Mobile wallets are somewhat more secure than a wallet on a desktop computer, because the process for installing programs and giving them permissions makes it much harder for malicious software to do things like spy on you or steal files controlled by other apps. A rooted phone might be a little easier to compromise, but still note quite as easy as a windows machine.
Mobile wallets should only be used to store small amounts of bitcoin (say up to $1000 worth), since it's relatively easy to steal someone's phone and pin. Finger print sensors can also be fooled by 3D printed fingerprint copies.
- Always lock the whole phone with a PIN.
- Use a fingerprint sensor, if available.
- Use a Basic Master Passphrase to protect the wallet itself.
- A PIN is another thing a theif needs to know in order to unlock your phone and steal your Bitcoins.
- A fingerprint sensor minimizes the use of the PIN, making it less likely it will be observed by a thief.
- An additional passphrase protecting your wallet means that a thief would also have had to observe that as well, which is used less often than a PIN and more secure than both a fingerprint or a PIN.
- Relatively easy to steal.