What Are the Risks of Using Software App Wallets?

What Are the Risks of Using An Unsecured Software App Wallets?

1) If you are using a software wallet in a naked fashion, that is to say not secured by a hardware device, your risk is with the device that the wallet app is installed on. Your software wallet app contains the Private Keys for all of the coins that the wallet manages, which in turn is stored on the device the application is installed on. Therefore, the security of your Private Keys is dependant on the security of your smartphone, tablet, or computer.
2) The next level of risk is in the choice of your access PIN for the software app. The PIN is used to access your software wallet. It can be as short as 4 digits or as long 8 or 9 digits.
Do not use easily guessed numbers like your phone number or birth dates.
Also Touch ID is not recommended, since it will allow access to the wallet application to anyone with Touch ID access to the tablet or smartphone device.
3) Finally and most importantly, is the storage and care of the Mnemonic Backup Phrase. The Mnemonic Backup Phrase is the only way to restore or recover your wallet if you should lose access to the wallet application due to damage or loss of the tablet, smartphone or computer.

To be the most secure with your mnemonic backup phrase:
a) Never take a screenshot, photo, or store a digital copy of the mnemonic backup phrase on the internet.
b) Store the backup phrase on a physical sheet of paper or card.
c) Print the mnemonic backup in ALL CAPS, so there are fewer chances of misreading the words when it comes time to restore the wallet.
d) Clearly label the backup sheet, to distinguish it from other backups.
Laminate the paper or card to protect it from water damage. Store it in a fire resistant safe to protect it from fire and unauthorized viewing.

Remember. if you lose your Mnemonic Backup, you have lost your means of recovering your wallet!

What Are the Risks When I Secure the Software Wallet App With A Hardware Device?

When you secure a software wallet with a hardware device, the risk to the software wallet is removed and put to the hardware device.
The software wallet is secured by the hardware device, which means that any send transactions must be signed by the hardware device.
The Private Keys will reside on the hardware device. The Mnemonic Backup will be for the hardware device, not the software wallet.
The mnemonic backup for the software wallet may in fact be unnecessary unless, the software wallet holds coins that are not protected by the hardware device.

What Are the Risks When I Secure the Software Wallet as a 'Watch Only' Wallet?

In the simplest terms, very little risk since the hardware device bears the risk.
When you setup the smartphone or tablet wallet app as a 'Watch Only' wallet, which is linked to a desktop or laptop computer web wallet, which in turn is secured by a hardware device, the tablet or smartphone can only view the wallet transactions. Any send transactions must take place on the laptop or desktop computer with the hardware device attached.
The Private Keys reside on the hardware device and the Mnemonic Backup will be for the hardware device.