I'm sorry but you clearly have no idea what you're talking about. I'm going to talk about iOS jailbreak because that's what's interesting, Android devices are inherently less secure than iOS out of the gate so the conversation there is different.
The jailbreak defeats two primary security measures - the barriers protecting one app from another and the signature checking on the binary to confirm it hasn't been tampered with. If you are running on a jailbroken device it's trivially easy to hook the binary and essentially make it do whatever you want, and it's doing so with the credentials of the legitimate user. So as a simple example for a banking app, I could modify the binary to wait for you to login successfully, then email me your credentials and transfer a couple thousand $ to my account. If I can get physical access to your device I can install it in seconds, if not maybe I can persuade you to download it from Cydia. The server side would not know this wasn't legit, and you wouldn't know it was happening and the device wouldn't have any way to prevent it. That entire class of attack is made basically impossible on a stock device - the app is signed by the publisher and if you start tinkering it'll fail to execute.
Now as you mention I could obfuscate the code, that'll slow down someone trying to hook it but it won't stop a determined attacker. I could pin certs, but again if the device is jailbroken I can just replace the certs with my own. For the same reason it's impossible to really secure a general purpose computer that doesn't use something like secure boot it's impossible to guard against attackers if you're app is running on a jailbroken device - you can't trust the underlying OS and you can't even trust your own binary - you're screwed.
The very first thing anyone writing an app which has security concerns needs to do is figure out an effective jailbreak detect. It's not an exact science, and no detection routine will be perfect, but it's the number one most significant defense.