Ok, so i am going to use a classic https and i trust that is not going to be seen during the transfer , but i would also like, once the file is transfered, that it cannot be seen by the user. Only that the app, user is going to receive from me will be able to read those numbers. So i guess encription would be a way to go ... i guess ???
If the data exists - even momentarily - on a machine in the user's control or physical possession and the user cares enough, he will be able to view the data. Period.
You cannot prevent this. If you want to follow in the footsteps of the movie industry, you can spend very large amounts of money (definitely in the hundreds of millions of US dollars, probably billions) trying, but you will fail, just as they have failed.