I realise there is a Unity 3D version of the game that that stores the MCQ questions and answer into Assets/Bin/Data and Data/Asset.Resources in cleartext. Is it possible to encrypt these resource so that anyone who unzip the .ipa and .apk won't be able to read the data inside the game.
I am thinking of using encrypted SQlite and streaming questions and answer via a server however this is mean to be a standalone game without any API call to the backend.
So how is the your mobile app going to decrypt the data ?
For iOS, you can encrypt only specifically for that one user and store the decryption key in the user's iOS security enclave. You may wanna read up more in this area. I suspect that will also means first time encryption has to be done at the backend for each individual user.
I personally don't have experiences using it practically, but this will be a workflow I would suggest for your consideration.
One first installation of the software, a key pair/symmetric key will be generated by the security enclave. If you have no need to communicate securely with the backend, then this key pair/symmetric key will be stored locally in the device. It is not found in the IPA and only stored in the hardware security module(HSM) in an iOS device. All encryption/decryption will happen in the memory on the fly.
If you need to communicate with the backend, send the public key to the backend and store under (user, device) pairing. Since each device for the same user will generate different key. Encrypted data send by the backend to the mobile app will be encrypted using the (user, device) public key, which then can only be decrypted using the private key stored in the HSM. If your payload is large, you will want to consider generating dynamic symmetric session key to encrypt the payload for each encryption, and only encrypt the session key with the public key, so that encryption/decryption process of the large payload will be faster, since public cryptography is relatively slower compared to symmetric cryptography.
Hope it helps answer your doubt.