By acquiring mobile encryption supplier Certicom, Research In Motion can bolster the security features on the BlackBerry. That should be welcome news to small and midsize businesses, because as BlackBerrys have gained power, they've also become problematic to manage as storage and security issues have arisen.
Research In Motion (RIM) reached deep into its pockets to acquire mobile encryption supplier Certicom. The move is significant not only for the amount of money the handset supplier handed over but also -- and, perhaps, more importantly -- because it underscores the growing importance of security in mobile computing.
Strong security has been one reason RIM's BlackBerry has become so popular. The device supplied a higher level of security for sending wireless messages than competitive products. That feature appealed to business users, who remain its largest constituency. The strong security functions stemmed from the handset's support for Certicom's Elliptic Curve Cryptography (ECC), a public key infrastructure (PKI) cryptography mechanism.
Public key algorithms were conceived so security keys could be shared among large numbers of individuals in complex information systems. The keys rely on the creation of mathematical puzzles that are difficult to solve without certain knowledge about how they were created, but easy to solve with that knowledge. The creator keeps a private key and publishes a public key, which provides the recipient with the information needed to solve the puzzle.
Don't Miss: The Choice For Your Business: Netbook Or Smartphone?
Public key systems, such as the popular RSA algorithms, rely on the product of two large prime numbers in their puzzles. ECC takes an algebraic approach, based on the equation ab = c where the different devices know a and c and therefore can determine b.
The early knock on ECC was that it was slow, but Certicom worked to address that problem. Consequently, its technique has been integrated into a wide variety of devices. IBM, Motorola, Oracle, and Qualcomm are some of the companies supporting its work.
Recently, security has become more important with mobile devices. Smartphones have been evolving, gaining more power and becoming more functional. Increasingly, they're being used to collect and store sensitive corporate data. There also has been talk of transforming these devices into portable wallets, so users no longer have to be concerned about carrying cash.
With this evolution well under way, RIM decided it wanted to gain more control over its underlying security functions. In December, the handset vendor made a hostile bid for Certicom, offering around $52 million for the security supplier, which has been in business since 1985.
The security supplier spurned that offer. In addition, a judge ruled that RIM had based its proposal in part on information obtained from Certicom under nondisclosure agreements, disadvantaging rival bidders not privy to the same information.
RIM then found out it was not the only vendor interested in Certicom. In January, VeriSign, which focuses on PKI solutions, bid $72 million for the security supplier. The intrigue ended in February, with RIM more than doubling its initial offer to $106.5 million and Certicom accepting that offer.
By gaining control of Certicom, RIM can further bolster the security features on its handsets. Because the company now has complete control over the security functions, it can integrate them into core components. It could be difficult for competitors to match such functionality. Certicom was a relatively small company that could be usurped by RIM. Other security vendors are much larger, so therefore it's unlikely that other handset suppliers will be able to swallow them whole.
Regardless of the competitive issues, the increased focus on mobile security functions represents welcome news to small and midsize businesses. As these devices have gained more power, they have become problematic to manage. The volume of data stored on these systems and its importance has been growing. In many cases, companies did not have strong encryption features in place, so problems could arise if these systems were lost or stolen. Recently, handset companies like RIM have tried to address such limitations, so small and midsize businesses will feel comfortable enough to use these systems for more business applications.
See more columns by Paul Korzeniowski.
Paul Korzeniowski is a Sudbury, Mass.-based freelance writer who has been writing about networking issues for two decades. His work has appeared in Business 2.0, Entrepreneur, Investor's Business Daily, Newsweek, and InformationWeek.
