How Ledger's Secure Element Chip Actually Works

A Secure Element (SE) is a tamper-resistant microcontroller designed for cryptographic operations. Ledger uses chips certified to CC EAL5+ and EAL6+.

Key Properties

• Isolation: Keys never leave the chip. Signing happens internally
• Tamper resistance: Resists voltage glitching, laser fault injection, side-channel attacks
• Secure boot: Verifies firmware integrity before execution
• Dual-chip architecture: SE handles keys; separate MCU handles UI and Bluetooth

Why Not a Regular Chip?

General-purpose microcontrollers lack certified protections. A compromised computer could theoretically extract keys from non-SE devices. The Secure Element is a hardware barrier software alone cannot breach.

What This Means for You

Your 24-word recovery phrase is generated inside the SE. Every transaction is signed inside the chip. This architecture has protected billions in crypto assets. The same technology protects your passport and credit card.