Having compared the S3 to the iPhone 5 in a phone store I'm really struggling to see why anyone would want to stick with the iPhone 5 right now. ...
Maybe because at the recent mobile pwn2own the iPhone was only exploited to the point that non critical data available via official APIs was exposed while the S3 was exploited to the point that all data on the phone was exposed and malware could be installed because the S3 exploit included privilege escalation.
The fact that Android is more prone to privilege escalation vulnerabilities combined with an App Store that mostly relies on a reputation model, where users have to become infected including possibly by banking malware, to vet the security of apps is the reason to get an iPhone.
The likelihood of an Android phone being infected by malware via privilege escalation is increased by the fragmentation present amongst android devices. Very few devices are running the latest version of Android, which means most devices aren't fully patched. The S3 isn't running the most recent version of Android.