Securing sensitive information in PhoneGap?

Question

I have a number of REST API Keys (Google Places, etc) that I want to secure. Reading Google Groups and SO it seems obfuscation isn\'t a solution, neither is using the Keycha

Answer 1

If you have the option of hosting a web service yourself, you can have the device talk to your own server instead of Google's. It would act as a proxy: The device authenticates to your service using a scheme of your choosing and never gets to see the API key, which rests securely on your servers. The process is very similar to how it would work on a web site (where also the browser does not talk to the backend service provider directly, but the web server does it on its behalf).