1. Raw IP vulnerability issue
In order to provide privacy and data integrity between the client and our server, we adapted the SSL/TLS protocol to secure the point-to-point communications, and we perform hostname verification during the communications. So, everything that your app communicates with our server is completely safe. However, our server cannot sign and verify SSL/TLS certificates for raw IP address, you will put yourself at risk if you use raw IP address as the web domain.
If you would like to learn more about the SSL/TLS protocol, the following links would be helpful: