Only the chip creates and controls the private key, it's impossible to export or import the key. The firmware is audited and the chip is highly certified.
So the blockchain address is accessible, but the private key is not?
If so, there's a flaw in your model, and you've misunderstood how cryptographic keypairs work. There's no way for anyone holding a Tangem Bitcoin note to prove that
they own the money at the respective Bitcoin address on each note.
How can you prove that the money at these addresses is money sent to the address by Tangem, and not just any random bitcoin blockchain address with 0.01 BTC contained? How can people be sure Tangem didn't use the same address twice, three, four or a hundred times on different notes? Are you going to release videos of Tangem workers sending each transaction to every Tangem note ever made? Will that be enough for people to trust the funds are really unspendable by Tangem, or that you aren't re-using addresses over multiple notes?
I have found no information on how they are supposed to work. My guess is that the chip will cryptographically verify its authenticity and it represents some amount of BTC held by Tangem. That would not be very appealing to me but I guess we'll just have to wait and see.