呢度咁講
https://tozny.com/blog/end-to-end-encryption-vs-https/
' Data is secure on your phone, it's secure in transit, and it's secure on your server. So it appears that data is always encrypted.'
'The reality of encryption in transit leaves out encryption of data at rest, which impact the security of both ends of the transmission.'
'This leaves you open to attack at 3 points of processing (the app, the load balancer, the server), 2 points of storage(mobile, server), and one point of transmission ( internal traffic).'
'If your server is the endpoint of your web API, but you have different services for processing, analysing, sharing, and backing -up your data, this just get worse.'
'You may be using HTTPS, but you can't really say that you're encrypting data.
With end-to-end encryption, it's secure at each point of process.'