Firebase Cloud Messaging

Firebase Cloud Messaging (FCM) is part of the Firebase platform, which is a cloud service model that automates backend development or a Backend-as-a-service (BaaS). After the Firebase company was acquired by Google in 2014, some Firebase platform products or technologies were integrated with Google’s existing services. Google’s mobile notification service Google Cloud Messaging (GCM) was replaced by FCM in 2016. On April 10, 2018, GCM was removed by Google and on May 29, 2019, the GCM server and client API were deprecated. FCM has become the replacement for GCM. However, FCM is compatible with existing Google Software Development Kits (SDK). Firebase Cloud Messaging is a cross-platform messaging service on which the user can deliver messages without cost. FCM is compatible with various platforms including Android and iOS. Google launched support for web applications on October 17, 2016 including mobile web application. On FCM, third party application developers can send push notifications and messages via an application programming interface (API) to end users. After users enable consent to receive push notifications, users are able to receive real time information or data for syncing. ==Development==

FCM inherits the core infrastructure of GCM, however, it simplifies the development of the client side. GCM and FCM offer encryption, push notification and messaging, native Android and iOS SDK support. Both require a third-party entity between the client application and the trusted environment which may create delays in the communication path between the mobile terminal and application server. FCM supports server protocols HTTP and XMPP which are identical to GCM protocols. Developers are not required to write individual registrations or subscripting retrying login in the client application. FCM and GCM handle messages through the same instructions, however, instead of GCM connection servers, messages are passed through FCM servers. The FCM Software Development Kit (SDK) excludes writing individual registration or subscription retry logic for a shortened client development process. The FCM SDK provides a new notification solution allowing developers to use the serverless Firebase Notifications on a web console, based on Firebase Analytics insights. FCM enables unlimited upstream and downstream messages to be sent. == Key capabilities ==

Firebase Cloud Messaging has three main capabilities. The first capability is that FCM allows the user to receive notification messages or data messages which can be deciphered by the application code. The second capability is message targeting. Messages are able to be sent to the client application through different methods; from the FCM platform to individual devices, specified device groups or devices which are subscribed to particular topic domains. The third key capability is the connection channel from client applications to the server. FCM allows messages of various types to be sent from selected devices or client apps via the FCM channel. ==Technical details==

Firebase Cloud Messaging sends notifications and messages to devices which have installed specific Firebase-enabled apps. Adding support for FCM to an application requires multiple steps: add support to the Android Studio project, obtain registration tokens and implement handlers to identify message notifications. The message notifications can be sent via the Firebase console with a select user segmentation option. FCM architecture The FCM Architecture includes three components: FCM connection server, a Trusted environment with an application server based on HTTP or XMPP and cloud functionality, and a Client application. Sending and receiving messages require a secured environment or server to build, direct and send messages, and an iOS, Android or web client application to receive messages. There are two types of messages developers can send with FCM; notification messages and data messages. Notification messages are messages displayed on the device by FCM and are automatically managed by the FCM SDK. Data messages are processed by the client application. Therefore, Notification messages are used when the developer requires FCM to handle the notification display for the client applications. Data messages will be used when the developer requires the messages to be processed on the client application. FCM can deliver target messages to applications via three methods: to a single device, to a device group or to devices which are subscribed to topics. Developers build and send targeted messages to a select group of users on the ‘Notification composer.’ Implementation The implementation process has two key components. First, a secure environment to send and receive messages is required for FCM or other application servers to facilitate message transaction. Second, a client application of possible types, iOS, Android or web (javaScript), which is also compatible with the selected platform service is needed. The implementation path for FCM is initiated with the FCM SDK setup following the instructions prescribed for the decided platform. Following setup, the client application must be developed. On the client app, add message handling, topic subscription logic and other required features. During this step, test messages can also be sent from the Notifications composer. The application server is developed next to build the sending logic. The base server environment is created without code. ==Additional features and tools==

Analytics Firebase offers free and unrestricted analytics tools to assist the user gain insights into the 'ad click' & 'application usage' of end customers. In conjunction with other Firebase features, Firebase Analytics allows the user to explore and use on a range of functionalities such as click-through rates to app crashes. Firebase Remote Config It is a simple key–value store that lives in the cloud and enables the user to implement modifications which can be read by the application. The Firebase Remote Config also includes an audience builder, in addition to the basic feature, which helps the user create custom audiences and perform A / B testing. Notification Funnel Analysis A Notification Funnel Analysis (NFA) is built into the FCM platform. By using this tool, developers can view user behaviour and trends from data around responses to particular notifications. The types of notification data which can be analysed are "Notifications Sent", "Notifications Opened" and number of unique users. An analysis report can be pulled from the NFA. Developers can also customise and build the notification funnels. == Key concerns ==

Security concerns FCM shortens the design and implementation process for mobile applications. Due to the available functionality of sending test messages through the Notifications Composer in the Firebase console, the testing process is also shortened. Cloud-based messaging solutions also have security and privacy risks which need to be mitigated and considered before implementation into a project. The development of cloud computing involves an open network structure and elastic pooling of shared resources which increases the need for cloud security measures to be established. A possible solution is to block a specific notification channel or unsubscribe from a topic. Other solutions involve setting up message traffic notification systems to detect malicious information being messaged through the FCM service platform. To implement this solution additional steps are required. The user needs to identify at the start, the connection channel or topic potentially used by the malicious application. Privacy concerns Cloud-based messaging also poses privacy risks and issues. Black hat hackers may be able to breach the security of the Firebase Cloud Messaging platform and acquire the registration ID of the user’s application or other sensitive information. Security compromise examples include private messages on a user’s social media account being pushed to the hacker’s device. To ensure the privacy of the platform, the user can build end-to-end protection schemes around the open communication channels provided by the Cloud Messaging Services, which are unsecure. FCM provides users with payload encryption. ==References==