Securing my JSON data on Amazon S3 and within APK


#1

I have spent months building my app and automating the data feed. Just about ready to launch but now worried about security of my JSON data.

So, there is a daily script I run on Amazon EC2 that pulls live data, turns it into JSON and then uploads the generated JSON file to Amazon S3. So in my providers ts file there is a link to the JSON data https://amazonawss3/myfile.json etc

Should my app do well, anyone can just go into the PWA or APK and view main.js and get that URL and build their own app around it. All the hard work building my automated script, gone and benefitting someone else!

So looking for some tips on hiding, obscuring and securing my JSON data please.

Can I use a access key in config.xml perhaps? I see uglify.js runs during build, can I hide using that?


#2

If your app can download and then use your app, everything else can too.
You can add as many layers of security as you want, there is no way to totally protect your data.


#3

To build on @Sujan12’s comment, if you are willing to require users of your app to register, you have a few more options.


#4

Try something like jwt with some login credentials