diff --git a/keyserver/src/push/crypto.js b/keyserver/src/push/crypto.js
--- a/keyserver/src/push/crypto.js
+++ b/keyserver/src/push/crypto.js
@@ -37,13 +37,11 @@
   let encryptedSerializedPayload;
   try {
     const unencryptedSerializedPayload = JSON.stringify(unencryptedPayload);
-    const { serializedPayload } = await encryptAndUpdateOlmSession(
-      cookieID,
-      'notifications',
-      {
-        serializedPayload: unencryptedSerializedPayload,
-      },
-    );
+    const {
+      encryptedMessages: { serializedPayload },
+    } = await encryptAndUpdateOlmSession(cookieID, 'notifications', {
+      serializedPayload: unencryptedSerializedPayload,
+    });
     encryptedSerializedPayload = serializedPayload;
   } catch (e) {
     console.log('Notification encryption failed: ' + e);
@@ -78,13 +76,11 @@
     if (!unencryptedSerializedPayload) {
       return unencryptedPayload;
     }
-    const { serializedPayload } = await encryptAndUpdateOlmSession(
-      cookieID,
-      'notifications',
-      {
-        serializedPayload: unencryptedSerializedPayload,
-      },
-    );
+    const {
+      encryptedMessages: { serializedPayload },
+    } = await encryptAndUpdateOlmSession(cookieID, 'notifications', {
+      serializedPayload: unencryptedSerializedPayload,
+    });
     return { encryptedPayload: serializedPayload.body };
   } catch (e) {
     console.log('Notification encryption failed: ' + e);
diff --git a/keyserver/src/updaters/olm-session-updater.js b/keyserver/src/updaters/olm-session-updater.js
--- a/keyserver/src/updaters/olm-session-updater.js
+++ b/keyserver/src/updaters/olm-session-updater.js
@@ -12,11 +12,17 @@
 const maxOlmSessionUpdateAttemptTime = 30000;
 const olmSessionUpdateRetryDelay = 50;
 
+type OlmEncryptionResult = {
+  +encryptedMessages: { +[string]: EncryptResult },
+  +dbPersistConditionViolated?: boolean,
+};
+
 async function encryptAndUpdateOlmSession(
   cookieID: string,
   olmSessionType: 'content' | 'notifications',
   messagesToEncrypt: $ReadOnly<{ [string]: string }>,
-): Promise<{ [string]: EncryptResult }> {
+  dbPersistCondition?: ({ +[string]: EncryptResult }) => boolean,
+): Promise<OlmEncryptionResult> {
   const isContent = olmSessionType === 'content';
   const { picklingKey } = await fetchOlmAccount(olmSessionType);
   const olmUpdateAttemptStartTime = Date.now();
@@ -47,6 +53,10 @@
       );
     }
 
+    if (dbPersistCondition && !dbPersistCondition(encryptedMessages)) {
+      return { encryptedMessages, dbPersistConditionViolated: true };
+    }
+
     const updatedSession = session.pickle(picklingKey);
 
     const [transactionResult] = await dbQuery(
@@ -76,7 +86,7 @@
     const [{ versionOnUpdateAttempt }] = selectResult;
 
     if (version === versionOnUpdateAttempt) {
-      return encryptedMessages;
+      return { encryptedMessages };
     }
 
     await sleep(olmSessionUpdateRetryDelay);