We have now registered our BlackBerry code signing keys with the BlackBerry Signing Authority.  This allows BlackBerry applications to be developed which use BlackBerry controlled Java APIs.  Such APIs allow access to user data or other information on a BlackBerry device that is considered sensitive.  This mechanism provides BlackBerry with an audit trail of applications that use sensitive APIs which allows the author of a malicious application to be identified.

It is apparent that BlackBerry have implemented a level of control over application development that lies somewhere between Microsoft’s uncontrolled access to the .NET Compact Framework APIs on the Windows Mobile platform and Apple’s restricted API access on the iPhone platform.

Providing access to sensitive / dangerous APIs in a development platform provides a developer with more flexibility and power in application development at the likely expense of malicious applications being developed and circulated through application stores on the Internet.  Highly restricted API access can inhibit the full exploitation of a platforms capabilities however stops malicious application developers in their tracks (also providing a more stable controller platform).  BlackBerry’s code signing key mechanism would appear to be a clever method of achieving the best of both worlds.