Using the JSON file will provide the API_KEY and other fragile infromations in a readable format (enyone can decompile the app with a simple tool).
I can't imagine that this is Googles way to implement GCM because it is not secure. There is no way to hide or encrypt it (which is needed).
Please take a look at this thread (post #3): http://stackoverflow.com/questions/31597953/what-does-google-services-json-really-do
To me it seems that the json file is just a "quick helper" and not really needed (please feel free to correct my statement here).
Questions:
1. Is it a design thing of the GCM library to use the json? Can it be modified?
2. Is there another way (relating to a lot of Google search results they just talk about how to hide the key which puts me into the direction that there is a way because they have control over the key.
PS: I can't imagine that Google is that stupid to include all the keys "hardcoded".
I can't imagine that this is Googles way to implement GCM because it is not secure. There is no way to hide or encrypt it (which is needed).
Please take a look at this thread (post #3): http://stackoverflow.com/questions/31597953/what-does-google-services-json-really-do
To me it seems that the json file is just a "quick helper" and not really needed (please feel free to correct my statement here).
Questions:
1. Is it a design thing of the GCM library to use the json? Can it be modified?
2. Is there another way (relating to a lot of Google search results they just talk about how to hide the key which puts me into the direction that there is a way because they have control over the key.
PS: I can't imagine that Google is that stupid to include all the keys "hardcoded".
