skip to Main Content

I have an android application that is associated with a JSON files in cpanel , I thought that I can protect my files by setting a password to the directories but then I realised that these JSON data can be easialy catched by following http stream using WireShark , I would like to know how can I make these data unreadable by these network packet analyzer tools ?

I am using an http request & Volley Library to connect between my app and the server.

2

Answers


  1. The simplest would be to turn your json into a stateless https API. Get an SSL certificate and make all your calls to your service through https and then set up something like a token or API key to access the data.

    Login or Signup to reply.
  2. To make sure your connection is secured and there is no way someone can sniffer your network. There are some steps that have to be done from server side and from the client side.

    From the server side, you need to make sure your server is secured with SSL valid certificate.

    From the client side, you need to make sure you are performing all your calls over https. Also, you need to enable public key pinning which will prevent a breach of the apps secure channel by man-in-the-middle attacks.

    more info: https://developer.android.com/training/articles/security-ssl.html
    https://medium.com/@appmattus/android-security-ssl-pinning-1db8acb6621e

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search