Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry Protect Mobile for UEM
  3. BlackBerry Protect Overview and Administration Guide
  4. Checking the integrity of BlackBerry Dynamics apps for iOS
  5. Enable app integrity checking

Enable app integrity checking

  • In the activation profiles that are assigned to users, on the 
    iOS
     tab, enable any of the following settings:
    • To perform an app integrity check when a 
      BlackBerry Dynamics
       app is activated, select 
      Perform app integrity check on BlackBerry Dynamics app activation
      .
    • To perform regular app integrity checks for 
      BlackBerry Dynamics
       apps, select 
      Perform periodic app integrity checks
      .
  1. In the management console, click 
    Settings > General settings > Attestation
    .
  2. In the 
    iOS app integrity check frequency
     section, select the 
    Enable iOS app integrity check on devices
     check box.
  3. In the 
    Challenge frequency
     section, specify how often apps must return an attestation response.
  4. In the 
    App grace period
     section, specify a grace period.
    If the grace period expires without a successful attestation response, a device is considered out of compliance and 
    UEM
     will take the compliance action specified in the user's compliance profile.
  5. In the 
    Apps to receive attestation challenges
     table, click 
    +
    .
  6. To use a full integrity check with the DeviceCheck framework, verify that the 
    Use Apple DeviceCheck to validate device and app signature
     check box is selected. For a partial integrity check, clear the check box.
  7. If you want to add a custom app to the attestation list, in the 
    DeviceCheck key name
     drop-down list, select the key for the app.
  8. Search for and select the app that you want to receive attestation challenges. Click 
    Select
    . You do not need to add a key for apps released by 
    BlackBerry
    UEM
     will automatically use the 
    BlackBerry
     DeviceCheck key when you select an app released by 
    BlackBerry
    .
  9. Repeat steps 5 to 8 to add additional apps to the list.
  10. Click 
    Save
    .
  11. Create a 
    BlackBerry Protect
     profile and assign it to user accounts and groups to enable the feature on users' devices. You can create a new 
    BlackBerry Protect
     profile (Policies and profiles > Protection > BlackBerry Protect) or use a 
    BlackBerry Protect
     profile that you created previously. Note that currently there are no settings that you need to configure in the profile for integrity checking.