How to obfuscate string values using buildConfigField
Currently we use buildConfigField to declare our variables (keys) by type of build, but when performing the reverse engineering of the APK we can clearly see the values declared with buildConfigField, as shown in the image below.
BuildConfig file after reverse engineering
P.S.: Even using minifyEnabled with proguard, we have the problem mentioned
This same discussion is covered in this post -> Fight against reverse engineering of Android APK, but without a solution