| Official reseller
The new Trezor Safe 3 Hardware Wallet is now even more secure thanks to the addition of a Secure Element. This additional layer of security not only protects against physical attacks on your Trezor, but also plays a crucial role in verifying the authenticity of your device.
How does device authentication work?
During the production process of the Trezor Safe 3, a unique certificate is issued to the new Trezor before it leaves the production line. This certificate is stored in the Secure Element. When setting up your device:
- Trezor Suite generates a random challenge that is then sent to the Trezor Safe 3.
- In response, the Trezor Safe 3 uses the Secure Element to sign this random challenge and returns both the signature and the device certificate.
- To confirm the authenticity of the device, Trezor Suite verifies the signatures of the challenge and the signature on the certificate.
Trezor has made every effort to implement robust measures to ensure your privacy. During the authentication process, the device certificate is checked only by Trezor Suite and deleted immediately after. It is of utmost importance to note that this certificate is not sent anywhere else and Trezor Suite does not store any part of it.
Is device authentication mandatory?
If you only use Trezor Suite with official Trezor devices, do not disable this control. This feature is a security measure designed to protect you from using potentially fake or compromised devices. Users can choose to disable the device authentication process, but we strongly advise against it.
The authentication check should be disabled only if you want to connect unofficial devices to Trezor Suite, such as homebrew models.
If you are absolutely sure you want to disable the device control feature, you can do so under the Settings tab in Trezor Suite.
Are there privacy concerns associated with device authentication?
No, because the device certificate is not tracked or stored anywhere. It is checked only by Trezor Suite and then deleted immediately. It is not sent anywhere, which means your privacy is always guaranteed.
View our assortment of Trezor here.