Tangem Wallet provides robust security features to protect your digital assets. One key security measure is the use of access codes. This article explains how this feature works, its essentials, and how to manage your access code effectively.
What is access code protection?
Access code protection in Tangem Wallet is a security feature that safeguards your crypto assets by requiring a chosen passcode/PIN/phrase to access the wallet. This feature helps prevent unauthorized access and protects your assets from threats, even if your physical Tangem card is lost or stolen.
The user chooses the access code when setting up the wallet. This access code could be;
A PIN such as 12345678
A word or phrase. For example, TangemIsGreat, Tangem4EVER, 123Judely, Tangem Rules.
A combination of the above.
To improve user convenience, Tangem has also allowed users to save their access code and use biometric authentication anytime the access code is required.
Tangem Wallet also offers biometric authentication as an added layer of security. This feature leverages your smartphone’s biometric systems, such as fingerprint scanning or facial recognition, to unlock the app and manage your wallets without repeatedly entering the Access Code.
How biometric authentication enhances security
Biometric authentication on your iPhone or Android —such as Face ID or Touch ID—connects to the saved Access Code through the device's secure enclave and authentication mechanisms.
Secure Enclave on iOS: Biometric data is stored in a secure, isolated environment called the Secure Enclave, which ensures that sensitive information remains protected even if the main processor is compromised.
Trusted Execution Environment (TEE) on Android OS: Similarly, Android devices use TEE to store biometric data securely, ensuring that the data is inaccessible to other apps, including the Tangem app.
Let's explain how it works.
Storing the access code
When you save an Access Code on your iPhone, it is securely stored in the iCloud Keychain or the local Keychain, depending on your settings. On Android, it is stored in the Android Keystore system. This data is encrypted and can only be accessed by your device.
Biometric data storage
Your biometric data (fingerprint or facial recognition data) is stored securely on the device within the Secure Enclave or Trusted Execution Environment. These are separate chips designed to handle sensitive information securely. The biometric data is not stored on any servers or shared with any apps.
Biometric authentication process
When you attempt to use biometric authentication to access a saved password, the following steps occur:
Your device captures your biometric data (fingerprint or facial recognition).
The captured biometric data is compared to the stored biometric data within the secure enclave.
If the biometric data matches, the secure enclave signals successful authentication.
Accessing the Code
Upon successful biometric authentication, the secure enclave allows access to the Keychain or Keystore, where the Access Code is stored. It can then be auto-filled in the required field or used to log into the Tangem app.
Security measures
Your saved access codes and biometric data are encrypted, ensuring unauthorized parties cannot access them. The secure enclave and TEE operate separately from the main processor, providing an additional security layer. Your biometric data is stored locally on your device and is never shared with Apple, Google, or Tangem.
Biometric authentication simplifies the user experience while maintaining high-security standards. However, you still need to tap your Tangem card on your phone to sign transactions, adding a layer of security.
How the Access Code Works in Tangem Wallet
Here’s how access code protection works in Tangem Wallet:
Setting up your access code
When you first set up your Tangem Wallet, you will be prompted to create an Access Code. This code can be any word, phrase, or number you choose. Here’s how you do it:
- Download and install the official Tangem app on your smartphone.
- Tap the card to your phone to initiate the setup.
- Enter an Access Code that is easy to remember but hard for others to guess. '
- Confirm the code by entering it again.
- For additional security, back up your private keys to other Tangem cards. Scan each backup card and enter the Access Code.
This process protects your wallet from brute-force attacks and unauthorized access.
Using your access code
The Access code is required every time you need to perform critical operations, such as:
- When opening the Tangem Wallet app to check your balance or transaction history.
- Confirming transactions to ensure they are authorized by the card owner.
- Making any modifications to wallet settings or card configurations.
Changing your access code
If you ever need to change your access code, follow these steps:
- Open your wallet by scanning your card.
- Click on the three dots in the top-right corner and select Device Settings.
- Scan the device on which you want to change the Access Code.
- Enter your current Access code to proceed.
- Click Change Access Code on the screen that appears.
- Enter your current Access Code again.
- Enter and confirm your new code.
- Tap Continue and scan your Tangem to save changes.
Resetting your access code
In case you forget your Access Code, Tangem provides a straightforward method to reset it, ensuring you regain access without compromising security:
- Open the Tangem app and scan the device for which you want to reset the code.
- Click the 'Forgot your code?' option on the setup or welcome page.
- You will be prompted to enter and confirm a new Access Code.
- To confirm the reset, you need another device from your Tangem wallet set. Tap the backup card as instructed to complete the process.
- After confirming with the backup card, the Access Code will be reset, and you can use the new code to access your wallet.
This method requires a backup card, which ensures that even if someone tries to reset the code without your authorization, they would need access to a secondary card, adding an extra layer of security.
If you want to change the access code for the whole wallet (all cards and rings), you must perform the procedure for each one.
Disabling the access code reset option
The Tangem Wallet provides an option to disable access code reset with a backup card. You can adjust this setting within the app. This ensures that once the Access Code is established, it cannot be reset without a rigorous verification process.
Benefits of access code protection
- Enhanced security: This feature protects against unauthorized access and transactions. Access code protection and biometric authentication are bonuses for added convenience and security.
- User control: This feature gives users control over their digital assets, ensuring only authorized individuals can perform transactions. Even if your Tangem card is lost, your assets remain secure, as the Access Code is required to access the wallet.
- Recovery options: Provides a secure method to recover access through a backup card, balancing security with convenience.
By integrating these security measures, we ensure that users can manage their digital assets confidently, knowing their funds are protected against unauthorized access. For more detailed guidance on using Access Codes and managing security settings, you can refer to the Tangem Help Center or the Tangem Guide.