Microflows run in the runtime server and can therefore not be used in offline apps, while nanoflows run directly on the browser/device and can be used in an offline app.
As in other words when we need to trigger our logics we use the microflows and runtime it triggers as it make our call and api secure
and on other hand nanoflow runs before we hit any logic it runs before we click any page . that we can use it as offline app. in terms of security this is offline no important data is kept in this
Hope this will help you to understand
In Microflows you have the option to apply entity access or not, for Nanoflows entity access will always be applied. This can affect the way you will have to set up your entity access.