App World Cryptography Restrictions

What about SQLite encryption?  Is that allowed?  I have an idea for an application that would be password protected, but also I would like to encrypt the local database.  Nothing nefarious at all, just protecting the database content.  It is a fairly standard practice.  I wonder if that falls under allowed encryptions.  Anyone have any ideas?

--------------
kdittyr

Accepted PlayBook Applications:
HDB Converter -- Utilities/Calculators
Developer
Posts: 6,541
Registered: ‎10-27-2010
My Device: HTC One, PlayBook, LE Z10, DE Q10
My Carrier: Verizon

Re: App World Cryptography Restrictions

Encrypting SQLite is allowed and encouraged.  Just note it during your submission.

Developer
Posts: 278
Registered: ‎10-27-2010
My Device: Playbook

Re: App World Cryptography Restrictions

 


jtegen wrote:

Encrypting SQLite is allowed and encouraged.  Just note it during your submission.


Thank you, I searched the forum but didn't see it anywhere.

 

--------------
kdittyr

Accepted PlayBook Applications:
HDB Converter -- Utilities/Calculators
Contributor
Posts: 22
Registered: ‎12-17-2010
My Device: Not Specified

Re: App World Cryptography Restrictions

I would rather say except for "banking purposes, authentication, digital signature or copyright protection" no data encryption is allowed by vendor guidelines. It is not important if you store an password hash in an SQL, SharedObject or flatfile. Especially in the US there are tough restrictions regarding data enryption algos and key sizes.

 

Hopefully RIM updates these guidelines soon since those restrictions do not exist like that in other app stores.

Highlighted
Developer
Posts: 386
Registered: ‎12-12-2010
My Device: BB Style
My Carrier: Sprint

Re: App World Cryptography Restrictions

Is there a good way to encrypt data and pass between PlayBook and PHP on the serverside?

 

I am looking along the lines of this example for Android: http://groups.google.com/group/android-developers/browse_thread/thread/022e3b4b61de9a7c?pli=1

 

Secondly, will RIM reject an app with such a builtin encryption capability? The use case is for secure transmission of data for health/banking app. 

 

 

Lastly, if there are export restrictions on these cryptographic features, should i restrict the app to US market?