Forgot your password?

App World Devs No Longer Require Notarized Docs – Scanned IDs Fine

Throwingpapersintheair

Its amazing to see the power of the internet and a good rant. It still blows my mind that RIM thought it was reasonable to ask developers to have their proof of identity notarized before allowing them to submit apps to App World. Piotr of BBNews.pl let us know that RIM has finally seen the light and is allowing developers to just submit a scanned front and back copy of any official government issued identification which shows your full name and date of birth. That is relatively reasonable right? I am just glad that somebody finally gave RIM legal the middle finger and said enough is enough.

Here is the email RIM is sending to App World developers who signed up but stopped half way through the process due to the annoying notary public requirement:

Hello,
You are receiving this email because you have registered to become a
BlackBerry App World Vendor, but never completed the process.  There
is only one step left to becoming a BlackBerry App World Vendor, and
we have just simplified the process for Individuals.
Previously we required Individuals to provide us with a notarized
document to validate their identity.  While this is still an option,
we will now begin accepting a scanned copy (front and back) of any
official Government Issued Identification.  This document must clearly
show your Full Name and Date of Birth.
We hope this alternative option makes becoming a BlackBerry App World
Vendor more accessible to anyone who may have been unable to provide
us with a notarized document.  Please see this and other options to
complete the registration process.
If you are a Company:
§  Official documentation to validate your company information (ex.
Articles of Incorporation, Business License etc).
If you are an Individual:
§  A copy (front and back) of an official Government Issued
Identification, clearly showing your name and date of birth.
OR
§  The completed Notary Form attached. Anyone certified as a Notary
can complete this for you (check your local listings).
Documentation can be returned by:
Email: [email protected]
OR
Fax: 1-519-883-7724
For further information and a complete list of Research In Motion’s
criteria for vendor acceptance, please visit
https://appworld.blackberry.com/isvportal/home/guidelines.seam?cid=203494.

16 total comments on this postSubmit your comment!
  1. It’s about time! I wasn’t particularly affected by this b/c I have a business license, but here and in various forums over the last year I’ve seen a lot of frustration because of it.

    Now if only they’d fix the damned “fill out this form every time” silliness — if Firefox didn’t auto-complete it for me, I might have given up a long time ago 😉

    • Hhaha. Yea indeed their form. I never understood its purpose especially for that to download new OS

  2. Finally, when I read that guy Jamie’s blog post about complicated it was to try to develop apps for a blackberry the one part about his whole rant that I thought he was exagerating was the notorised documents. I thought he was just trying to exagerate to put a bit of humour….

  3. Ive never made or submitted an app, but this is probably a step in the right direction.

  4. In order to issue trusted certificates, identities must be validated by a third party. Certificates are only as good as the validation of the authenticity of the individual’s identity — in other words, one needs to ensure that the user’s identity is authentic through a stringent validation process. Getting a notarized letter is a headache, but it does suit its purpose. It’s only required once.

    Ronen, this decision does significantly weaken the security of all BlackBerrys as “untrusted” developers can now submit poisoned apps into AppWorld. I am quite surprised that RIM bent over because of one first-time BlackBerry developer’s rant.

    Scanned copies are quite easy to tamper with.

    • In security controls the burden of the control can not be more than the security it provides. All the notirized form did was prove you are who you say you are. Not that you are trustworthy in any way.

      • Bottom line is that people are more likely to be honest when their identity is known and can be verified. In the virtual world, we see many, many examples of what can happen when identities are obscure & unknown.

        For example, people don’t spam you using their own real email addresses, and hackers definitely don’t want to be traced! Someone won’t likely rob a bank with their name and phone number inked on their t-shirt. Well, maybe some real loser will, but that’s another story :)

        Indeed, a notarized form uses a trusted third party in your community to “guarantee” your identity. This is a most vital part of any public key infrastructure (PKI), and the confidence in entire PKI is hinged on knowing exactly who is using the signed and issued certificates.

        • Now you just realized the flaw in this security measure Joe. RIM did NOT require a notarized proof of identity for code signing. They only required it for becoming an App World Vendor. In other words it does nothing beyond certify that the developer who registered to sell on app world is probably who he says he is.

          So in short RIM has really very little need to protect themselves from App World vendors. The money flows through RIM or their intermediaries and they can always cut off the flow the second they see an issue. requiring non-repudiation for a marketplace would be like eBay requiring notarized proof of identity for all their sellers. You know why they don’t? Because it would just turn off potential sellers who will search for other markets.

