Trezor Wallet
In addition to providing an extra layer of protection against physical attacks on your Trezor, this chip plays an important role in verifying the authenticity of your device.
Last updated
In addition to providing an extra layer of protection against physical attacks on your Trezor, this chip plays an important role in verifying the authenticity of your device.
Last updated
During the manufacturing process of the Trezor Safe 3, a unique certificate is issued to the new Trezor before it leaves the production line. This certificate is stored in the Secure Element. When setting up your device,
Trezor Suite generates a random challenge which is then sent to the Trezor Safe 3.
In response, the Trezor Safe 3 uses the Secure Element to sign this random challenge and returns both the signature and the device certificate.
To confirm the authenticity of the device, Trezor Suite verifies the signatures of the challenge and the signature on the certificate.
We have taken great care to implement robust measures to ensure your privacy. During the authentication process, the device certificate is exclusively checked by Trezor Suite and is immediately discarded after that. It’s paramount to note that this certificate is never sent anywhere else and that Trezor Suite does not store any part of it. The new Trezor Safe 3 hardware wallet has an added Secure Element.
This process helps to verify the authenticity of your brand new Trezor Safe 3, and makes it significantly more difficult for it to be tampered with. We’ve introduced this feature to instill absolute confidence that you are using a genuine device, thus safeguarding your coins and tokens.
If you only use Trezor Suite with official Trezor devices, do not turn off this check. This feature is a security measure designed to keep you safe from potentially using a fake or compromised device. Users may opt out of the device authentication process, but we strongly advise against it.
⚠️ The authenticity check should only be disabled if you need to connect unofficial devices to Trezor Suite, such as do-it-yourself builds.
If you’re absolutely sure you want to turn off the Device check feature, you can do so under the Settings tab in Trezor Suite.
No, as the device certificate is neither tracked nor stored anywhere. It is checked only by Trezor Suite, and then immediately discarded. It is not sent anywhere, meaning your privacy is always preserved.
