Does anyone know if Google or Apple record and store the contents of notifications given to people? I feel this could be a potential area that exposes private info such as when a transaction is received as it states the amount of crypto received or sent.
Does Google store the contents of notifications?
5 Likes
That is a good question! Would love to see if anyone knows.
I did see a post about adding the app to some sort of non-tracked version of the play store, but i honestly would know (i dont even use a phone myself only
vms)
7 Likes
But I don’t think Google does all this because Google never interferes in any personal matter.
4 Likes
This a good question. What I know is when you use a degoogled phone without google services, push notifications are not working for services and messenger. Many people use Micro G as a workaround. So there is definitively a communication with the Google / Apple servers in the background.
6 Likes
Your right about that Sato.
We should avoid any use or connection with google and also apple! The sooner we have a desktop version the better! I am running the app on Bliss,(a version of open android)
We are supposed to be Incognito! Aren’t we?
2 Likes
Exactly. I also use a de-googled phone: LineageOS.
3 Likes
Great choice 
1 Like
But speaking of which, this forum has google-analytics trackers :\ which of course if block.
2 Likes
I also block it. For a privacy project we use a lot of trackers and other google services. Hope this will be fixed as well on the long run.
2 Likes
I’m also using a de-googled phone. It would be nice to get notifications so I don’t have to keep checking the app when I’m anxiously awaiting a trade.
1 Like
Does anyone here know how to use Micro G? I pulled up the app on my phone and it has options like “connect to a google account” I don’t think I want to do that. Does micro G work without connecting to google?
Interesting. Another thing I was wondering about lately is Google authenticate. And a fact that a lot dexes and privacy oriented sites use it. Usually when you link your code with an account, it labels it with name of website it belongs to together with an email you used to open the account. So I presume that Google now can link it to your phone number. But I don’t know…
1 Like
FCM (firebase cloud messaging aka. google push notifications) is not e2e encrypted, but can be. I quickly browsed https://github.com/incognitochain/incognito-wallet and it looks like the app doesn’t decrypt push messages, so google might have access to the content (I might be wrong though).
However, FCM device tokens are generated on-demand, per device and anonymised, so google doesn’t know who the messages are going to, but also not impossible to track.
@duc it might be a good idea to start generating encryption keys in addition to the FCM device tokens when the app first registers with the backend, that way the push content can be e2e encrypted per user. I would be happy to help with the implementation, however I’m not sure if the backend code is open source.
1 Like
Hey @adrian and others,
This is a reasonable concern as tracking personal user info is against the project intention we’re building here and it’s an interesting problem to discuss and solve. I just added this to our backlog and revisit it soon. We made a few mistakes in the past with using GA for user analytics, enabling google captcha, etc so will try to avoid this sort of privacy violation as much as possible.
By the way, I personally encounter a problem with WalletConnect’s bridge server unreliability while working on the decentralized eth/erc20 shielding process. If you guys have any experience with it, I would be really appreciated your help.
Here’s an overview of their practices as of my last update in April 2023:
- Google (Android): Android devices, which use Google’s operating system, do have the capability to log notifications. However, whether Google actively records and stores these notifications is not explicitly stated in their privacy policies. Android provides APIs that allow apps to access notifications, but this typically requires explicit user permission. Google’s overarching privacy policy does state that they collect information about the services that you use and how you use them, but it’s not clear if this extends to the contents of notifications.
- Apple (iOS): Apple is known for its strong stance on user privacy. According to their privacy policy, Apple does not actively record or store the contents of notifications on iOS devices. iOS is designed to process as much information on the device itself rather than sending it to the cloud. However, if you use iCloud, certain data (like your iMessages) may be stored on Apple’s servers, but this does not explicitly include notification content.
Regarding notifications for transactions, especially for cryptocurrencies, it’s important to note a few things:
- Notification Content: Notifications for transactions, such as those from banking apps or cryptocurrency wallets, typically display information like the amount received or sent. This information could potentially be accessed by other apps on your device if you have given them permission to view your notifications.
- Privacy Settings: Both Android and iOS allow users to manage their notification settings. This includes the ability to disable notifications for certain apps or to limit the details shown in notifications on the lock screen.
- Third-Party Apps: If you are using a third-party app for managing cryptocurrencies, it’s crucial to review the app’s privacy policy to understand how they handle notification data and other sensitive information.