We are developing an Banking Mobile application using MobileFirst Platform Foundation 7.1 which should be much secured.
I implemented the normal IBM MobileFirst push notification in our application. Now client requirement is that to send some secured information to the customer as notification, hence want to send secured or encrypted push notification messages to the mobile client from MobileFirst server through GCM or APNS.
Is there any built-in MobileFirst API available to fulfill the requirement?
GCM and APNS push notifications are encrypted in transit using TLS, but the MobileFirst Platform doesn't provide an API to do end-to-end encryption of push notifications (i.e., to encrypt the actual notification payload, which would then need to be decrypted by the app).
If you wish to have this type of functionality in your application, you would need to implement the payload encryption/decryption yourself, using whatever type of encryption meets your needs.
If you think the product should provide an API to do this type of function, you should open a Request For Enhancement describing what you would suggest that the product should do, and your use case, so that the product managers can consider it.
Related
I want to send push notifications from my PBX/SIP-Server (FreePBX 15/Asterisk 17)
to sip client apps that provide 'pn-provider', 'pn-param' and 'pn-prid' URI Parameters as specified in rfc8599/draft-ietf-sipcore-sip-push-29 during REGISTER sip request, e.g.
xyz#1xx.1xx.2xx.198:9926;transport=TLS;pn-provider=fcm;pn-param=com.mizuvoip.mizudroid.app;pn-prid=dcrpn1TbEW0:APA91bGgK3RV-s7AX-U2...HLoQL1UNgom
What I haven't managed/do NOT understand so far is how to successfully create a push notification with the device token in 'pn-prid' submitted by the sip client app (NOTE: This is a 3rd party(!) app, for which I neither possess a SenderID nor a ServerKey from its linked Firebase project. In my case, I use and tried before with MizuDroid sip client APP for Android.)
Attempts to send a PUSH notification via FCM HTTP REST API using a ServerKey from a Firebase project I have registered before all resulted in
{"multicast_id":2435751791125788205,"success":0,"failure":1,"canonical_ids":0,"results":[{"error":"MismatchSenderId"}]}
My questions are:
Is it possible to send FCM PUSH notifications to 3rd party(!) apps from which you have already obtained a device token (here: in 'pn-prid' URI parameter)
If answer 1 is yes: What FCM API do I need to use, what data do I need to submit for the purpose and what are the further prerequisites
We are developing an Banking Mobile application using MobileFirst V7.1 which should be much secured. I implemented the normal IBM MobileFirst push notification in our application.
Following are the requirements from the client:
1) To send some sensitive information to the customer as notification, hence want to send secured or encrypted push notification messages to the mobile client from MobileFirst server through GCM or APNS. Is there any built-in Worklight/MobileFirst API available to fullfill the requiremnt, Can anyone please help me in suggesting some solution to fullfill this requirement. It will be very greatful if some one give me solutions for this.
2) Also Client requirement is to send platform specific notification, some push notification to be send only to Iphone and some specific notification only to Android devices. Is there any option in the SubmitNotification() method to send platform specific push notifications.
3) Currenly we are providing a url "http://IPAddress:8080/invoke?adapter=ADAPTER_NAME&procedure=PROCEDURE_NAME¶meters=[PARAMETER1,PAREMETER2,...]" to the web service team to hit this URL to send the push notifications. Currently this URL is public any anyone who knows the URL can execute or hit the URL and send the notification. I need to protect this URL where no unknown resource or unauthorised person should access the URL. If some tries to hit/access the URL, it should ask for the credentials and the URL should be secured as we are dealing with Banking application everything should be secured hence the push notification URL should be secure. Can anyone please tell me how to implement this.
Thanks in advance
Karthik
Your first question has already been previously answered; don't duplicate your own questions: secured or encrypted push notification messages from MobileFirst server
For your second question, send separate notifications. Once for APNS and once for GCM... and you should use the submitMessage API instead. See here: http://www.ibm.com/support/knowledgecenter/SSHS8R_7.1.0/com.ibm.worklight.apiref.doc/html/refjavascript-server/html/WL.Server.html#sendMessage
Your third question should be directed at your own IT Security team, because this is something that you need to do in your organization. Your IT team should know how to protect internal resources with your firewall settings, to not allow incoming connections from the public internet, but only internal connections from your organization network.
Not finding anything here:
https://console.ng.bluemix.net/docs/services/mobilepush/index.html
I'm looking for a web console for sending messages to apps - similar to what is offered by UrbanAirship and Parse (rest its soul).
Yes the IBM Push Notification service has a Push Dashboard where you can author messages, customize the notification payload, specify the target audience and send notifications to both iOS and Android in both Production and Sandbox modes.
Here's a screenshot of the Push Dashboard:
The docs go into it a bit here: https://console.ng.bluemix.net/docs/services/mobilepush/enablepush_ios.html#t_push_send
To access it you'll just need to create a Bluemix application using the MobileFirst Services Starter Boilerplate, and then navigate to the IBM Push Notifications instance from your application dashboard at which point you will be prompted to provide your .p12 certificate and/or GCM credentials.
The idea of using the push notifications is only to have a notification mechanism that will send a notification when there is a new message waiting to download from the backend service: all the notifications are of the same type e.g. "refresh messages from the server" (the same for Android and iOS).
Are there any limits for the Apple/Google push notifications services?
Assuming that my application will handle more that 100k active users (or even 1M or more users) - would there be any problem with the Apple Push Notifications or GCM services?
If using the push notifications for such a service is not a good idea then what is other solution that could be used for mobile chat applications?
Don't forget that on iOS user may forbid sending notifications, so your app won't receive any even in foreground. Thus, you need to implement your own push mechanism.
Need for push notifications
Especially on iOS you don't have a choice but to use their push notifications service APNS. There is no other way to receive notifications immediately because iOS may kill or neglect the TCP connections of your background app.
On Android it seems possible to use your own background TCP connection to avoid having to use push notifications. But you may still consider the use of the push notifications through GCM for the sake of improved battery usage.
Pricing
Neither APNS (iOS) nor GCM (Android) charge you for the service and you are allowed to send an unlimited number of messages.
Limitations and Requirements
Both services will delete message, when there are too many messages accumulated in the queue for an offline device - which makes sense because there is no point in delivering those messages hours later. You have to take that in to account, when writing your app (just do a poll when going back online).
Depending on the app you are writing, there may also be privacy concerns. Even if you encrypt the message itself, at least Apple/Google know when a notification is sent to a certain device, which may be a deal-breaker for certain high-security applications.
You will also need a server that is able to communicate to both APNS and GCM. There are open source solutions for that (e.g. easyApns for iOS and python-gcm for Android), but how easy their integration is depends on your server and the language it is written in.
This link says Configure Worklight to use the correct credentials for sending push notifications.
That sentence is not talking about a Worklight license.
In order to send push notifications you need credentials from the vendor from which the notifications will be sent.
In the case of Google, those will be the GCM key and project number.
In the case of Apple, you'll need to supply a certificate and its password.
Please follow up-to-date guides instead of articles from 2013...
To familiarize yourself with push notification in MobileFirst Platform/Worklight, read the Getting Started tutorials: https://developer.ibm.com/mobilefirstplatform/documentation/getting-started-7-0/notifications/
How to setup your Apple Developer account and the push certificate is unrelated to Worklight/MFP. You can find many guides on the web (that are more up to date) explaining how you can do that.