information for creating apk

We need more information. Understanding your topic is difficult, so I will just say what I understand from all this. You are developing an application, and this application is being developed for Android. This application will communicate a server. You quoted PHP. Now when you ask that it will have to be located server, you’re only talking about the right PHP application?

Security is too generic, there are several security points. What is your concern and what is your specific problem? Are you concerned about client-side data storage or the security of server-side data storage? Or are you concerned about the security of data transfer between the server and the client? If it is the communication between the application and the server use TLS, have a long and valid certificate and the application checks the public key of your server. This minimante guarantees authenticity and confidentiality.

@Inkeliz you helped me a lot with this TLS information thank you, but also I have a question about, whether I should use PHP inside the server or not it is necessary in order to maintain security?

@Ribeiro as far as I know there is no way to use PHP in the client, but anyway. If you want "reverse engineering proof" PHP on the server to get/send information would be better. Because at the customer any reverse engineering would reveal the application’s workings. If you use PHP (or any other server language) the most you would reveal is how communications are done. Take the application "Prisma" as an example, the server processed all modifications in the photo, doing reverse engineering would not reveal how the photos are changed, because these are actually made outside the app.

@Inkeliz I also know about the issue of PHP being only usable on the server, but you sanctioned my doubt, that it was fate to be better to use the same for the information transition, thanks for the help and if you have any method of recognition of the type of rating or something here on the forum, please let me know.