Every app has secrets! These could be in many forms (no judgment here!) but in this talk, we'll focus on the most common use case of storing API keys or data in-app that we'd rather not make readily available to malicious actors. In this talk, we'll look at answering one of the most asked questions in mobile security, "How do I secure my API keys" and ensure you have the knowledge and tools you need to do so. You'll leave this talk with: - Actionable security best practices for securing your app - An idea of how to store API keys, at scale - Multiple examples of how to securely access your API keys - Some fun real-world examples of when things go wrong