Tangem & Security
Tangem Wallet is designed so that your private key never leaves your device and no one — including Tangem — can access your funds. This section explains how that works in practice.
Overview of Tangem's security features
 | Anti-counterfeit Technology: The Tangem app verifies the authenticity of the chip and the firmware, providing full protection against counterfeiting and cloning. The app confirms the authenticity of your Tangem device when you tap it against your phone. |
 | EAL6+ CC: The secure element chip inside every Tangem device is developed in collaboration with Samsung Semiconductor and certified to EAL6+ under the Common Criteria standard — the highest security level available for commercial secure elements. The chip is protected against invasive and non-invasive attacks. Private keys are generated inside the chip during wallet activation. Nobody has access to your private key, and it cannot be revealed under any circumstances. |
 | Audited firmware: The Tangem firmware has undergone two independent audits: in 2018 by the Swiss company Kudelski Security and in 2023 by Riscure, an international security lab. Both audits confirmed that the firmware has no backdoors or vulnerabilities, is non-updatable, and contains no hidden algorithms. |
 | Open-source app: The Tangem mobile app is open source and publicly available on GitHub. Anyone can review the code, verify its behavior, and rebuild the app independently. |
 | Autonomy: Tangem does not require account registration and does not collect personal data. Your transactions go directly to public blockchain nodes — Tangem's servers are not involved in processing them. |
 | Smart backup system: The chip in the Tangem device generates a random private key that never leaves the chip in the clear. During backup, the Tangem devices establish a secure connection and transfer the encrypted private key between them. The key is stored only on the linked devices with no other copies in space and time. |
 | Access code protection: Your Tangem device is protected by an access code that you set during setup. After a set number of incorrect attempts, the device locks to prevent brute-force attacks. You can also use biometric authentication on supported devices. |
FAQ
Is it safe to buy Tangem Wallets from resellers?
Yes. The Tangem Wallet cannot be modified either in terms of software or physically, as it contains a monolithic chip. When scanning the Tangem device, the official Tangem app verifies two things:
- It confirms that Tangem produced the wallet.
- It also confirms that the wallet contains Tangem's firmware.
This technology makes buying Tangem Wallets completely safe, even at an underpass. The most important things to note are that:
- You have installed the official Tangem app.
- The card or ring prompt you to create a wallet. If not, reset the Tangem device to factory settings.
For further information, please refer to the article: How to Check Wallet Authenticity.
How is Tangem Wallet a cold wallet?
A cold wallet is a type of wallet that keeps its private keys offline, ensuring they are never connected to the internet.
The Tangem Wallet generates its private key using a hardware random number generator when you scan the Tangem device with your smartphone. This key stays on the wallet, which is not connected to the internet, so it never leaves the wallet.
The main purpose of the wallet is to securely store the private key, while the app acts as a user-friendly way to interact with the wallet’s chips and the blockchain.
What will happen to the Tangem device when exposed to a powerful magnetic field, for example, in an MRI machine?
The Tangem chip is also safeguarded against EMP (electromagnetic field pulse), ESD (electrostatic discharge), and X-rays in accordance with the ISO 7816-1 standard.