I'm working on an app on react native web, and want to secure my calls. I thought about crypting body to prevent sniffing but that would mean setting my private key (to decipher response body) in the code (could be decompiled -> not secure).
I will have credit card information transiting so I need to be sure about my security system.
How do I store my secret keys (private hash key, apiKey...) Or do you have other options?
You can make a proxy server with some backend language and make all secure requests inside it. Never share private keys into client side.