An unauthorized app on the google play store is utilizing webview to frame our mobile e-commerce site.
Aside from branding impacts, we have concerns over security & pci.
Is there a technical solution to preventing an unauthorized source from utilizing webview on our site?
A webview is a browser. You might be able to block it via user agent or the like... but in reality you have no real option here. Anyone who has HTTP access to your site can copy it at any time. You'd only be hurting people who want to view it in a webview for decent reasons while it provides a trivially worked around bit of security before they spoof their user agent to chrome's in a day.