All articles

Secure Element in Trezor Safe 5 & Trezor Safe 3

Table of Contents

What is a Secure Element and what does it (not) do?
How does the Secure Element protect your wallet?
Enhanced Security with CC EAL6+ Certification
Are the Trezor Safe 3 and Safe 5 still open source?
Are the Trezor Safe 3 and Trezor Safe 5 safer than the Model One or Model T?

One of the biggest differences between the Trezor Safe Family and the Model One or Model T is the addition of a dedicated Secure Element. This article explains what the Secure Element does, what it doesn’t do, and how it integrates into the open-source design of Trezor hardware wallets.

In simple terms, the Secure Element in the Trezor Safe 5 and Trezor Safe 3 has two key functions:

Enhancing PIN protection – It adds an extra layer of security to your PIN authentication process.
Verifying device authenticity – It helps confirm that your device is genuine.

Trezor Safe 5 and Safe 3 use the OPTIGA™ Trust M (V3) Secure Element, a chip designed to protect highly sensitive information from software and hardware attacks.

That said, the most important thing to protect in a hardware wallet is your wallet backup (formerly called the recovery seed). A Secure Element could pose a risk if it were able to access this backup—so we designed a system where the Secure Element never learns your wallet backup.

When you enter your PIN, the Secure Element helps verify it without storing the PIN itself.
If the correct PIN is entered, the Secure Element releases a cryptographic secret that is required to access your encrypted wallet data.
Your wallet backup remains stored on the general-purpose chip, but it is encrypted using both your PIN and the secret stored in the Secure Element.

The Secure Element never stores or has access to your wallet backup. Instead, it securely holds a cryptographic secret that is used to decrypt the wallet backup. The wallet backup itself remains encrypted and stored only on the general-purpose chip inside your Trezor Safe 5 or Safe 3.

The Trezor Safe 5 and Safe 3 build on the security of previous models by incorporating a CC EAL6+ certified Secure Element, one of the highest security assurance levels for consumer hardware wallets. This certification ensures the Secure Element has been rigorously tested to withstand sophisticated attacks.

Rigorous Testing – The certification process involves extensive testing to ensure resistance to sophisticated attacks.
Enhanced Security Features – The “+” in EAL6+ indicates additional security safeguards beyond standard EAL6 requirements.
Transparency and Trust – Our CC EAL6+ certification does not require non-disclosure agreements (NDAs), allowing us to fully disclose our security processes and reinforce trust within our community.

Yes! Trezor remains fully committed to open-source security and transparency. The code that handles your wallet backup and keys remains fully open source, ensuring that the security of our devices can be verified by the community.

Additionally, we have sourced the OPTIGA™ Trust M (V3) Secure Element from a manufacturer that does not impose restrictions on publishing security findings. This allows us to openly disclose vulnerabilities if discovered, staying true to our open-source principles.

The Secure Element adds protection against certain physical attacks, but no single security feature is a silver bullet.

For most users, following security best practices—such as using a strong PIN, keeping your wallet backup secure, and avoiding phishing attacks—provides sufficient protection.

Trezor strongly recommends learning how to use a passphrase safely, as it can offer an additional layer of security. However, a passphrase must be used with caution—if lost or forgotten, your funds will be permanently inaccessible. Use a passphrase only if you fully understand how it works.

;