Best Way To Store Credentials and Data Online?

I have been looking High and Low for a simplistic Answer for this and seem to come up empty

What I am Creating

An App for Android, iOS and a mobile website that must access the same data, be secure and speedy.

A user will need to access/create the following

  • User Name
  • Password
  • Personal Data Info(text based items)
  • Unique One Time
  • Activation Codes
  • Possible for thousands to need access at same time

What I THOUGHT would work
a simplistic SQL database
What I am learning about this approach
A few other forums (will post links if I find them again) show that you can include system.data.sqllite witin a c# script by adding the reference and placing the dll within the asset folder. This seems like a decent approach except for two issues

  • I do not believe this will work for mobile devices on windows
  • Apparently this is not very secure - I saw multiple posts about how a .unity can be decompiled very easily and sql passwords can be revealed. I believe this is not the case when I compile the app as a apk on android or for ios but would like some more information on the best approach for security

I am open to any suggestions because at this point I am back at ground zero.

Is it best to create a plug in on android/ios and handle SQL somehow within the sdks?

Or should I handle the SQL within Unity a different way?

Is there other options besides SQL out there? (please note when I Say SQL i mean database if there is a different database system out their that would work better please let me know, however I do know that my server can successfully install a sql database and have had expeierance with this before)

I have used Text files for data storage online before and used HTTP download commands to grab the data, however this does not seem secure and since I will have multiple possible thousands of users accessing this data at the same time I need something that will allow for this

I am a software/graphics programmer and do not have much experience with database storage but once I understand where to look do not see that being a challenge

Thank you for you Help -

What we did for the iPhone game I worked on was this:

The iPhone connects to a webservice, and the webservice does stuff in the database. We went through Facebook, so the user put in their facebook login info, and the app got a token from Facebook, which it passed to the webservice. Then the webservice interacted with the database.

Sure, users can decompile and hit the webservice and adjust their scores themselves. But they can’t mess with other peoples’ accounts because they only get enough info to access the webservice, not the database itself.

This is why we only reported high scores for your friends, not the world. People are less likely to hack score tables if only their friends can see it.