"Extended Access Control" (EAC) includes different protocols that are performed in a specific order depending on the electronic identity document to be read.

The EAC protocols include "Chip Authentication" (CA) and "Terminal Authentication" (TA); the two protocols are executed together with "Basic Access Control" (BAC) or "Password Authenticated Connection Establishment" (PACE) and "Passive Authentication" (PA).

These protocols and their interaction are described in the Technical Guideline BSI-TR-03110.