A hardware wallet's security claim rests on a small chip most users never see. The chip is called a secure element, and it's the same family of component that holds the data on your passport, your contactless credit card, your SIM card, and (in slightly different form) your iPhone's biometric data. In a hardware wallet, the secure element is what makes the wallet a hardware wallet rather than just a small computer with a screen. This piece walks through what a secure element is, how it differs from regular chips, the certification levels that matter, the physical attacks the chip resists, and why the choice of chip is the most consequential decision in hardware wallet design.
A secure element is a tamper-resistant microchip designed to handle sensitive data in environments where the rest of the device can't be trusted. It runs a small operating system, holds cryptographic keys, and performs operations like signing and encryption without exposing the keys to the rest of the system. The distinguishing property is physical and logical isolation. A regular microcontroller assumes the surrounding environment is friendly: it stores data in memory the operating system can read, and any code running on the device can in principle access any data the device holds. A secure element assumes the surrounding environment is hostile: it stores data in protected memory the host can't read, exposes only a narrow API for operations, and resists physical attacks designed to extract the data through hardware means.
Three structural differences matter. 1. Physical resistance. A regular chip can be decapsulated (the plastic housing removed), inspected under a microscope, and probed electrically to read internal data. A secure element has anti-tampering features: meshes that detect decapsulation attempts, fault-injection countermeasures, sensors that erase keys if the chip is tampered with. 2. Side-channel resistance. When a chip performs a cryptographic operation, the operation generates measurable side effects: power consumption variations, electromagnetic emissions, timing differences. A regular chip's operations leak information through these side channels that can be used to reconstruct the key. A secure element is designed to perform the operations with constant power consumption, constant timing, and minimal electromagnetic leakage. 3. Logical isolation. A regular chip exposes most of its functionality to whatever software is running on it. A secure element exposes only a defined set of cryptographic operations through a narrow API. The host can ask the chip to sign a transaction; the host can't ask the chip to reveal the private key. These differences come at a cost. Secure elements are more expensive to manufacture, slower to operate, and offer less computational flexibility than general-purpose chips. The trade-off is justified when the data being protected is high-value.
The Common Criteria framework rates secure elements on Evaluation Assurance Levels (EAL), running from EAL1 (functionally tested) to EAL7 (formally verified). For crypto applications, the relevant range is EAL5+ to EAL7+. - EAL5+ is the minimum reasonable level for a hardware wallet. The chip has been tested against a defined attacker profile and demonstrated resistance to the relevant attacks. - EAL6+ is the level most respected hardware wallets target in 2026. The chip has been tested against a stronger attacker (with significant resources, expertise, and time), and its design has been semiformally verified. - EAL7+ is reserved for the highest-security applications (national security, payment processing for the largest payment networks). Hardware wallets at this level exist but are rare and expensive. The "+" in EAL5+, EAL6+, and so on indicates that the certification has been augmented beyond the standard requirements for that level. The augmentation adds specific tests for the application context.
A secure element is built to resist a defined set of physical attacks. The major categories: Decapsulation and probing. An attacker removes the chip's housing and physically probes the silicon with microelectrodes to read internal signals. Secure elements have meshes that detect this and erase keys before the attacker can extract them. Fault injection. An attacker uses lasers, voltage spikes, or clock glitches to cause the chip to skip security checks or produce predictable outputs. Secure elements detect anomalous conditions and refuse to operate, or perform redundant checks that make fault injection ineffective. Side-channel analysis. An attacker measures power consumption, electromagnetic emissions, or timing during cryptographic operations and statistically reconstructs the key. Secure elements use constant-time algorithms, power-balanced circuits, and shielding to minimize side-channel leakage. Differential power analysis (DPA). A specific side-channel attack where the attacker collects many traces of cryptographic operations and uses statistical analysis to extract the key. Secure elements designed for crypto applications include DPA countermeasures built into the implementation. Each attack class has been extensively studied and tested in the certification process. EAL6+ chips have been demonstrated to resist the relevant attacks under standardized conditions.
The same chips that power hardware wallets show up across consumer electronics, in slightly different configurations. Passports use secure elements to hold the biometric data and cryptographic keys that prove the passport is genuine. The chip in your passport's RFID antenna is functionally similar to the chip in a hardware wallet. Credit cards (the contactless ones) use secure elements to hold the card's authentication keys and to perform the cryptographic handshake with the payment terminal. Tap-to-pay works because the secure element signs a transaction with a key the terminal can verify. A SIM card carries a secure element that holds the subscriber identification keys, which is what proves your phone is authorized on the carrier's network. Inside iPhones, Apple's Secure Enclave (a related but distinct design) holds biometric data and handles Apple Pay transactions. The overlap is the reason the secure element ecosystem exists at the price points hardware wallet vendors can afford. The chips are produced at scale for adjacent markets, and crypto applications buy into the same supply chain.
The hardware wallet market in 2026 uses chips from a small number of established vendors. Infineon. The SLC series is the most common secure element family in high-end hardware wallets. The SLC38 (used by Ryder One) is EAL6+ certified. STMicroelectronics. The ST33 series and successors are used by Ledger and others. EAL5+ to EAL6+ depending on the specific chip and certification target. NXP. Less common in hardware wallets but used in payment cards and passports extensively. EAL5+ to EAL6+ range. The choice of chip affects what the wallet can demonstrate about its security properties. A wallet that uses an EAL6+ chip from Infineon, STMicro, or NXP can point to a specific certification report. A wallet that uses a generic microcontroller cannot.
Software security can always be improved with a patch. A vulnerability gets discovered, the vendor ships a firmware update, the issue gets fixed. The patch path is well-understood across the industry. Hardware security can't be patched after manufacture. If the chip's design has a flaw, every device with that chip carries the flaw permanently. Side-channel resistance, fault-injection countermeasures, and tamper-detection meshes are decided at the silicon level. This is why hardware wallet vendors who use certified secure elements emphasize the chip choice in their marketing. The chip is the part of the security model that can't be improved after the fact. Everything else (firmware, app, recovery flow) sits on top of the chip's security floor.
Ryder One uses an EAL6+ certified Infineon SLC38 secure element. The chip generates private keys locally, holds them in tamper-resistant memory, and signs transactions without exposing the keys to anything outside the secure element. The physical button on the device is wired directly to the secure element, so no software path can trigger a signature without a physical press. The firmware that runs the rest of the device is independently audited by Halborn, with the audit report public.
Built on an EAL6+ certified secure element. Ryder One holds your private keys on an Infineon SLC38 secure element, with the physical button wired directly to the chip for every signature. See how it works.
The only crypto wallet you can install on a crowded subway.
Set it up in less than 60 seconds and just tap your phone to send, swap, and recover.
Share: