Expand description
§Push Notification Enhancements
Enterprise-grade secure push notifications to address:
- Risk #14: OTP delivered over insecure push channels
- Risk #22: Push approval without contextual info
§Features
- No OTP in Payload: Only notification IDs/challenge numbers
- End-to-End Encryption: Encrypted push payloads
- Rich Context: Device, location, IP, timestamp, app info
- Number Matching: Display number in app, user enters in push
- Activity Summary: Recent account activity
- TLS Client Auth: Certificate-based push client auth
- Payload Encryption: AES-256-GCM encryption
- Secure Delivery: No sensitive data in transit
Structs§
- Activity
Summary - Recent activity summary
- Device
Info - Device information
- Encrypted
Push Payload - Encrypted push payload (what goes over the wire)
- InMemory
Push Storage - In-memory storage for testing
- Location
Info - Location information
- Push
Challenge - Push challenge (for authentication)
- Push
Context - Push context (rich information)
- Push
Notification Config - Push notification configuration
- Push
Notification Content - Push notification content (what user sees)
- Push
Notification Manager - Push notification manager
Enums§
- Delivery
Status - Push delivery status
- Device
Platform - Device platform for push
- Push
Error - Errors that can occur during push operations
- Push
Provider - Push notification provider
- Push
Response - Push response
Traits§
- Push
Challenge Storage - Storage trait for push challenges
- Push
Notification Provider - Push notification provider trait