encrypted push notification messages to be pushed from MobileFirst server to mobile - encryption

We are developing an Banking Mobile application using MobileFirst V7.1 which should be much secured. I implemented the normal IBM MobileFirst push notification in our application.
Following are the requirements from the client:
1) To send some sensitive information to the customer as notification, hence want to send secured or encrypted push notification messages to the mobile client from MobileFirst server through GCM or APNS. Is there any built-in Worklight/MobileFirst API available to fullfill the requiremnt, Can anyone please help me in suggesting some solution to fullfill this requirement. It will be very greatful if some one give me solutions for this.
2) Also Client requirement is to send platform specific notification, some push notification to be send only to Iphone and some specific notification only to Android devices. Is there any option in the SubmitNotification() method to send platform specific push notifications.
3) Currenly we are providing a url "http://IPAddress:8080/invoke?adapter=ADAPTER_NAME&procedure=PROCEDURE_NAME&parameters=[PARAMETER1,PAREMETER2,...]" to the web service team to hit this URL to send the push notifications. Currently this URL is public any anyone who knows the URL can execute or hit the URL and send the notification. I need to protect this URL where no unknown resource or unauthorised person should access the URL. If some tries to hit/access the URL, it should ask for the credentials and the URL should be secured as we are dealing with Banking application everything should be secured hence the push notification URL should be secure. Can anyone please tell me how to implement this.
Thanks in advance
Karthik

Your first question has already been previously answered; don't duplicate your own questions: secured or encrypted push notification messages from MobileFirst server
For your second question, send separate notifications. Once for APNS and once for GCM... and you should use the submitMessage API instead. See here: http://www.ibm.com/support/knowledgecenter/SSHS8R_7.1.0/com.ibm.worklight.apiref.doc/html/refjavascript-server/html/WL.Server.html#sendMessage
Your third question should be directed at your own IT Security team, because this is something that you need to do in your organization. Your IT team should know how to protect internal resources with your firewall settings, to not allow incoming connections from the public internet, but only internal connections from your organization network.

Related

How to Test FCM Data Push Notifications Delivery?

I have an Azure Web Service which is using an Azure Notification Hub to push data notifications using FCM via Firebase to a Xamarin Android App. Initially the app is getting a token which is posted to the web service. The web service then sends it with the data to the notification hub which is sending it to Firebase. The response back from the hub is indicating a successful transfer it seems from the notification properties and the ReqID property. But the notification is not reaching the app. Is there a way to see individual notifications' status on the Firebase site? Currently I don't see anything under the "Cloud" report for Data.
[
Thanks for asking question! One of the notification failure point could be when sending it from FCM to user device. To confirm this, you may try getting a delivery receipt from FCM.
You may refer to this article Receive delivery receipts. It says for Android and Chrome client apps, you can get delivery receipts which can be sent from FCM to your app server. To enable this feature, the message your app server sends to FCM must include the field delivery_receipt_requested. When this field is set to true, FCM sends a delivery receipt when a device confirms that it received a particular message. Also check for firewall on the user's network.

How can i push message while client not visit my site?

I use serviceWorker to push client desktop notification. Clients receive message if they visit my site, how can Clients not visit can still receive the message(like onesignal.com)?
Clients/Users don't have to be on your site to receive notification.
But your client/user has to accept the notification request in your site at first, so you save the subscription object in your database and later you use that user subscription data to send notification to your client/user at any time using library like Web Push API.
If you need anything in particular, please be specific.

Send Parse Push Notifications with ASP.net

I have developed an android application with the Parse push notification service and I can send notification from the Parse website.
How can I send push notifications through my own website using ASP.net? Is there any way?
I checked the Parse documentation but i get confused, I would really appreciate it if someone would help me.
Thanks
I ran into similar confusion. I wasn't even sure how to properly setup the user so that I could send a push notification directly to them. Then I found the following post:
Channels and Targeted Push Notifications
Note the last item under the Channels heading:
Most apps might find it useful to have a channel for each user so that
they can send messages to a user across all their devices and have
users follow others in the app.
So, now I know that I should subscribe each user to a channel that uniquely identifies the user (e.g., the 'bobsmith#foo.org' channel).
After I have subscribed the user to their channel, I can call Parse's REST API via my ASP.NET application. See Sending Pushes in the Parse REST API Developers Guide.
For an ASP.NET/C# example of how to submit a push notification check out this answer.

Can I register devices from a backend or only from the apps?

the thing is that we already have a backend that handles all the push notification process. From device registration on our DB and notification handling on the device and notification sending to Apple and Google servers...Looking into Parse I saw that it has a lot of things that will take us a lot of time to develop but mostly on the process that sends the notification to the devices.
So...I need to know if devices can register in our backend, then from our backend to Parse and then send push trough Parse. Is this possible? Image below.
Thanks!!
Yes this is possible. You'll need setup your push certificates with Parse and register each device's push token with a Parse Installation object's deviceToken field for it to work. All this is documented on their web site. You'll need to setup a Parse User object for each user as well as each Installation is associated with a single User.

apns service conformation procedure

once i submitted app to app store by enabling push notifications for that particular app id and i generated the certificate fro production and i saved in my server.
now i want to test my push notifications are working or not,now my doubt is if i use the same bundle id for my another project and keeping the same certificate which i generated for production apns on my server. if i send notifications now to that certificate will notifications work or won't work. i was confused totally after having lot of discussion with my friend.
in my point of view they won't work,but i am unable to clarify him clearly,let me know what is process once we send a notification to apple server by using particular certificate. whether it looks fro bundle identifiers or any thing
thankyou......
The process of push notification is that your server send message with the attachment of device token you added in the server end.
On apple server apple fetch the device token and send the message to the device token you send.
Now when the message received in iPhone, iphone check the bundle identifier that was registered with the certificate you have created at server level while enabling push notification.
And if that identifier matches with any of the app you have in your iPhone whether it`s the same app you have registered your push or other. It will only check the bundle identifier and show the notification on your device.
Now both the production and developer certificates are different so it will not show the notification if you are sending push from certificates generated with developer mode and checking on production application.
Regards
Abhishek Goyal

Resources