How is WhatsApp sending end-to-end encrypted messages in push notifications?
WhatsApp could be using VOIP background mode along with PushKit for solving this problem.
Voip pushes are:
- delivered directly to the app.
- considered high-priority notifications and are delivered without delay.
- delivered even if the app was force-quit by the user.
For details refer to Voice Over IP (VoIP) Best Practices
Once the encrypted payload of VOIP push is decrypted they show a “Local Notification” with the decrypted message.
There is one small issue though, PushKit is available only on iOS 8 and later. So, how is Whatsapp doing it for earlier versions of iOS? Well, it isn’t. They don’t allow you to see message preview in notifications on versions earlier that iOS 8 (Verified it on iOS 7, see screenshot)
What you call Push Notifications
(the ones you see in your notification center) are not exactly the same thing as Remote Notifications
(the ones sent via APNs).
On Android the two are totally different. First one is called Notification, the second one is called Message or Downstream Message
.
But back on iOS the application can generate Local Notifications that will show in your notification center. These don't need to be triggered by any remote notification, it's up to the logic in the app to do it and iOS apps do have the possibility to perform background tasks and sync that can generate these notifications.
Since iOS7, an iOS application can also perform HTTP operations in background for unlimited time (because the application is delegating the network transfer to the system, that will awake the app for a limited amount of time when the transfer is finished).
Remote Notifications, on the other hand, were first designed to send a push directly for APN to the user. But Apple realized the need for developers to send push notifications to their application rather than to the notification center and added a silent flag to Remote Notifications so that the server can send a notification to wake the application without disturbing the user. The application will then perform some synchronization and logic and decide itself to create Local Notications or not (that will show in the notification center).
Besides, Remote Notifications' payload suffered a limit of 256 bytes until recently, which forced many developers to use these notifications as a Push-to-sync message rather than as a data channel.
If you understand me well, then you understand that Whatsapp does not need to send the message payload in the Remote Notifications using APNs.