Mobile security

Mobile clients use the same encrypted realtime protocol for messaging and calls where native connectivity is available. Browser meeting behavior remains WebRTC-based rather than the full native workspace protocol.

Mobile credentials are protected with iOS Keychain or Android Keystore, depending on the device. Relevant app state is stored locally with encryption.

Android push uses Firebase Cloud Messaging. iOS uses local notifications, PushKit for VoIP flows, and CallKit for native call UI. Push tokens are registered with the workspace server and can be updated or revoked by the client.