Where is my crypto held?
The cryptocurrency is technically located on the blockchain, while the Tangem card stores the private keys used to access blockchain addresses.
The cryptocurrency is technically located on the blockchain, while the Tangem card stores the private keys used to access blockchain addresses.
Wallet keys, which are needed to manage your funds, are created when you activate your card. The keys never leave the chip after the wallet activation and are not transferred anywhere. The primary purpose of the chip is to keep the keys safe and secure.
The key generation process in Tangem Wallet differs depending on whether you create a wallet with or without a seed phrase.
Creating a wallet without a seed phrase:
When you create a wallet without a seed phrase, the private key is generated using a hardware random number generator on the card chip. The entropy for the random number is taken from the chip's physical sensors. This means that each key is unique and truly random.
The main advantage of this method is that the key never leaves the chip in the clear. The chip's main purpose is to ensure the private key's integrity and security.
The hardware random number generator is a component of the Samsung chip. Find the security assessment document here.
Creating a seed-phrase wallet:
When creating a seed-phrase wallet, the Tangem application selects 12 (or 24) random words from a list of 2048 based on the BIP39 seed-phrase standard.
The selected combination of words is converted into a binary seed phrase, which is used to generate a set of private keys and public address pairs. The resulting private keys are downloaded and stored on Tangem cards.
Key Security and Storage:
All methods of creating a wallet work the same way for storing keys. No one can access the keys, whether they stole the card, work for Tangem, or even own it. The private key cannot be removed from the card under any circumstances.
When a backup is created, a secure communication channel is established between the cards using the Diffie-Hellman key exchange protocol, after which the keys are transferred from one card to the other.
This mechanism is fully protected against man-in-the-middle attacks since the first step involves the cards authenticating each other with a two-way attestation, and the encryption is done with a 256-bit key. This is a top-level encryption protocol, and the application will not be able to decrypt the keys under any circumstances.
The use of seed phrases is optional. There are three private key generation methods available in the new Tangem wallet:
1. Using a True Random Number Generator (TRNG), which generates keys inside the card chip and stores them there. Neither Tangem nor anyone else can access them (the recommended method).
2. Generating a seed phrase in the Tangem app and then importing it into the card/ring.
3. Importing your seed phrase from another wallet. Unlike private keys generated in the wallet, a seed phrase can be copied and stolen.
For more information on seed-phrase technology and our approach, see our blog post: Everything About Seed Phrases in Tangem Wallet.
However, all wallet setup methods function the same for key storage. No one can access the keys, even if they steal the card, work for Tangem, or own it. The key cannot be removed from the card under any circumstances, and the primary task of the chip is to keep the key secure.
The card is based on a chip that generates a private key during the wallet creation process, using a hardware random number generator. The entropy for the random number is taken from the chip’s physical sensors. The key never leaves the chip in an unencrypted state or after the wallet is activated. The chip's primary purpose is to keep the key safe and secure.
This means that no one can ever find out your private key. The secret is safe, even from you.
Initially, the card comes without a private key. The key is generated when the wallet is created, and the card is scanned to the device.
Moreover, if you reset the card to factory settings and create a new wallet, new public and private keys will be generated.
The Tangem firmware has undergone two independent audits: the first in 2018 by Swiss company Kudelski Security and the second in 2023 by international security lab Riscure.
Both audits confirmed the system's integrity, finding that the private key is generated using a random hardware number generator and that no backdoors or bugs can lead to loss of funds.
You can read the detailed reports of both audits. Kudelski Security's audit results are available here, and information about the second audit conducted by Riscure can be found here.
Additional cards are needed to create a backup. The number of cards in your set (2 or 3) is the number of copies of your private key that exist in the world. If one of the cards is lost or stolen, the backup cards will help you restore access to your wallet.
The maximum number of cards that can be used as a backup is 3.
All of the cards from the backup are equal to each other and have access to the same wallet.
For security reasons, backup creation and private key cloning can only be done once. You should therefore be sure of the number of copies of your private key you want to create.
As the cards operate without using the company's servers, the cards know nothing about each other. It is only when creating a backup that the private key is copied to the number of cards you have chosen (2 or 3).
If backup cards could be linked on multiple occasions, an attacker could make copies of your card without your knowledge.
