Our application didn’t implement push notification, not even configured pushNotification in App ID generation. RegisterForRemoteNotificationTypes and didRegisterForRemoteNotificationsWithDeviceToken methods exists in binary file of the app without implement in the code. We are using Xcode 6.2 for development.
When app tested with HP’s Fortify On Demand Security Review Tool for security Testing it has given the issue with PushNotification.
The issue description is as below
Summary :
The application implements remote push notifications. Push notifications are messages sent by an application provider to a user's device via Apple's Push Notification Service (APN). Push notifications are not necessarily a security vulnerability by themselves, but bear scrutiny to ensure that notifications adhere to security best practices.
Execution:
The binary contains references to methods used to register a device for push notifications, registerForRemoteNotificationTypes and didRegisterForRemoteNotificationsWithDeviceToken.
