How does the native mobile app from e.g. PlayStore communicate with Appian Server?

Question

Hi, 
 our company likes to use the Appian App to provide employees and customers with appian services. 
 Obviously security concern rises questioning how the appian app communicates with the appian server. 
 Which protocolls are used? 
 Does it need a VPN Tunnel ? (Not customer compatible...) 
 Is a good container required? (Not customer compatible...) 
 Does the app store information on the device and how and where? 
 Is this information encrypted? 
 Is the overall security level of the app in any form or shape documented? 
 Maybe someone has information about the security aspect of the appian mobile app , which I can hand over to our local CISO (Chief Information Security Officer) in order to get a clearance to use the mobile app with customer targeted applications. 
 
 Thanks 
 Olaf

Abdul Sowayan · Accepted Answer

1) Protocols: HTTPS with TLS (TLS 1.1 and 1.2 are supported. Which one is used is based on what the server is configured to use). 
2) Good Container Required: If your organization uses BlackBerry (formerly named Good), then you should use the Appian For BlackBerry App ( itunes.apple.com/.../id1085776881 . If you're organization doesn't use BlackBerry, then you should use the regular Appian apps in the Apple & Google App Stores. 
3) Information Storage: The app stores minimal information (example: account list). If you use the offline feature ( docs.appian.com/.../Designing_for_Offline_Mobile.html) , then offline forms will be stored in the App's Sandbox and is encrypted by the mobile operating system.