Federal Office for Information Security (BSI)

Security mechanisms in electronic ID documents

Extended Access Control (EAC)

"Extended Access Control" (EAC) includes several protocols, which are carried out in a certain order, depending on which electronic ID document is to be read.

Some of the EAC protocols are the "Chip Authentication" (CA) and "Terminal Authentication" (TA), both protocols are executed along with "Basic Access Control" (BAC), respectively "Password Authenticated Connection Establishment" (PACE) and "Passive Authentication" (PA).

These protocols and their interaction are described in the technical guideline BSI-TR-03110.

Note on the use of cookies

Cookies facilitate the provision of our services. By using our services, you agree that we use cookies. For more information on privacy, please visit the following link Data protection statement