@twrightsman They don't trust the user. They do trust the hardware *now* because they can control it remotely, can prevent unauthorized software from running. Combined with their keys inside the secure element, the user just provides minimal in-person proof it's them (biometrics) while hardware does the heavy lifting for trust.