Communicate with backend as safe as possible

I'm about to start the design of an application for Android (and possibly later on iPhone, if I ever get around learning 开发者_运维技巧it). In this application I will need to send and retrieve various information to a backend (that me myself also will need to design and code). The information will most likely be in json format.

How would I go about making this data as safely transmitted as possible? Is https the only anser to this? Or are there any other smart solutions to this?

TLS (including HTTPS), where you validate the certificates from the client and the server is the safest mechanism, and doesn't require you to reinvent authentication in some flawed way.