New: Wallet recovery made easy with Ledger Recover, provided by Coincover

Get started

Up your Web3 game

Ledger Academy Quests

  • Test your knowledge
  • Earn POK NFTs
Play now See all quests

The Secure Element Chip: How It Keeps Your Ledger Secure

Read 4 min
Medium
Ledger devices on a podium
KEY TAKEAWAYS:
— Ledger hardware wallets make use of a specialized Secure Element chip for ensuring industry-leading security.

— Secure Element provides the highest level of security for a chip, and are much stronger than traditional chips.

— Secure Elements are used for high-end security solutions such as credit cards and passports.

Let’s dig deeper into a critical component of our technology: the Secure Element.

Self-custody can be a place of extremes. You’ll enjoy more freedom than ever before, but you’ll also find yourself with more responsibility than ever. So how do you navigate a system where details are hard to understand?

We get it – we had all the same questions. So let’s attack each point; what sort of attacks do hardware wallets face, and how do I know my Ledger device will remain secure?

Hardware Wallets: Why Does Security Matter Anyway?

Simply, a hardware wallet allows you to access your private keys easily and quickly for transactions, while keeping them completely secure and concealed. With your private keys effectively existing within your Ledger, the security of that device is a central question. So how do you know they’ll be safe?

Secure Element: The Key Component of Your Ledger Device

Ledger devices differ from other hardware wallets on the market. They are the only web3 devices to contains a component known as a Secure Element. This special computer chip is commonly used in passports, credit cards and payment systems. In fact, you probably use these chips on multiple devices: in any environment where your most sensitive personal data needs to be present, but also completely secure and concealed.

But don’t all wallets contain some sort of chip? Yes – but the point of using Secure Element (a type of Smart Card) is that provides an extra layer of security that standard components don’t have. It not only protects your data, but also embeds intrinsic countermeasures against many known attacks. This makes it tamper-proof and resistant to hacks.

Secure Element applications

In all of these cases, there is highly sensitive information, such as biometric information, banking and transaction information. Without a secure chip, an attacker could easily hack you and take all your money.


Ledger devices use the Secure Element to generate and store private keys for your crypto assets.

Ledger hardware wallet includes a secure element

What Sort of Attacks Could My Ledger Device Face?

We’ve mentioned that Secure Element is important because it can withstand attacks to your Ledger device and therefore protect those critical private keys. But if you’re not a developer (and most of us aren’t) it might not be clear what kind of attacks we’re talking about. So let’s look closer in order to understand.

There are several types of attack which a Secure Element provides protection against, where regular chips would be unreliable or ineffective.

Side-channel attack: a “Shazam” for power consumption

When there’s a song on the radio, Shazam can listen to it and tell you what is currently playing. To do so, Shazam tries to find a match in the extensive library of original songs they’ve built. With the right tools, you can equally listen to the power consumption of a device extract key data from it.

Suppose an attacker has physical access to your device. They could then measure the power consumption and, just like Shazam with sound, match that power consumption pattern with an entry in the database that corresponds with your cryptographic key.  This will eventually allow the listener to crack the PIN code.

This is one specific form of a side channel attack, but there are several others. 

A Secure Element chip is specifically designed with complex countermeasures inside the chip. These help to hide the electromagnetic radiation and power usage, protecting it against those who want to listen to its emissions, and use this as an attack vector.

Fault attacks: applying changes to the circuit while running

A fault attack is the act of perturbing a circuit while it is running. This causes an error within a device or machine, which can lead to either learning more about its functions or even force a different, faulty behavior. Such behavior can include skipping steps of a process or providing a wrong output. All of this is the goal of a fault attack. 

 A Secure Element has built-in ountermeasures to prevent these types of attacks from succeeding; these allow for an efficient fault detection and appropriate security reactions.

Software attacks: learning what makes a device tick

Software attacks aim to expose, alter, disable, destroy or steal information. They can be divided into several types; which all try to find unexpected behaviors obtained by targeting its software. These unexpected behaviors in software are caused by inputs that would normally not be given and can actually show vulnerabilities or give out sensitive information.

By playing around with inputs, you can learn more about how a device’s software is programmed to react to false inputs. This understanding of the software can then lead to discovering its weaknesses. A Secure Element helps to prevent this type of attack, however. Indeed, it drastically reduces the attack surface by keeping a very simple system that uses very few interfaces.

Secure Element Chip Protects Your Ledger From Attacks

A Secure Element is a highly advanced chip that mitigates a lot of different types of attacks. This cutting-edge chip, which is used in high-level security solutions, really sets Ledger apart as a top-end security solution for crypto assets. All of our devices use a Secure Element, which greatly enhances their security. Ledger uses them to generate and store private keys for your crypto assets.

In short, Secure Elements are a critical security component of your Ledger device because:






The Secure Element chip is the go-to solution for protecting critical data, being the standard for banks to protect credit card information and governments to protect biometric data in passports.






Secure Element chips are designed to withstand highly sophisticated and costly attacks.






Secure Element chips go through a thorough evaluation done by a third party and need to successfully withstand the attacks described earlier to be able to receive a security certificate.






Without a Secure Element, critical information (such as PIN codes or even private keys) can be extracted much more easily.

Now we’ve covered the main vulnerabilities of hardware wallets – and how Secure Element overcomes them. So, now you have the foundation you need to understand the technological aspects of self-custody.

Decentralized finance and self-custody is about freedom – but freedom means assuming personal responsibility and taking appropriate measures to protect yourself. So the more you understand, the more free you’ll be to enjoy this booming new system. If you want to keep learning, find out here why Ledger is the only hardware wallet that uses a custom Operating System, called BOLOS – and what it means for your security.

Welcome to your new crypto life – be safe, keep reading and enjoy the journey!

Knowledge is power.

Trust yourself and keep learning! If you enjoy getting to grips with crypto and blockchain, check out our School of Block video that gets inside a crypto scammer’s head.


Related Resources

Stay in touch

Announcements can be found in our blog. Press contact:
[email protected]

Subscribe to our
newsletter

New coins supported, blog updates and exclusive offers directly in your inbox


Your email address will only be used to send you our newsletter, as well as updates and offers. You can unsubscribe at any time using the link included in the newsletter.

Learn more about how we manage your data and your rights.