ngrok basically gives you an encrypted HTTPS tunnel for free. The CinniMobile App handles HTTPS/HTTP access to the JSON-RPC. Just make sure you specify https:// in the URL.
You can also set up your own self-signed certificates,port forwarding, etc if you don't trust CA's or ngrok.
https://en.bitcoin.it/wiki/Enabling_SSL_on_original_client_daemon

Also you could set up a VPN from your phone to the wallet if you wanted possibly the best way to secure access.