Hi, is there a way to encrypt the data returned from the endpoint?

(Based on our previous conversations) Since you're using Typesense Cloud, the data is already encrypted at rest (full disk encryption) and also in transit using HTTPS.

Hi @Jason Bosco 👋 When I do an

export

request for example (called from flutter dart for phone app), there is no way that the user could read the data in clear when received and parsed as Json objects? 🤔

The data only gets decrypted on the end user's device. The data has to be decrypted at some for the user to see the data right?

Yes the data is received on the device and parsed as Json objects to be displayed. I am wondering if there is a way for an advanced user to hack the flow and read the whole data in clear

The encryption I was referring to was when the data is stored on Typesense Cloud and when the data is in transit to the user's device. A sophisticated user can indeed intercept https connections, install their own root cert and get the data from the export API response.

It is a data set used as a product catalog that would be interesting for competitors to get. I actually download this whole product catalog to the user device in order to refine and compute the search on the device and not on the typesense server

I see, once you've downloaded it to a user's device, it's pretty hard to secure it at that point, because you have to decrypt it to show legit users the information

It is harder to access in app data than man in the middle then network with a root cert in my opinion.. that’s why I was thinking about encrypting the data set and decrypt on the device when received. Or it would be great to actually have a way to encrypt data at the endpoint somehow

Typesense doesn't do any encryption on top of https