Simply put, the devs of the Pheeva wallet have figured out a way to 'hack' the iOS ecosystem. They created a co-op in order to push enterprise apps through web browsers (vs. downloading through the app store).
Enterprise apps are nothing special, anyone can get a certificate to make those.
The downsides are the binaries you can sign with them are only valid for a year (after a year it'll stop working and you'll need to download one they've rebuilt more recently) and if they were doing it by the book, they're only supposed to distribute apps within their own organisation with it. Maybe that's what all the co-op nonsense is about.
At the end of the day you're still running an untrusted closed source binary which could be doing anything with any coins you trust to it. The only way I'd trust anything like this is if I could build it myself.