Bitcoin Forum

Curious about the security of mobile wallets. Why are they considered less secure than other wallets? I currently use Trust Wallet which uses fingerprint ID or a pin. If my phone were to be compromised how would anyone be able to access it? How could they obtain my pin/fingerprint?

I use Electrum in my phone but really do not keep much coins in there. Make sure you keep the passphrase somewhere in a safe place so you can restore it in the desktop version too.

Not sure about this Trust wallet. But in this kind of cased you have to be the first one to move the funds to another wallet. This is why you need the passphrase to be safely saved in somewhere else.

Mobile Wallets are not considered less secure. The less secure are the web wallets and browser wallets.

Mobile wallets are like desktop wallets. Seeds never leave the device if you are using a good wallet. Certainly trustwalley is not one of them and I recommend more reliable wallets such as Electrum mycelium or Samourai .

Fingerprint or password doesn't give any extra security. If a hacker is to steal your coins it is through a virus, and he will try to access your seed code

Your seed must be kept offline , in a paper. Take care of it

Additionally, the only real secure wallets for newbies are hardware wallets, such as trezor and ledger. If you keep significant amount of money there, buy a hardware wallet

I would not use them as my main wallet for keeping and holding Bitcoin and crypto.
You can lose your phone easy.
Yes, you keep your backup in safe place and you can always recover your seed  words, but why risk it?

Fingerprint copy is very easy to get.
With anything you touch you live your fingerprints, and if someone wants to take it, he will.
It is better to use password instead of fingerprint.

This is the reason I like Electrum dekstop wallet and hardware wallets like Ledger.

Not all the mobile wallets are considered less secure but majority of the wallets are! Wallets like mycelium are trustworthy in the sense you can use them for spending your small amount of bitcoins. I have been using mycelium for quite a long time as a mobile wallet for spending my funds immediately when I am away from my PC. But on the other hand, you shouldn't be having large chunks of bitcoin in mobile wallets, web wallets or hot wallets. Hot wallets and Web wallets are some of the bad wallets which one can trust upon as they have poor security when compared with mobile and desktop wallets.

I would suggest you to have a hardware wallet like Ledger/Trezor for holding your btc for longer term and electrum as a desktop wallet connected with Ledger and mycelium in your mobile. Electrum mobile wallet is certainly bad at times and they could create problems at times. Here is a post of mine about the disadvantages of using a Electrum mobile wallet over another mobile wallet like mycelium : Bitcoin account my mobile (https://bitcointalk.org/index.php?topic=5189611.msg52646036#msg52646036)


Fingerprint/Pin alone wouldn't make a wallet secure as far as mobile wallets are concerned. Your mobile would always be connected to internet which might pose a problem for you if your mobile is affected by a malware. Consider like the hacker has injected a malware in your mobile, and when you send btc it might redirect to his address.You should always use wallets like Electrum in a offline computer or a hardware wallet for storing large amounts.

Mobile wallets are convenient for fast and easy trading. But there is a risk of malware and virus attack. Also, if the phone is lost or damaged, then the cryptocurrency in the wallet is lost. The mobile wallets can be used for small purchases. For storing large number of coins, hardware wallets are the best option.

The risks also exist on computers or laptops but I thought the risks on mobile phones/ devices are higher. It comes from total online time people spent on mobile devices likely higher. It means they expose their wallets with more risks.
Incorrect. If one backup wallet seeds/ private key, then even they lose their mobile phones, they won't lose their money only if they response fastly because the others can crack wallets' PIN/ passphrase to steal their money. Reponse fastly mean accessing the wallet on other devices and move their funds in that wallet to the others ASAP. If you lose your phones, I think you have enough time to secure your fund but you have to do this quickly. Because the odds to have the one who takes/ steal your phones have enough technical skills to hack your wallet's PIN/ passphrase immediately by his/herself is very low. There are not high coincidence like that.

