Both FrostCard and Tangem use EAL6+ certified chips. But the composite security rating tells a different story. This page explains what the numbers actually mean, how the two architectures differ, and which is harder to compromise.
EAL stands for Evaluation Assurance Level. It's a grade from the Common Criteria — an international standard for evaluating IT security products. Independent labs test and certify products against a defined threat model. The scale runs EAL1 (lowest) to EAL7 (highest).
| Level | Verification method | Used by |
|---|---|---|
| EAL1 | Functionally tested | Basic consumer products |
| EAL2 | Structurally tested | Low-risk software |
| EAL3 | Methodically tested and checked | Business applications |
| EAL4+ | Methodically designed, tested, reviewed | Operating systems, firewalls, bank cards |
| EAL5+ | Semi-formally designed and tested | JavaCard platforms, passports, government ID |
| EAL6+ | Semi-formally verified design | Secure element hardware (chips) |
| EAL7 | Formally verified design and tested | Extremely rare, classified systems |
The "+" suffix means additional security augmentations were tested beyond the base level.
A secure element is not one thing. It's hardware running software. Each layer is evaluated independently.
The physical chip. Transistors, crypto accelerators, shield mesh, true random number generator, tamper detection circuits, voltage monitors, light sensors. This layer resists physical attacks — probing, laser fault injection, power analysis, electromagnetic emanation, focused ion beam.
The code running on the chip. Manages memory allocation, isolates applications from each other, handles cryptographic operations, enforces access controls, validates applet installations.
The composite rating is the security grade of the complete product — hardware and software together. It is capped by the lower of the two evaluations, because a system is only as secure as its weakest certified layer.
FrostCard uses an NXP J3R200 chip running the JavaCard 3.0.5 platform. The FrostCard applet runs inside the JavaCard virtual machine.
Hardware (SmartMX3): Certified EAL6+. Resists side-channel attacks, fault injection, physical probing, and laser attacks. Same grade as Tangem's chip.
Operating system (JavaCard 3.0.5): Certified EAL5+. Deployed in billions of bank cards, passports, SIM cards, and government IDs for over 25 years. Provides a virtual machine that sandboxes each applet — one applet physically cannot access another's memory.
Applet (FrostCard): Open-source JavaCard program. Key generation, Schnorr signing, ECDH secure channel, backup linking, backup locking. Runs inside the JavaCard VM sandbox. Anyone can read the source, compile it, and flash it onto a blank card.
Tangem uses a Samsung S3D350A chip running proprietary firmware. There is no standardized OS layer.
Hardware (S3D350A): Certified EAL6+. Same grade of physical tamper resistance as FrostCard's chip.
Firmware: Tangem wrote their own operating system. It is not JavaCard. It is not based on any publicly standardized platform. The firmware has been audited by security firms (Kudelski, Riscure), but it has not been through a Common Criteria evaluation as a software product. The firmware runs directly on the chip — bare metal — with no sandbox layer between it and the hardware.
Marketed rating: "EAL6+" — this is the chip's hardware certification. There is no publicly documented software-layer certification for Tangem's firmware.
Certifying software to EAL6+ requires semi-formal verification of the implementation — mathematical proofs that the actual code matches its security specification. For a platform as complex as JavaCard (virtual machine, memory management, applet isolation, cryptographic services), this would require millions of dollars and years of formal verification work.
No JavaCard platform on earth has achieved a composite EAL6+ rating. EAL5+ is the ceiling for any programmable smart card platform that supports custom applet loading.
Tangem avoids this constraint by not using a standardized, certifiable OS layer. Their firmware has not been submitted for independent software certification. This allows them to market the chip's hardware rating without a software certification capping it.
To extract a private key from FrostCard, an attacker must break through three independently secured layers:
To extract a private key from Tangem, an attacker must break through two layers:
The JavaCard VM contains it. The applet cannot escape its sandbox to access key storage directly. Memory boundaries are enforced at the bytecode level by the certified VM. The bug can be found and fixed by anyone because the code is open source.
There is no sandbox underneath. The firmware runs bare metal on the chip. A firmware vulnerability gives the attacker direct access to key storage with no containment layer. The bug cannot be found by external researchers because the code is closed source.
The JavaCard platform has been in production since 1996. It is deployed in:
Bank cards: Visa, Mastercard, and American Express payment cards worldwide use JavaCard applets on certified secure elements.
Passports: Biometric passports (ePassports) in over 120 countries store identity data on JavaCard-based chips.
Government ID: National identity cards across Europe, Asia, and South America run JavaCard applets for digital signatures and authentication.
SIM cards: Billions of mobile SIM cards run JavaCard applets for subscriber authentication and secure messaging.
Military and defense: NATO Common Access Cards and defense department smart cards use JavaCard-based secure elements.
A new vulnerability in the JavaCard VM would affect the security infrastructure of every major bank, every passport-issuing nation, and every mobile carrier on earth. The platform has been under continuous attack and evaluation for nearly 30 years.
| FrostCard | Tangem | |
|---|---|---|
| Chip | NXP J3R200 (SmartMX3) | Samsung S3D350A |
| Hardware certification | EAL6+ | EAL6+ |
| Software platform | JavaCard 3.0.5 (open standard) | Proprietary OS (closed) |
| Software certification | EAL5+ (Common Criteria) | Audited (Kudelski, Riscure) — not CC certified |
| Composite rating | EAL5+ (full stack) | Not applicable (no certified OS layer) |
| Applet sandbox | JavaCard VM — certified memory isolation | No sandbox — bare metal |
| Firmware visibility | Open source | Closed source |
| Custom applets | Anyone can load verified code | Locked to Tangem firmware |
| Independent code audit | Anyone can audit | Only Tangem employees |
| Security layers | 3 (applet + certified VM + certified chip) | 2 (firmware + certified chip) |
| Bug containment | VM sandbox contains applet bugs | No containment — bare metal |
| Platform track record | 30 years, billions of deployments | Tangem-specific, ~5 years |
Both chips resist physical attacks to the same degree. EAL6+ hardware is EAL6+ hardware. No one has ever extracted a private key from either chip using any known technique.
The difference is in the software layer. FrostCard runs open-source code inside a certified EAL5+ sandbox that has been battle-tested for 30 years in billions of devices. Tangem runs closed-source code on bare metal with no independently certified software layer and no external code review.
More independently secured layers, each certified or publicly auditable, means a harder target. The number on a marketing page measures one layer. The actual security of a product is the full stack.
FrostCard — The first fully open-source NFC cold wallet for Kaspa