Losing the Tangem Ring is the same as losing one of the cards. If you lose the ring, you can still access your wallet through the backup cards. From a security standpoint, if an attacker finds your lost ring, they cannot access the wallet because it is protected by an access code. Moreover, the ring is also protected against brute-force attacks. After the sixth incorrect attempt to enter the code, the delay time for the next attempt is increased by 1 second. The maximum delay time is 45 seconds. The delay is only reset after the access code has been successfully entered.
No, the Tangem Ring is sold as a set with two cards. Additional cards are needed to create a backup. The number of items in your set (2 or 3) is the number of copies of your private key that exist in the world. If one of the items is lost or stolen, the backup copies will help you restore access to your wallet.
No, the ring must be removed from your finger and tapped on your smartphone. You also have to enter the access code or use biometric authentication to use the Tangem app.
Tangem Wallet includes a set of 2 or 3 cards, so that you can back up the key to other cards during the activation process. The backup cards will help you manage your money even if you lose one of the cards.
Losing all your cards will result in losing your funds. Only your cards can give you access to the wallet. The number of cards you have in your backup determines how many copies of your private key exist.
Therefore, we recommend storing your cards in different places. If one card is lost or stolen, you can buy a new set of cards and transfer funds to it.
However, if you set up your wallet with a seed phrase and lose all the cards in the set, you can restore your wallet to another wallet using the exact seed phrase.
No, the cards are protected by an access code from unauthorized access by third parties and against brute-force attacks.
After the sixth incorrect attempt to enter the code, the delay time for the subsequent attempt increases by 1 second. The maximum delay time is 45 seconds.
The delay only resets after the correct access code has been entered.
In such cases, you don't lose access to your assets. You can use your card to access your wallet via any other mobile device. The phone itself doesn't store any assets you hold; it simply acts as a display by visualizing specific data for a particular user on screen. The storage of private keys and signing of transactions is done by your card. All you have to do is download the Tangem app on your new phone and scan the card.
Since you can only create a backup and clone the private key once, you won’t be able to link new cards to an existing backup. After purchasing a new set, you should transfer your funds to the new wallet.
Since Tangem Note cards don't have a backup option and are used in a similar fashion to fiat money, you can manage the cryptocurrency as long as you own the card. If the card is lost, however, it will be impossible to manage the funds.
Tangem Note cards have no backup option or access code protection. For this reason, the cards can be compared to traditional banknotes: whoever owns the card can access the wallet. Like traditional banknotes, therefore, these cards must be physically secure at all times.
This isn’t supported. Once a backup has been created, all cards in the set have a single private key and become equal, so there is no technical way to identify which card has been lost.
When you activate a card and create a backup, you protect each card with its user password. Moreover, the card is protected against brute-force attacks. After the sixth incorrect attempt to enter the code, the delay time for the next attempt is increased by 1 second. The maximum delay time is 45 seconds. The delay is only reset after the access code has been successfully entered.
Tangem does not monitor incoming or outgoing transactions. We never gather wallet addresses, users’ personal data, or any other information that could identify users or their phones.
The app doesn’t store personal data or any other information that could identify a user or their phone.
A cold wallet is a vault for storing cryptocurrency that is not connected to the internet. On Tangem cards, the private key is generated when the wallet is created and the card is attached to the device using a hardware random number generator. It is then stored on the card, which is fully disconnected from the internet. The private key never leaves the card. The primary purpose of the wallet is to store the private keys securely. The app is simply a user interface allowing the cards to communicate directly with the blockchain.
Tangem doesn’t have its own servers that connect to blockchains. It is the app on your phone which communicates directly with the blockchain. This means that we cannot with operations in any way. Tangem's philosophy is to provide users with a technological solution for interacting with crypto assets and nothing more. The wallet protocol looks like this: card <-> application <-> blockchain.
Besides, we don't conduct registration or verification of users, so we don't know their geolocation, citizenship, etc. This means we can't identify a particular user to block their wallet access (even if that were possible). All we can hypothetically find out is your IP address, which can still be changed with a VPN if necessary.
Plus, our app is open source and published on GitHub. With some skills, anyone can study it, make sure it's secure and compile the app.
Tangem Wallet is a highly secure and reliable hardware wallet. The chip in your card is a microcomputer that generates a private key that never leaves the card. We have gone the extra mile to prove it externally:
• The highest certification level among direct competitors that ensures no backdoors: EAL6+ by Common Criteria. This is the same level of chip protection used in passports.
