For added security, your mobile app can be customized with only the permissions you want to grant it. To do that, read carefully:
Instead of logging into the app with your username and password, you will generate an API key and import it into the app. To create the key, go to bitfinex.com/api
During creation, select only the permissions you want your mobile app to have. For example you could give the key "read" permission for orders but not "write" permission for orders. This would allow your app to view orders, but not place new ones.