Both Apple and Google offer the ability for your app to intercept and modify messages before being displayed. Use that to send encrypted messages and decrypt them there, using your own code on the user’s device.

▲

Zak 3 hours ago | parent | next [-]

That framing Makes it sound like the app developer has to do something active to keep message cleartext out of notifications. That's not how it is on Android.

A Firebase Cloud Messaging push notification contains what the app developer's server puts in it. That could include the message body or it could just be an instruction to the app to poll the server for new messages. It has nothing to do with the notification that's displayd on an Android device. Those are entirely local.

An app that cares about privacy wouldn't send anything more than a poll instruction over FCM.

	▲	avianlyric an hour ago \| parent \| next [-]
		You can implement either approach on iOS as well. But if you have strong end-to-end encryption for messages, then you don’t have to care about the transport anymore, you assume they’re all compromised. At that point you might as well use the push notification system as your transport, given both OSs allow applications to intercept the push notification locally and decrypt it before it’s displayed to the user.
	▲	saagarjha 2 hours ago \| parent \| prev [-]
		This has performance/reliability tradeoffs.

▲

ls612 3 hours ago | parent | prev [-]

In fact this is what both iMessage and Signal (and maybe Whatsapp too but I can’t tell from a quick google) do.