The definition of security is limited to the way you deal with the wallet. For example, if you are neglected and you download a lot of applications or give a lot of permissions, you will lose your money.
Downloading the wallet on the phone is safe if you do not download any untrusted application on that phone.

The fingerprint and others prevent the physical access to those currencies, meaning that they will benefit you if someone “physically” tries to access/hack your phone.

If we are download wallet from real developer it will safe to use. I have multicurrencies wallet in my phone, it still safe to use till now. What i do to make sure my phone safe is i only installed important things to supports my work on my phones. Limited access to people to use my phone contain crypto wallet, and make sure to check app permission request before accept to install.

If that's the case the person who finds your phone  cannot access your wallet but also make sure you save your keys from separate device and don't left any hint on your phone  so that you will be totally secured. But since it's mobile phone much better if you wouldn't trust so much since anything from it is not secured that's why it's advisable not to store huge volume of crypto's to avoid any risk in future and if you are  a big holder  then much better to grab a hardware  waller for safe storing.

I still prefer mobile wallets too as its handy and conveniet. We just need to check it's credibility and sources. We should only download it from legit website as well see if there are reviews that may harm your securities. Better use only one phone for crypto activities and maybe a tablet for other social or gaming activities.

Crypto wallets doesn't need any kind of permission while we installing, if its asking something then its a wallet to avoid.

Most people doesn't realize that we can have any wallet because its just an interface to access blockchain storage where our coins are stored if you don't have keys then you really doesn't own that coins.

When people talk about wallet security it's usually not about the in person security, it's the online side of things.

That being the case I would never, ever use a wallet based in a browser or on any internet connected Windows PC. Mobile wallets are a step up in security compared to both of them.

The phone you are using will make the difference whether you can lose funds or not. If you are using an iphone, the thief or hacker cannot crack it as iphone provide much better security. Also you will find less apps which are malware effected in App Store. On the other hand, Android phones are more likely to be hacked and we should not keep big amounts in mobile android wallets.

In my experience /how much I know that...

1. People can not bypass the finger print if nobody collect your finger print sample from you. (There are many videos on YouTube  about hacking finger print. May be some tricks are working) So thus people can access your wallet.

2. If you lost your phone then people need to restore/hard reset your phone for remove the finger print and pin And all apps will be removed from the phone Except the stoke apps. So the wallets also will be removed and fund remain safe.

3. If you take any screenshot of your private key and keep it on your phone then if you download any untrusted third-party apps which take the permission of controlling SD card Data/Photos then hacker can hack your wallet with the help of these third party apps.

4. If you download any wallet not only the Trust wallet but also all wallets from a untrusted source then the wallet can be hacked. Because sometime the apps can be modified with malwares.

Locking apps with fingerprint or face have one major drawback, which is that anyone can unlock your device when you are sleeping or when you are unable to fully realize what you are doing (the influence of alcohol or drugs). Some manufacturers advise turning this option off when going to sleep, just to prevent abuse.

If you lose your smartphone, you can always respond by using your backup and recover your wallet on another device. Then you just move coins to a new wallet (not only a new address in the same wallet). This way your old wallet will be empty, so there will be no harm even if someone manages to get access.

Mobile wallet is safe for small amounts, maybe $x00 or something like that, just be sure to protect your phone from malware. Be careful with every application you download and keep a close eye on security (install security patches/updates for your device)

There are users that forget to write down and back up their passphrases and once the phone is stolen, you can't retrieve it anymore. There is the good and bad side of having mobile wallets. If you want to access it everywhere, you can put a small amount that you want to spend with it but it's not the best wallet to keep for long term HODL.

Applying 2FA is much better another added layer of security for such wallets, you can use authy or google auth.

Your mobile wallet is not less secure then any other wallet as long as you:
   - use a reliable/trusted wallet app.
   - always update it to the latest version.
   - don't save your seed on the same device.
   - use a strong password to lock the wallet app.
   - keep your mobile safe from malwares.

