Yes, it is possible, but it's not so simple - someone truly must have a strong reason to do it.
Depending on how much security do you need, you can either construct your key at the runtime instead of saving it into final String, download it from the Internet (but this way must be secured even better, may be not worth it) or let some other external server do the work instead of your app - especially if you are talking about payments and storing your public key - in that case the key won't be even embedded into your app.
Also, remember to make the hacker's life harder by using mentioned obfuscation tools like ProGuard: http://developer.android.com/tools/help/proguard.html.
