Deploying to Personal Android and iOS Devices Using Mobile App Management (MAM)

Platform Requirements

iOS, Android

Devices must not be enrolled in BES UEM.
Devices must be on an OS version supported by Lookout for Work.

See What are the Lookout Supported Platforms and Languages? for supported versions.
Lookout for Work 6.1 or higher.
The MAM deployment path uses Lookout to secure BlackBerry Dynamics apps on personally owned devices. UEM cannot restrict those devices through MDM-based mechanisms such as compliance policies.

A user activates a BB Dynamics app on their device using the UEM access key.
UEM adds the device and assigns it an MDM ID.
Lookout collects this MDM ID, the user's email, and the phone type.
Lookout creates a "Pending" device entry in the Lookout MES Console and sends the user an enrollment email with a personalized activation code.
Lookout communicates the "Pending" state to UEM, which moves the device to the Lookout MES - Pending user group.
Lookout sends a BLOCK command to the BB Dynamics apps on the device to lock them until the user activates Lookout for Work.
Upon activation, Lookout for Work communicates the "Activated" state to the Lookout MES Console and UEM, which moves the device out of the Lookout MES - Pending user group.
Lookout sends an UNBLOCK command to BB Dynamics apps, and the user regains access to them.

If a user does not activate Lookout for Work, attempting to open any BB Dynamics app displays a customizable message similar to "This app has been blocked because Lookout has not been activated on the device. Open Lookout and activate it."

Once a user has activated, Lookout sends a BLOCK command to BB Dynamic Apps whenever a device has a non-compliant security state (Disconnected, Deactivated, Threat Present).