There has not been a thorough analysis yet by some external security researcher, but generally we consider the secrets safe also for physical theft. Although the absolute level of security is not the same as it is for a (OpenPGP) smartcard, as they have proven physical tamper resistance counter measures. Still once the SE050 is being used to save credentials/secrets inside it, the secure element (security) level should be comparable (as the SE050 also gives FIPS-based certification for tamper resistance). We plan to let the user decide, which protection level to choose - e.g. for FIDO2 credentials there likely will be the option to also save them to the secure element at some point, which if chosen will allow only USB usage of the FIDO2 features only (as during NFC operation there is not enough power to start the SE050).