People tend to think that all mobile wallets are not secure which is not true. In fact, it depends on the user itself.
Personally, I have been using Electrum on my phones for almost two years now, and never experienced any problem (two phones lost though).

Sometimes bounty projects made hunters download "their" wallets for their coins/tokens. Not always these wallets are being download directly from google market or apple store.

My question is - is it save to download, run and keep this "bounty token/coin wallet" on the same device where my mobile wallet for BTC is installed ?

There is way more malware developed for computers then phones. So mobile wallets are way more secure then desktop wallets. You can of course reduce risk by dedicating your old computer to use as your wallet. So you dont download much if at all there beside updating wallets.

Trust wallet is good in terms of Ethereum, you can import your ethereum private keys there and you owned it. But on BTC it seems like you don't have control over your private keys.  I suggest wallets that you have full control over your private keys it is safer. Like Mycelium, electrum wallet for mobiles.

Links:

Mycelium
https://play.google.com/store/apps/details?id=com.mycelium.wallet&hl=en

Electrum
https://play.google.com/store/apps/details?id=org.electrum.electrum

Any file you download from the Internet is a risk, and fake wallets are something that poses a serious problem. You should approach any such wallet in a way that you consider to be potentially dangerous. There is no universal way to determine if something is good or bad, but you should always check what other users say about wallet you want to use, then scan the site with virustotal (https://www.virustotal.com), and if you have antivirus, scan a file before installation.

These are good precautions, but they do not guarantee complete security, and scanning results can often show false-positive results. I personally would not use BTC wallet and some other suspicious wallets on the same device, but if it is a small amount then the risk is acceptable.

LbtalkL, always use direct links from the official site and not from Google Play directly, that way you avoid the possibility of downloading a fake wallet.

The mobile wallet is not good and bad. Because there are good and bad aspects of everything. The mobile wallet is safe for work. It is more hacked. If you ever lose your mobile, its information will be readily available. This is why I think a hardware wallet is the best and it is very reliable.

Trust wallet is a good choice though but actually it's not convenient for me to use since I will do multiple transfer before I can successfully transfer my funds to my personal local wallet. But any of this even though we can call it safe we still need to be vigilant since we still have chances to lose that's why it's better to store ok hardware wallets if we prefer to hodl.

I think there is no difference in using the mobile wallets or desktop wallets. Both are same and both have the same type of risk.


Not everyone can bypass the finger print and i guess it is safe.  Even if few experts can hack finger prints, even then your phone is protected by pass code and passwords.



Losing an iphone, you are 100$ safe. On an android phone, the hard reset will leave no traces for the hacker to hack your bitcoins.




Never keep the photos of private key in your phone. That's the best way to remain safe.

Password/fingerprints are only put in place to protect the app alone. An hacker only needs the seeds of the wallet. Mobile wallet always comes in handy and that's why fingerprint security is put in place but not for hackers but for those around you. The only thing you should be scared of is the web wallet because your coins are stored with them.

Mobile wallets are not exactly less secure. However, the best wallets in terms of security are hardware wallets like Cobo Vault, Ledger, Trezor, KeepKey, etc.

I use Coinomi wallet for mobile. This wallet Like Electrum, your wallet addresses are generated using a 'master seed' of 12 random words which never leaves your device. You can use this to restore your wallet balance for all of your coins should anything happen to your device. Coinomi offers the option to set a password during setup rather than a mandatory PIN as with Electrum. If you choose not to set a password, make sure your Android device has screen lock enabled and is encrypted.

Personally, I see the main problem with mobile wallets is that a lot will depend on the reliability of the device’s operating system itself.
In addition, many programs can be compromised to take control of your device. I do not trust mobile antiviruses on android, all the same, hackers nowadays manage to exploit vulnerabilities before they are closed.

Android devices doesn't need anti virus because it doesn't affect the device since its linux based operating system so hackers using sneaking techniques via app information while installing.So keep watching the app permissions and avoid clipboard hacking with keylogger trojans.