• The firmware has passed two audits from the independent Swiss company Kudelski Security and the international security laboratory Riscure.
• The only hardware wallet with the highest possible IP68 protection rate against environmental conditions. It is entirely safe from dust, water, and hacking attempts.
• The card is durable enough to perform from -25 ℃ (-13 ℉) to +50 ℃ (122 ℉). You can even put it in the snow without repercussions.
• The chip is designed to sign an infinite number of transactions with a life expectancy of 25+ years.
• The chip is further protected against EMPs (electromagnetic pulses), ESD (electrostatic discharge) and X-rays in compliance with the ISO 7816-1 standard.
The cards have a minimum lifespan of 25 years, which is guaranteed by Samsung, the chip manufacturer. Technical information about the chip is available on the Samsung website via the link.
The chip doesn't contain any magnetic elements that could demagnetize. Moreover, the Tangem card chip is protected against EMPs (electromagnetic pulses), ESD (electrostatic discharge) and X-rays in compliance with the ISO 7816-1 standard.
Even though we have no intention of going out of business any time soon (we’ve been running smoothly since 2017), in case something terrible happens, Tangem cards and the app will continue to function. The Tangem app uses the company's servers to verify the card's authenticity, synchronize the list of tokens added between backup cards, and calculate the value of the cryptocurrency in your wallet. Without these services, you will still be able to use your Tangem cards, though it will be a little less convenient. You can read more on our blog via the link.
The previously installed app on your device will be available if the ability to download it from App Store/Google Play suddenly disappears.
The app works independently of Tangem's servers and will continue to work even if the company shuts everything down. You can also always download the Tangem app on GitHub. Moreover, the Tangem app is fully open source and available on GitHub, so a replacement app can be created by anyone and used to power the card.
For more details, you can read our blog.
By default, the same access code is created for all cards during backup. After that, you can set a different access code on each card through by going to "Details", "Card settings" and then "Change access code".
In contrast to Tangem Wallet, Tangem Note is a single card, so it has no backup function or access code protection.
Tangem Note is a good choice for cryptocurrency beginners, and works well as a gift or method for handing over crypto in person.
The access code can only be set if a backup is created. For cards without a backup, you cannot set an access code because if you lose the access code, you will lose access to the wallet. If you have forgotten the access code on a card with a backup, you can reset the code on that card with the help of a second card from the backup.
The card has protection against brute-force attacks. After the sixth incorrect attempt to enter the access code, the delay time for the next attempt is increased by 1 second. The maximum delay time is 45 seconds. The delay is only reset after the access code has been successfully entered.
Tangem cards cannot be physically modified, as there is a monolithic chip inside the card. Tangem cards cannot be modified in terms of software.
The official app can accurately check the following:
— that the card was produced by Tangem;
— that the card is flashed with Tangem software.
Tangem’s end-to-end certification means it’s entirely safe to buy, even in a city underpass. The most important things to note are that:
1. You have installed the official Tangem app.
2. The cards prompt you to create a wallet. If not, reset the cards to factory settings.
When you activate the card, you should be prompted to create a wallet. If not, reset the cards to factory settings and create a wallet; this will generate new keys.
Tangem uses a “security through obscurity” approach. Disclosing the source code will make its hardware wallets vulnerable. To prove that the Tangem firmware does not have backdoors or bugs that could lead to loss of funds, we went through two independent audits of the Tangem firmware.
The first audit was conducted in 2018 by the Swiss company Kudelski Security and the second in 2023 by the international security laboratory Riscure.
Both audits confirmed the integrity of our system, establishing that the private key was generated using a hardware random number generator and that there were no backdoors or bugs that could lead to the loss of funds.
You can read the detailed reports of both audits. Kudelski Security's audit results are available here, and information about the second audit conducted by Riscure can be found here.
For user safety, The Tangem firmware is downloaded into the chip once and cannot be updated again. This eliminates the risk of installing malware and possible theft of funds.
Updating a hardware wallet’s firmware means that you will have to trust the wallet manufacturer and hope that, at some point, you won't receive an update that compromises your keys.
Tangem’s firmware has undergone two independent audits from Kudelski Security and Riscure. Both audits confirmed the integrity of our system, establishing that the private key was generated using a hardware random number generator and that there are no backdoors or bugs that could lead to the loss of funds.
You can read the detailed reports of both audits. Kudelski Security's audit results are available here, and information about the second audit conducted by Riscure is here.