For security purposes, our CMS tool is using the HTTPS protocol for communication/connection purposes. That is, it defaults to HTTPS connections for all apps. Due to the security measures/properties involved in this, that stem from the SSL & TLS certificates, the data-interception becomes really difficult, if not impossible
Our tool supports SSL and our apps (Android, iOS and PWAs) are using port 443 for communication purposes. That means that all our hard-coded URLs are already on HTTPS and the communication between our services and communication with Apple and Google is done over SSL.
Nonetheless, please note that since our tool provides you with the option to embed third-party URLs (through the use of iframe or using the Website Feature), you may notice some non-HTTPS communication if you've configured the integration with a non HTTPS compliant website.
With that said, we highly encourage you to - when embedding URLs - ensure that the site is secure using HTTPS. Creating an iframe using the HTTP protocol renders your site vulnerable to cross-site attacks. Check the Embedding an <iframe> into an Info-Tier KB for more information on this.