Firmware & Authenticity

This article applies only to Tangem Hardware Wallets.
Using Mobile Wallet? See the Mobile Wallet Help Center.

How can I be sure that I bought an authentic wallet?

The wallet cannot be modified from a software or physical standpoint because it contains a monolithic chip inside.

When scanning the wallet, the Tangem app can accurately verify:

That Tangem actually produced the wallet.
That the wallet contains the Tangem firmware.

The Tangem app verifies the authenticity of both the chip and the firmware, providing adequate protection against counterfeiting. Thanks to this technology, it is entirely safe to buy anywhere.

The main points are:

You have installed the official Tangem app.
The device should prompt you to create a wallet; if they do not, reset them to factory settings.

Find more information in the blog: How to Tell If Your Tangem Wallet Is Authentic.

How do I confirm that I have received a wallet that has not been used before?

When you scan a Tangem device for the first time:

If you see a prompt to create a wallet, the device has not been activated before.
If you see a message that the wallet is already activated, the device was used previously.

If a wallet already exists on the device, you will see the following notification before entering the access code: "If, during the first use of the wallet, you are prompted to enter or change the access code, do not use it — this is a scam. Are you activating it for the first time?"

You will then have two options:

I activated it earlier — Opens the access code entry screen.
Yes, this is a new wallet — Opens the article: Scam Alert: How to Identify and Avoid Pre-Activated Wallets

What to do if your wallet is already activated
If you purchased a wallet that shows as already activated:

Do not use the existing wallet
Reset the device to factory settings
Create a new wallet

Resetting completely erases all existing data and deletes any previously generated keys. After the reset, new public and private keys will be generated. Even if the device was activated before, resetting it ensures that only you control the new keys.

How do I verify the authenticity of the Tangem firmware?

Tangem employs a "security through obscurity" approach. Revealing the source code would expose its hardware wallets to vulnerabilities.

To prove that the Tangem firmware does not have backdoors or bugs that could lead to loss of funds, we went through two independent audits of the Tangem firmware. The first audit was conducted in 2018 by the Swiss company Kudelski Security, and the second in 2023 by the international security laboratory Riscure.

Both audits confirmed the integrity of our system, establishing that the private key was generated using a hardware random number generator and that there were no backdoors or bugs that could lead to the loss of funds.

You can read the detailed reports of both audits. Kudelski Security's audit results are available here, and information about the second audit conducted by Riscure can be found here.

Can the wallet's firmware be updated?

The Tangem firmware is downloaded into the chip once and cannot be updated again. This eliminates the risk of installing malware and possible theft of funds. Updating a hardware wallet's firmware means that you will have to trust the wallet manufacturer and hope that, at some point, you won't receive an update that compromises your keys.

Tangem's firmware has undergone two independent audits from Kudelski Security and Riscure. Both audits confirmed the integrity of our system, establishing that the private key was generated using a hardware random number generator and that there are no backdoors or bugs that could lead to the loss of funds.

You can read the detailed reports of both audits. Kudelski Security's audit results are available here, and information about the second audit conducted by Riscure can be found here.

Need more help?

Save time by starting your support request online and we'll connect you to an expert.

Submit a request