Reputation: 11698
I'm starting my way with Android GCM Framework..
It's actually pretty nice and easy to implement but one important question:
The data i'm transferring is not sensitive, but yet i don't want it be available from everyone..
Is this encrypted some how ? or should i encrypt my messages ?
I know that in basic its a notification service - but i'm sending short messages so its important to me to understand how these messages are passing by Google,
Thanks !
Upvotes: 7
Views: 2822
Reputation: 1
Message payload encryption/decryption is something that you would have to do on your service and client app side. That way anything that passes through GCM is safe, Google won't be able to see what's inside.
However, keep in mind that decryption in client app can be costly process - you would need to wake up the app and decrypt, which will cost you some battery.
Upvotes: 0
Reputation: 1007659
Is this encrypted some how ?
Google uses encryption over the air, between your server and theirs (SSL) and between their server and the device. Hence, the only systems that have access to the GCM message data are:
should i encrypt my messages ?
That would depend upon whether or not you trust Google, and what the nature of your message payload is. For example, if the message payload cannot be directly used by Google (e.g., it is simply a flag telling your app to sync using your normal Web service protocol), then encryption is perhaps not necessary.
Upvotes: 9