Mobile and web wallets, whether on Android or iOS devices, are the least secure or riskiest of all forms of crypto wallets and you should be careful when dealing with any one of them.
Mobile wallets store private keys on the device (although you can delete the key with some), which can, not only get hacked into if you are using the device to connect to the internet, but also could get stolen, lost or break down. It is necessary to create a back up of the wallet using the 12-24 word seed phrase shown to you when first installing the wallet and then keep the seed phrase in a safe place, possibly copied on a paper.
You also need to do a good research and ensure that the mobile cryptocurrency wallet you are using has adequate security measures:
Here are top 5 mobile crypto wallets to consider:
Coinbase mobile cryptocurrency wallet works with iOS and Android devices and can be used to send, convert, receive, buy bitcoins, ethereum, and litecoin by connecting with your bank account and sell bitcoin, ethereum, and litecoin on the go.
With it, you can also shop with merchants who accept bitcoins, ether and litecoin and access your transaction history on the go. The app is already letting many people take advantage of merchant services from over 38,000 businesses including Dell, Expedia, and Overstock.
This wallet also allows you to link your crypto wallet to PayPal in order to buy and sell the cryptocurrencies. You can also access and manage bitcoin, ethereum, and litecoin wallet from the mobile application or over the web application.
For security, the coinbase crypto wallet uses vault that comes with multiplesig, timed withdrawals, and private storage features. You can also use a pass-code to protect the app and remotely disable your phone’s access if lost or stolen.
It is also necessary to download from the verified app stores or directly from the company's website instead of using other sources where the code could be altered.
It also works with the web, Windows, OS X and Linux.
2. Mycelium Wallet
Mycelium bitcoin mobile wallet, which was awarded the Best Mobile App prize by Blockchain.info in 2014, works for Android and iOS devices.
It is feature-rich and allows you to run multiple accounts: the first is a single address account that lets you delete the private key from your device and import it back when needed. It means you can save large amount of cryptocurrency with minimal hacking fears.
You can also run other two types of accounts including a watch only account where an address that does not correspond to any private key is stored on the phone allowing you to watch for outputs but not spend crypto. The other type of account is an offline account with a different hardware device.
The wallet also uses the HD or Hierarchical Deterministic wallets that use master seed so that you can derive your future bitcoin addresses sequentially. You can also leverage secure authentication of the Bit ID.
This wallet also integrates with Trezor hardware as well as Ledger Nano S for added security features. You can also leverage hedging against USD and other fiat through the Coinapult feature, pay bills in SEPA zone in EU using Cashila feature, and buy and sell bitcoins using a bank account in the USA and Canada thanks to the Glidera feature.
It also comes with a Billboard -- Mycelium Local Trader -- that allows you to link with and arrange transactions between other buyers and sellers of bitcoins and check ratings of traders based on their trades (number of successful or aborted trades). On this trading platform, you use a private key for registration and authentication with Mycelium servers. The servers retain bitcoin address, nickname, sell orders with the entered location, and your trade history information.
You also have end-to-end encrypted private chats using bitcoin keys.
Security in-app wallet generation and backup is possible because Copay uses hierarchical-deterministic (HD) wallets. It uses the full Bitcoin Payment Protocol (BIP 0070-0073) that allows you to verify that the amount goes to the right merchant.
Developers can also testnet to test and demo new bitcoin applications on iOS and Windows Phone without additional mobile apps.
Like Coinbase, Jaxx allows you to trade and store multiple cryptocurrencies over Android, iOS and iPhone. In fact, it offers more options for coin lovers because you can trade Bitcoin, Litecoin, Ethereum, Ethereum Classic, Dash and Zcash.
Integration with ShapeShift allows you to do actual coin exchange within the mobile wallet.
The application allows you to receive your funds, scan QR code, view your crypto holdings.
You get a 12-word backup phrase during set up to restore the app, use a mnemonic private key stored on your device to secure your cryptocurrency, and set a security PIN. You can also import funds from a paper wallet.
The private key is local, is never sent to any server and can be transferred to other devices as well.
One drawback to this app is that it lacks a two factor authentication (someone could steal your 12 word phrase if they access your phone) and multi-signature support.
Jaxx also works on other platforms including Windows, OS X and Linux.
Also known as GreenBits, the GreenAddress.it web, desktop, Mac OS X, Linux, iOS, Windows, and Android wallet application wallet uses 3 multisig accounts such that you can hold two accounts of the three.
Any transactions sent over it cannot be double spent since you have two of the three keys needed to confirm a transaction, but also you do not need to wait for transaction confirmations. You hold one and GreenAddress.it holding the other key and therefore transactions not approved by you (because you hold the other key) cannot be made by GreenAddress.
It uses hierarchical deterministic wallets meaning that each incoming transaction has a new address for more privacy. Funds are secured with your key and that held by the company. It also offers 2 factor authenticated payments and daily, weekly and monthly limits, rate limiting (per hour, day, week or month).
Users receive nTimeLock-ed signed transactions when you make or receive a transaction, meaning you can recover funds using an open-source tool called Gentle in case GreenAddressit disappears.