Best security option in WPF and web service

I have WPF application deployed on n number of system. The WPF application consumes my web service and performs transactio开发者_StackOverflown in a regular interval by calling web method. What kind of security should be implemented in this case in order to avoid hacking? The installation of WPF application is using ClickOnce.

The current implemented Transaction performs

1. Wpf app sends request xml along with credential to web service method
2. At web service the method validate credential mentioned in request xml , if valid then performs transaction.

My Question: is it possible to implement digital certification ( public and private key) so that no proxy tracing tool can capture my request xml.

Just access your WebService via HTTPS.