Actually check out Coinomi -- the recovery seed is a mnemonic phrase that is not stored on your phone or android device -- they recommend storing on an offline device and paper -- without that phrase your wallet is bricked.
Someone has to have physical control of your phone because there is literally no central account, and all keys are stored on the phone itself -- just like a hardware wallet
No, a hardware wallet is much more secure. Something like Coinomi I would only use as a bit wallet for small amounts of crypto.
Please explain exactly the difference if I have physical control of your hardware wallet.
Coinomi has no central repository of users -- the app and keys are on my phone, encrypted with a mnemonic seed.
Unless you have physical control of my phone, you don't know my public key or my wallet address.
With ledger, the private keys are never exposed to the os. Transactions are signed by the hardware which requires physical confirmation. So, in principle the os of the computer could be comprised and it would not make a difference. With an app, I do not think that is the case. If your phone is compromised, transactions only need to be signed by software, which should be easy to do if the attacker is controlling your phone remotely.
If you have physical access to the ledger. You have 3 goes at a 8 digit pin, or it will wipe everything. You can have 2 different levels of 24 random word passphrase (or 24 plus one secret) allowing for plausible deniability and given you a minimum of 2 wallets for each currency (of which one is deniable).
Phones are inherently insecure, computers as well, but phones lag in security. Shapeshift whilst useful is not really a good long term way to change between currencies. Unless you are using it for anonymity, but then that is compromised by using a software wallet on your phone!