Mobile wallet is a payment platform that stores money as a value in a digital account on mobile device which can then be used for payments with or without the need for the use credit/debit cards. The cases of cyber-attacks are on the rise, posing threats to the confidentiality, integrity and availability of information systems including the mobile wallet transactions. Due to the adverse impacts of cyber-attacks on the mobile payment service providers and the users, as well as the risks associated with the use of information systems, performing risk management becomes imperative for business organizations. This research work focuses on the assessment of the vulnerabilities associated with mobile wallet transactions and performs an empirical risk management in order to derive the security priority level needed to ensure the security and privacy of the users of mobile wallet platforms. Based on the extensive literature review, a structured questionnaire was designed and administered to the mobile wallet users who are Paga student customers via the internet. A total number of 52 respondents participated in the research and their responses were analyzed using descriptive statistics. The results of the analysis show that mobile wallet Login details are the most important part of customer information that need to be highly protected as their compromise is likely to affect others. Also, customers’ information such as Mobile Wallet Account Number, Registered Phone Number, Linked ATM Card details, and Linked ATM Card PIN among others are also plausible to attacks. Hence, different security priority levels were derived to safeguard each of the components and possible security tools and mechanisms are recommended. The study also revealed that there are vulnerabilities from the mobile wallet users end that also pose threat to the security of the payment system and customers’ transaction which need to be properly addressed. This research work will enable the mobile payment service providers focus on their services and prioritize the security solutions for each user’s information types or components base on the risks associated with their system and help in taking an inform security related decisions.