This type of decision is fairly fundamental to your game design.
The vast majority of games have local games with local save files. They may use a store such as the Google Play, Apple's App Store, Amazon's store, or something else, in which case the transactions should be verified using that system's supported forms of receipts.
Some games, a tiny subset of all games, are run and manipulated on the server and the game clients are only a view. The game client could be a web page, a mobile app, or a desktop program.
If you are designing your game so the game is run and managed on the server then having all your game object information and account information on the server is the only way to go. As you are talking about the mobile space, however, you need to go through some extra hurdles to jump through if you want to provide mobile apps on the main stores.
Apple and Google both have strict terms in their store agreements and they need to be navigated carefully. For Apple:
11.1 Apps that unlock or enable additional features or functionality with mechanisms other than the App Store will be rejected
11.2 Apps utilizing a system other than the In-App Purchase API (IAP) to purchase content, functionality, or services in an App will be rejected
11.3 Apps using IAP to purchase physical goods or goods and services used outside of the application will be rejected
11.4 Apps that use IAP to purchase credits or other currencies must consume those credits within the application
... etc ...
For Android:
* Developers offering products within a game downloaded on Google Play or providing access to game content must use Google Play In-app Billing as the method of payment.
* Developers offering products within another category of app downloaded on Google Play must use Google Play In-app Billing as the method of payment, except for the following cases:
> Payment is solely for physical products
> Payment is for digital content that may be consumed outside of the app itself (e.g. songs that can be played on other music players).
* In-app virtual currencies must only be used within the app where they were first purchased.
... etc ...
Navigating the requirements requires a mix of designers, programmers, and someone comfortable with contracts and legal dealings working together to figure out the details.
It is a path seldom taken in part because the store gatekeepers want to collect money.
Like all procedures and processes, the companies will always be willing to make special exemptions if you pay enough money. Although since you are asking here about it you probably are not in that situation. In the realm of business the alternative Golden Rule applies ("Those with the gold make the rules") and the standard corporate policies can by readily bypassed with a six-figure or seven-figure check.