This document summarizes the top 10 mobile security risks according to the OWASP Mobile Security Project. It introduces the mobile threat model and discusses each of the top 10 risks, including weak server-side controls, insecure data storage, insufficient transport layer protection, unintentional data leakage, poor authentication and authorization, broken cryptography, client-side injection, security decisions via untrusted inputs, improper session handling, and lack of binary protections. Best practices for addressing these risks are also provided.