Both FrostCard and Tangem use EAL6+ certified chips. But the composite security rating tells a different story. Here's what the numbers actually mean — and why they're different.
See what the numbers mean ↓EAL stands for Evaluation Assurance Level. It's a grade from the Common Criteria — an international standard for evaluating the security of IT products. The scale runs from EAL1 (lowest) to EAL7 (highest). Each level requires increasingly rigorous testing and formal verification by independent labs.
A secure element isn't one thing — it's hardware with software on top. Each layer gets its own security evaluation.
The composite rating is the security grade of the complete product — hardware and software together. It's capped by the lower of the two evaluations, because a system is only as strong as its weakest layer.
Certifying software to EAL6+ requires semi-formal verification of the implementation — mathematical proofs that the actual code matches its security specification. For a platform as complex as JavaCard (VM, memory management, applet isolation, crypto services, GlobalPlatform), this would cost millions of dollars and take years of formal verification work.
No JavaCard platform on earth has achieved a composite EAL6+ rating. EAL5+ is the ceiling for any programmable smart card platform that allows custom applet loading. This applies to every card used in banking, government ID, and transit systems worldwide.
The JavaCard VM is not just an execution environment — it's a security boundary that is itself EAL5+ certified. It provides:
An attacker trying to extract a private key from FrostCard has to break through three independently secured layers:
An attacker trying to extract a private key from Tangem has to break through two layers:
Every claim on this page is checkable. The hardware certifications are public Common Criteria records; the applet that runs on top is open source, line by line.