Firebase security and hash

Question

I have an iOS app and I'm using Firebase as my database. I know a little about Firebase rules for saving data but i don't have users in my app so i just want to know -

Does Firebase encrypt or hash or secure the transaction between my app and the database? I don't want some hacker to just easily intercept my call to Firebase and change something and my database will be updated with the wrong information.

Anybody knows the answer to that or how to do that if Firebase doesn't do it automatically?

Thank you

Answer 1

Traffic between your app and the Firebase database always goes over HTTPS, so in general is quite well secured.

But if you don't use authentication and security rules in your app, all a malicious user has to know is the URL of your database (https://yourapp.firebaseio.com) to be able to wreak havoc. This is the nature of a cloud-hosted service: since every client needs to have access to the service, you have to assume malicious users will also have access to the service.

For more on this, see:

• How to prevent other access to my firebase
• How to make firebase storage only available to users of the app
• Swift: Firebase: How to ensure no one can access my db except my app