APNs

Apple Push Notification Service (APNs) was the first-ever mobile push notification service to be launched. It was developed by Apple Inc. and was initially released alongside iOS 3.0 on June 17, 2009. APNs was first included as an API to the Mac OS X 10.7 ("Lion") to allow developers to begin updating and managing their third-party applications and utilizing the push notification service.

This APNs was later improved in 2012 by introducing a Notification Center that supports local application in OS X 10.8 ("Mountain Lion"). Support for website notifications was allowed with the release of OS X 10.9 ("Mavericks") and Safari 7.0.

Today, APNs is used by Peek Stack, Chicisimo, Sodep, SoLo Funds, DigitalPUSH, OTTLabs, and Framshift, among others.

Where Apple Push Notification service (APNs) plugs in the Provider-Client chain.

APNs is a server that sends push notifications to iOS devices. To send notification requests to APNs, you need to register your application provider (your server) with APNs, as well as properly configure it to use a device token (the address of the device to send a push notification to) and APNs certificate (valid authentication key).

When your app gets permission from your user to receive notifications, iOS communicates with APNs and requests a unique device token. The app gets the device token and then forwards the token to the provider, i.e. the Mobile Device Management (MDM) server.

The MDM server sends off a push notification containing notification payload and delivery information together with the received device token to the APNs. APNs receives and decrypts the token to ensure the request's validity and determine the target device. APNs verifies both the provider and the destination device for legitimacy before sending a push notification to the specific intended user's device.

APNs uses two trust levels (connection trust and device token trust) to enforce end-to-end, cryptographic validation and authentication.

Connection trust can be established in two ways: Provider-to-APNs and APNs-to-device. Only an authorized provider can communicate with APNs to establish connection trust between a provider server and APNs. At the same time, APNs automatically enforces a connection trust with each device to ensure its (device) legitimacy.   

Device token trust works end-to-end to ensure that notifications are routed only between the provider (start point) and device (endpoints) for each remote notification.

APNs supports a store-and-forward function with the introduction of a Quality of Service (QoS) component. This component allows APNs to store notifications for a limited period when the target device is offline, and then delivers the notification as soon as the device becomes available again. However, the QoS component can only store the most recent notification per device and app.

APNs allows a notification payload size up to 4KB (4096 bytes) for regular remote notifications and a maximum size of 5KB (5120 bytes) for Voice over Internet Protocol (VoIP) notifications using an HTTP/2 API.

APNs uses the Transport Layer Security (TLS) protocol to send notifications and TCP port 5223 as the primary communication port, with TCP port 433 as a fallback.

• Provides connection trust and device token trust for validation and authentication

• Uses the TLS protocol for a secure connection

• Supports local and remote notifications

• Allows APNs notification for websites

• Provides a Notification Center for receiving and managing local notification in one place

• Supports a store-and-forward function

• Remote notification delivery is not guaranteed

• What is Apple Push Notification service (APNs)?

• What is a Push Notification?

• Local and Remote Notification Programming Guide: APNs Overview

• Apple Push Notification Service (APNs): Everything You Need to Know