Webservices safe?!

[behnam263]

Hi

I have a question about web services and APIs in Prestashop.

I need to know that is it safe to use the web service key to communicate

an android application and Prestashop services? because with an API Key

you can access to all options in Prestashop!

In my application I need to login only with a registered customer information

in Prestashop. Is there another way to access to one person's information, not all Prestashop?

Thank you

[selectshop.at]

This is not really a question, of if webservices are safe, but a technical general question. If you login to open internet connections (not inhouse safe networks), so everybody can intercept the connection.

 

Communication between databases are only safe if you communicate via SSL safe networks. Aslo SSH connections via tunneling with time limited tokens or keys are safe. All other connections have security lack. So: Android, somebody can hack, cause you are communicating through an open internet connection. Only if this connection is secured by tunneling than it is safe.

[behnam263]

Thank you for your time answering my question, but my problem is putting a master key

in an android app to connect and control all Prestashop activities! In my app, I need

to check if this user exists or not, but accessing to all users or other general information is a little bit scary  !

Even if you use SSL or SSH!

Actually my question is that if there is a way to use registered users info instead of keys in web services!

Is it possible?