They are in fact public/private keys and use signing a challenge for authentication.

But in practice they usually rely on attestation by an approved vendor, and the vendor won't let you control your private key, so they'll leverage it for lock-in.