HTML5 is a web interface technology. Of course, we love it since it easy to develop beautiful interfaces. But from a security point of view it is just as insecure as any other web technology.
The problem is that it will be easy to develop apps with stunning interfaces and advanced functionality that works cross-platform. Too easy maybe, so people will chose this environment without understanding the consequences.
It will be even more important to separate transaction from secure authentication (read multi-factor authentication). And the transaction itself must be protected with encryption schemes outside the browser environment. HTML5 is for interface building, not secure applications or IT systems.
So, in the long run it might even be harder to develop in HTML5 because of all extras you have to add. If you don’t use a backend service for security and communication, like apptimate.io.