Push has existed as a core capability in mobile application development for many years. The capabilities that exist within push and the use cases it solves often depends on each mobile platform. Apple’s push technology is known as APNs (Apple Push Notification service) and on Android there is a migration underway from GCM (Google Cloud Messaging) to FCM (Firebase Cloud Messaging). With both iOS and Android originating with a consumer focus it is understandable that their push platforms have not been focused on enterprise level security that some of you may be used to if coming from BBOS or BlackBerry 10.
With our clients focused on building great BlackBerry Dynamics applications, the question often comes up as to how we recommend implementing push in a BlackBerry Dynamics iOS or Android application. The good news is if you know how to integrate the native push capabilities into your iOS and Android applications, then you likely already know the best way to integrate it with your BlackBerry Dynamics application.
Some of you may recall seeing a push API in the BlackBerry Dynamics SDK and be confused about my above response. You would be correct, there is a push channel capability in the BlackBerry Dynamics API. This capability is separate from the native platform push and requires that the application be in the foreground in order to receive push payloads. For an enterprise application that implements something like a stock ticker where you need the most recent data and you only need it when the application is in the foreground this API may be what you need. Otherwise the recommendation is to use the native platform push capabilities.
So how can you leverage these native push technologies provided by Apple and Google with the enterprise security capabilities of BlackBerry Dynamics? For any sort of sensitive data, we recommend a solution we usually refer to as push-pull. You would implement the push capabilities in your application just as you would with a non-BlackBerry Dynamics application. However, when designing your push payload, we recommend you push a token down to the application. This token should not contain any sensitive data. Instead it should have data that when passed to a back-end web service can be used to fetch, or pull, the sensitive payload data.
So, the flow would be
- Push initiator pushes a token to the BlackBerry Dynamics application
- When the BlackBerry Dynamics application receives the push payload containing a token, it takes this value and makes a BlackBerry Dynamics secured call to an associated web service passing the token
- The web service uses the token to determine the associated sensitive payload and returns this data securely to the BlackBerry Dynamics application
Since native push capability is supported for iOS and Android native development as well as Cordova and Xamarin, this solution works with any of the BlackBerry Dynamics SDKs. This leverages the best of both worlds as you get to take advantage of the native push capabilities, with its OS level integration, and the power of BlackBerry Dynamics to build great secure enterprise applications.
Please note if you are leveraging BlackBerry Connectivity via UEM with Android for Work, Samsung KNOX, or iOS Native, this is also the recommended implementation for leveraging push in your enterprise applications.
For more developer resources or to get started on any of our platforms, please visit the BlackBerry Developer Community website.