---
url: 'https://www.corbado.com/glossary/pace'
title: 'Password Authenticated Connection Establishment (PACE)'
description: 'Explore Password Authenticated Connection Establishment (PACE): secure eID protocol, encrypted communication, and authentication in ePassports and ID cards.'
lang: 'en'
---

# Password Authenticated Connection Establishment (PACE)

## What is Password Authenticated Connection Establishment (PACE)?

**Password Authenticated Connection Establishment (PACE)** is a secure communication
protocol used primarily in electronic identification documents such as ePassports and
national ID cards. It authenticates users through a shared secret (like a PIN or password)
and establishes encrypted, secure communication between the document and a card reader.
Key aspects of Password Authenticated Connection Establishment (PACE) include:

- **Mutual authentication** (both card and reader verify each other’s identity)
- **Encrypted data exchange** to prevent eavesdropping
- **Protection against common attacks** (e.g., brute force, man-in-the-middle) PACE meets
  international standards (ICAO Doc 9303), ensuring interoperability and high-level
  security across various applications, such as border control,
  [government](https://www.corbado.com/passkeys-for-public-sector) services, and secure access systems.

> **Key Takeaways:**
> 
> - **Password Authenticated Connection Establishment** securely establishes encrypted
>   communication between electronic IDs and readers.
> - Protects personal and biometric data in ePassports and national ID cards.
> - Provides mutual authentication, preventing unauthorized access and interception.

---

## How Password Authenticated Connection Establishment Works

Password Authenticated Connection Establishment (PACE) is a cryptographic protocol
designed to provide secure, encrypted communication between electronic identity documents
(like ePassports or electronic ID cards) and card readers. The communication process
typically involves:

- **Initiation**: The reader initiates contact with the eID or ePassport.
- **Secret Entry**: The cardholder provides a PIN or password known only to them.
- **Mutual Authentication**: Both the electronic document and the reader verify each
  other’s authenticity through cryptographic methods, ensuring neither party is being
  impersonated.
- **Secure Channel Setup**: Once authentication is successful, an encrypted channel is
  established for secure data transmission, safeguarding information from potential
  attackers.

## Advantages of Using PACE

Implementing PACE offers multiple benefits in
[digital identity](https://www.corbado.com/blog/digital-identity-guide) verification:

- **Enhanced Security**: Prevents interception of sensitive personal data through strong
  encryption and mutual authentication, effectively protecting against common cyber
  threats.
- **Compliance and Interoperability**: Follows international standards (ICAO Doc 9303),
  facilitating global compatibility in electronic
  [identity verification](https://www.corbado.com/blog/digital-identity-guide) processes.
- **Strong Privacy**: Limits data access strictly to authenticated and authorized devices,
  preserving [user privacy](https://www.corbado.com/faq/ensure-gdpr-compliance-with-passkeys).

## Typical Applications of PACE

Password Authenticated Connection Establishment (PACE) is widely used across several
scenarios, including:

- **ePassports**: Ensuring secure and efficient border control through secure verification
  of travelers’ biometric data.
- **National ID Cards (eIDs)**: Facilitating secure online
  [government](https://www.corbado.com/passkeys-for-public-sector) services and digital transactions.
- **Secure Facility Access**: Providing encrypted and authenticated access controls for
  sensitive facilities and corporate environments.

## Integrating PACE with Modern Authentication

PACE can be integrated with passkey-based solutions to enhance digital security further.
Passkeys eliminate traditional passwords, leveraging PACE’s secure infrastructure to
create seamless, passwordless user experiences. Integrating these technologies results in:

- Improved protection against [identity fraud](https://www.corbado.com/blog/digital-identity-verification) and
  unauthorized access.
- A streamlined authentication experience without compromising security.
- Compliance with stringent security and privacy standards required by
  [governments](https://www.corbado.com/passkeys-for-public-sector) and enterprises.

## Password Authenticated Connection Establishment FAQs

### What does Password Authenticated Connection Establishment (PACE) do?

PACE establishes encrypted, authenticated communication between electronic identification
documents and readers, safeguarding personal and biometric information.

### Why is PACE used in electronic passports and ID cards?

PACE ensures secure mutual authentication and encrypted data exchange, preventing
unauthorized access, eavesdropping, and data interception.

### What do I need for PACE authentication to work?

You need an electronic identity document (ePassport or eID), a card reader, and a PIN or
password known only to the document holder.

### Is PACE internationally recognized?

Yes, Password Authenticated Connection Establishment complies with international standards
like ICAO Doc 9303, widely adopted for secure
[identity verification](https://www.corbado.com/blog/digital-identity-guide) globally.