Secure Element
Updated Apr 13, 2026
A secure element is a tamper-resistant chip designed to store sensitive data and perform cryptographic operations in an environment that is physically and logically isolated from the rest of a device. It cannot be read by external software, extracted through the main processor, or accessed remotely. What goes into a secure element stays there.
In cryptocurrency hardware wallets, the secure element is where private keys are generated, stored, and used to sign transactions. It is the component that makes a hardware wallet fundamentally different from a software wallet, and the reason attackers cannot steal its private key through a network attack. The same chip technology protects the data on bank cards, passports, SIM cards, and Apple Pay. It is a mature, independently certified standard, not a marketing claim.
How a Secure Element Works
A secure element is a self-contained computing environment. It has its own processor, memory, and operating system, all sealed inside a single chip. The host device - a phone, a card, or a hardware wallet - can send instructions to the secure element and receive outputs, but it cannot inspect what happens inside or access the data stored within.
In the context of a crypto wallet, the process works like this:
- During setup, the secure element generates a private key using its internal random number generator
- The key is stored in the chip's protected memory and never transmitted anywhere
- When a transaction needs to be signed, the system passes the unsigned transaction data into the chip
- The secure element performs the signing operation internally using the stored key
- Only the completed signature is returned to the companion app
- The app broadcasts the signed transaction to the network
The private key participates only in step four. The host device never sees it. The companion app never sees it. No software running on any connected device has access to it at any point. This architecture is what makes remote attacks impossible. There is nothing to extract over a network because the key never enters a network-accessible environment.
How Secure Elements Are Certified
Secure elements are not self-certified. They go through independent evaluation programs that test both the hardware and the software running on the chip against known attack methods. The two most widely recognized standards are:
- Common Criteria (CC). An internationally recognized framework under which chips are evaluated by independent laboratories and certified at different assurance levels. EAL5+, EAL6, and EAL7 are the levels typically seen in financial-grade secure elements. Higher levels require more rigorous testing against more sophisticated attacks.
- EMVCo. The standard behind chip-based bank cards and contactless payments worldwide. A chip certified under EMVCo standards has been tested specifically for financial transaction security.
When a hardware wallet manufacturer states that their device uses a certified secure element, it means an independent laboratory has verified the chip's resistance to the attack categories relevant to that certification level. The verification is meaningfully different from a manufacturer's internal claim about security.
Secure Element vs Standard Chip
| Factors | Secure Element | Standard Microcontroller |
|---|---|---|
| Physical tamper resistance | Yes | No |
| Memory accessible externally | No | Potentially yes |
| Independent security certification | Yes (CC, EMVCo) | No |
| Used in | Bank cards, passports, hardware wallets | Consumer electronics, basic embedded devices |
| Attack resistance | Side-channel, fault injection, probing | Limited |
| Key extraction possible | Designed to be impossible | Possible under some conditions |
Some hardware wallets use a standard microcontroller instead of a dedicated secure element, relying on software protections rather than hardware isolation. This is a meaningful security distinction worth checking when evaluating any hardware wallet.
Secure Element in Practice
Consider what happens when spyware infects a phone. The malware can read files, access memory, log keystrokes, and exfiltrate data to a remote server. If a software wallet is installed on that phone, the private key stored in the app's memory is accessible to anything running at the operating system level.
Now consider the same phone with a Tangem card tapped to it during a transaction. The malware sees the companion app sending a transaction to the card. It sees the card returning a signature. It cannot intercept the private key because the key never appears in the phone's memory. The signing occurred within the card's secure element. The malware has nothing to steal.
This is the core practical value of a secure element in a wallet context. The threat model for most users is not a government-level adversary with laboratory equipment. It is malware on a compromised phone, a phishing site, or a rogue browser extension. A secure element defeats all of these attack vectors at the architectural level.
Risks and Common Misconceptions
"A secure element means the wallet is completely unbreakable." A secure element protects the private key from software attacks and most physical attacks. It does not protect against approving a fraudulent transaction you did not read carefully, against a compromised seed phrase written on an exposed recovery sheet, or against physical coercion. Hardware security is one layer, not the entire picture.
"All hardware wallets use a secure element." They do not. Some hardware wallets use general-purpose microcontrollers with software-based protections. These offer meaningful improvement over hot wallets but do not provide the same hardware-level isolation as a certified secure element. Check the manufacturer's technical specifications before assuming.
"Secure elements can be broken with enough effort." Certified secure elements are designed to resist even well-resourced physical attacks, including side-channel analysis, fault injection, and micro-probing. While no security is theoretically absolute, breaking a certified secure element requires specialized laboratory equipment, significant expertise, and physical possession of the chip. This attack is not available to remote adversaries and poses no realistic threat to the vast majority of users.
"The wallet company can access the key through the secure element." A properly implemented secure element generates the key internally, and the key never leaves the chip. The manufacturer has no access to keys generated after the device leaves the factory, a claim that can be verified through the chip's certification and, where applicable, its open-source firmware.
How Tangem Approaches Secure Element
Tangem builds its wallet around a certified secure element embedded in a card the size of a bank card. The chip holds the private key from the moment it is generated during setup and never releases it under any condition during normal operation.
The secure element Tangem uses holds Common Criteria certification at EAL6+, one of the highest assurance levels available in commercial hardware. This is the same chip category used in biometric passports and high-security bank cards, independently verified rather than self-declared.
Because the card is a secure element, there is no separation between the chip and the storage device. The key does not move from a secure chip to a less secure storage medium at any point. No firmware layer handles key management outside the chip boundary.
Tangem's default setup also generates no seed phrase, which removes the most common external vulnerability to a secure element-based wallet: a well-protected key paired with a carelessly stored recovery sheet. The chip protects the key. The card set replaces the paper backup. Together, they address both halves of the hardware wallet security equation.
Frequently Asked Questions About Secure Element
What is the difference between a secure element and a secure enclave?
A secure enclave is a protected execution environment built into a general-purpose processor, such as Apple's T2 chip or the ARM TrustZone. It provides meaningful isolation from the main operating system while sharing the same physical die as the main chip. A secure element is a completely separate, independently certified chip with its own processor and memory. For high-value key storage, a dedicated secure element provides stronger hardware separation.
Do software wallets use secure elements?
Generally no. Software wallets store keys in the operating system's protected storage, which offers software-level isolation but not hardware-level isolation. Some phones have secure enclaves that software wallets can optionally use, but this is not equivalent to a dedicated, independently certified secure element.
Can a secure element be copied or cloned?
Certified secure elements are designed to prevent this. Physical protections inside the chip destroy stored data if tampering is detected. Cloning the chip would require defeating these protections without triggering them, which is beyond the capability of any realistic non-laboratory attacker.
Why do bank cards use the same technology as hardware wallets?
Both require the same property: a secret that authorizes high-value transactions must be stored in a way that attackers cannot extract, even if they physically possess the card. The cryptographic problem is the same. Engineers developed secure element technology for financial applications, and the hardware wallet industry later adopted it.