          • Yes, I recognized this flaw but it allowed me some confidence that if code exists on App World, it is more trusted than directly from some website or some other app store.

            Don’t get me wrong, I fully appreciate the decision by RIM and your support for that decision. It doesn’t mean I agree with it, but I recognize that RIM needs every bit of help they can in attracting developers.

            I just wish they could have found some other means of softening the blow to developers while maintaining that strong level of security. It is what defines RIM and distinguishes them from Apple & Google. It’s what will matter in the long run when smartphones are being targetted by hackers.

            That tidal wave is coming… Smartphones will soon outnumber home PCs.

            • What they could do is clean up the crud in App World like the dating scene in the reviews and quality controlling the apps at the very least. RIM also knows what API’s are accessed by an app when they test them. It would be nice if they did something like Google and said “this app wants access to etc, etc, etc…”

              • I support any tools or strategies that will enhance the individual’s ability to monitor exactly what privileges are being granted. Your identity is yours to protect!

                Ronen, you likely know this, but I’ll re-iterate for the average reader. BlackBerry has permissions for every app, broken down by Connections, Interactions, and User Data. I can deny, allow, and sometimes prompt for each of the 20-odd permissions such as access to Bluetooth or access to user files.

                There are tabs on the top for two other sets of permissions: MIDP (Mobile Information Device Profile) groups & MIDP JSRs. If you don’t understand those, be careful with them. Nevertheless, if you do mess up the permissions, you can always re-install your app to return to the default permissions.

                If you haven’t yet explored this feature, check out the Options app. Tap on Applications, select and app, and tap on Edit Permissions.

                Each app can be restricted to only do what you need it to; however, some poorly written apps will only work if you give them full permissions. One can avoid those apps if they are super paranoid.

                Most of the time, I will avoid such apps. If the developer won’t give me a choice to protect my personal files, then I’ll find someone else’s product to use.

                Don’t just go with the default permissions. Be willing to edit them as necessary to protect your personal data.

                Identity theft is skyrocketing, and with all the up & coming cool apps where we can use our BlackBerrys for transfering funds or making payment, I feel the need to step very carefully into that world.

                Increasingly, the smartphone is becoming an extension of you and your identity… more so than the PC ever was, because home PCs are often used by a number of persons in the household.

                Security blunders are very difficult to fix after the fact, and we know that victims of identity theft have a certain stigma that will hang over them for the rest of their lives. They live in constant fear that someone else will impersonate them and they’ll have to go through that ordeal all over again.

                The FBI carefully monitors many websites around the world that pedal people’s personal identities for a price. Sad, but true.

    • Hi Joe257,

      Alex from RIM here. We’ve heard from the broader developer community that the requirement for a notarized document has been a challenge for developers. By introducing the option to submit a copy of government-issued ID, we’re aiming to expedite the approval process while maintaining a pool of trusted developers.

      We look forward to rolling out more improvements for BlackBerry developers over the next little while. Stay tuned to our Inside BlackBerry Developer’s Blog for the latest info (http://bbry.lv/bsbpYQ).

      Cheers,

      Alex, RIM social media team

      • Kudos Alex. We need a Pink Floyd visual of “Tear Down The Wall” for BlackBerry development. Keep up the good work!

      • Thanks, Alex, but I’d like to figure out how you are short-circuiting the security process in order to expedite the approvals “…while maintaining a pool of trusted developers.”

        That pool may now be contaminated. It only takes one, and you’re now trusting the individual to tell you who they are… or who they want to be!

        Good thing that BES administrators can restrict what apps can be installed on their devices.

        I guess nothing is perfect :( Like any solid business, RIM needs to make money by attracting developers to their platform. So, I look forward to seeing what else RIM plans to do to encouraging & improving the plight of BlackBerry development over the next little while.

        • Hi Joe 257,

          We’ve actually expanded the ways a developer proves their identity to include government issued IDs and the existing notary form. For many developers in emerging markets, the notary costs far exceed what we would see in the US or Canada – and it is an impediment for new developers on BlackBerry.

          As for security, we still verify that the data on the government issued ID matches the data provided by the developer when they register – and if there are any concerns, we work with the developer to ensure they are who they say they are.

          Thanks,

          Alex, RIM Social Media Team

  5. Oops, that should be “peddle” not “pedal”. I must be tired :)

BlackBerry© is a registered Trademark of BlackBerry Limited. BerryReview is in no way affiliated with BlackBerry Limited though sometimes their lawyers send us love letters...

Copyright © 2007-‘2016’ BerryReview LLC