Use Token based authentication by using encryption and decryption like AES , RSA Etc.It Basically message level security there is another type of security IE: transport level

Please follow the link below.http://www.c-sharpcorner.com/UploadFile/vendettamit/create-secure-wcf-rest-api-with-custom-basic-authentication/

Inherit UserNamePasswordValidator class to your own class and override the "Validate" method. Some configuration will be required in web.config.