Waterloo, Ont.-based BlackBerry Ltd. is opening up its BBM Enterprise cloud services to developers with a subscription-based software development kit (SDK), allowing them to tie-in the messaging capabilities to their own applications.
The new cloud service, described as a “Communications Platform as a Service” by BlackBerry, opens up a new revenue stream for the company and signals a new focus on working with ISVs and partners. It also takes clear aim at San Francisco-based Twilio Inc., a competing firm that had an earnings call scheduled for two hours after BlackBerry’s announcement, and which BlackBerry executives described as less than enterprise grade during a conference call with media including IT World Canada.
“We see an increasing need for secure communications,” said Marty Beard, chief operating officer at BlackBerry. “This is well beyond SMS, this is organizations that need real-time messaging, real-time voice, and real-time video.”
BBM Enterprises’s communications are IP-based. While Twilio does offer developers a service to integrate SMS and MMS services into their applications, it also launched IP-based messaging in 2015.
“If you think of offerings like Twilio, which are really SMS-based, they are complicated to deploy and integrate,” Beard said. “They’re just not doing enterprise-class things.”
Available later this month, the BBM Enterprise SDK offers a way for in-house enterprise developers or independent service vendors to build in secure messaging, voice and video communications, file-sharing, and real-time notifications and presence information. All with the BBM Enterprise service that has earned 80 security certifications and approvals, according to BlackBerry. That includes compliance with the U.S. Health Insurance Portability and Accountability Act (HIPPA).
The crypto-encryption modules in BBM Enterprise that meet the National Institute of Standards and Technology (NIST) FIPS 140-2 standards will be available to developers, said Frank Cotter, vice-president of enterprise products at BlackBerry. That’s a standard that Twilio hasn’t been validated under.
“If you look at Twilio… I didn’t find Twilio as a listed vendor” with NIST, he said.
Twilio did announce that it was awarded ISO 27001 certification on Jan. 18. That compliance also requires validation by an independent security firm after demonstrating a consistent and systematic approach to managing and protecting company and customer data. Twilio launched its Twilio Enterprise Plan last September, which included single sign-on features and role-based access control.
ISVS using the SDK will have full and complete control over how BBM Enterprise services integrate into their app, Cotter said. Developers won’t have to switch contexts to allow their users to send out a message or place a call. Instead, it can be inserted into the app’s natural user interface.
“You can accept an incoming call while you’re running an app, you can get a thumbnail preview and you can launch a fullscreen call if you so choose,” he said. “When I think of SMS, I think that’s an old school approach. It doesn’t support voice and video. That means more complexity for ISVs.”
The healthcare industry is in need of secured collaboration tools, as medical practitioners are often using non-compliant instant messaging services today, he added. BlackBerry has heard a lot of interest from the medical ISV community, envisioning a scenario where emergency room physicians could use it to collaborate with a specialist while working on a patient.
BBM Enterprise is HIPPA compliant, but ISVs using the SDK would still need to obtain its own compliance if they use it and implement their own message logging system. BBM Enterprise is also rated as ‘Protected B’ status by the government agency, Cotter says, meaning it is cleared for the storing and transmitting of classified materials that if compromised “could cause serious injury to an individual, organization or government”. It is the third out of seven tiers of increasingly classified information.
BBM Enterprise is a separate service from the BBM consumer service that BlackBerry licenced to Indonesian firm Emtek in a $207.5 million USD deal last year. BBM Enterprise has previously been branded as BBM Protected.
Last April, court documents in a Montreal case revealed that the RCMP had access to a global encryption key to BlackBerry consumer devices since 2010. When asked if enterprises could trust BlackBerry to protect their encrypted information on their cloud network, Cotter says that the ISVs using the SDK will be responsible for encryption key management.
“We provide the toolkit and it’s up to them to do the key management,” he said. “We do not have possession of the keys.”
BlackBerry didn’t release numbers for pricing of the new SDK, but said it would be a tiered subscription model based on the number of users and the different services called upon.