magento2 – Best way to manage sensitive custom Module Server-side properties on ConfigProviderInterface

While building a custom module for the checkout process, I need to add certain configuration properties (strings) to use as part of my plugin. These properties need to be kept “secret” on the server side.

However, if I use the standard ConfigProviderInterface with getConfig() the values of the configured properties are “leaked” to the client/frontend in the window.checkoutConfig = section (when viewing the source of the page during checkout) like:

"source":{"authorizenet_directpost":"http://magento.example.com/pub/static/version1610132869/frontend/Magento/luma/en_US/blank.html","payflowpro":"http://magento.example.com/pub/static/version1610132869/frontend/Magento/luma/en_US/blank.html"},"controllerName":{"authorizenet_directpost":"checkout_flow","payflowpro":"checkout_flow"},"cgiUrl":{"authorizenet_directpost":"https://secure.authorize.net/gateway/transact.dll","payflowpro":"https://payflowlink.paypal.com"},"placeOrderUrl":{"authorizenet_directpost":"http://magento.example.com/authorizenet/directpost_payment/place/","payflowpro":"http://magento.example.com/paypal/transparent/requestSecureToken/"},"saveOrderUrl":{"authorizenet_directpost":"http://magento.example.com/checkout/onepage/saveOrder/","payflowpro":"http://magento.example.com/checkout/onepage/saveOrder/"},"expireYearLength":{"authorizene...

What is the correct way to get module configuration settings from the Magento Admin for the checkout process so that they are not leaked to the client?