Why was the Swiss "Pass 10" considered insecure, and what changed with "Pass 22"?
Pass 10 (2010–2022) relied on BAC alone with no PACE, leaving it vulnerable to BAC's known weaknesses; Pass 22 (from Oct 2022) adds PACE, bringing it in line with Germany and the Netherlands.
The two protocols first, since the whole comparison hinges on them:
- BAC — Basic Access Control: the reader derives the chip's access key from data printed in the passport's machine-readable zone (document number + date of birth + expiry). Because those fields have limited entropy, the key is brute-forceable, and anyone who once read the passport can decrypt later skimmed traffic.
- PACE — Password Authenticated Connection Establishment: a modern replacement that runs a Diffie-Hellman key agreement seeded by the same printed password. It removes BAC's low-entropy weakness — the session key no longer follows directly from the guessable MRZ data — so skimming and offline decryption become infeasible.
A comparative analysis of the Swiss e-passport shows a notable security gap in older versions:
- Pass 10 (2010–2022): relied exclusively on BAC with no modern protection — "BAC was its only protection," leaving it exposed to BAC's known weaknesses.
- Pass 22 (from Oct 2022): adds PACE (with BAC kept as a backwards-compatible fallback), making it largely protected against BAC's known weaknesses.
International comparison: Germany (ePA 2010, PACE via BSI TR-03110 since 2010) and the Netherlands (PACE by EU mandate ≤2014) were already protected, while Switzerland's Pass 10 lagged until Pass 22.
EAC (protecting fingerprints) was implemented and rated "good," but the lack of PACE before 2022 was the weak point.
Tip: The lesson: a standard being available (PACE since ~2010 elsewhere) doesn't mean every country adopted it promptly — Switzerland's biometric documents stayed on BAC-only for over a decade after better options existed.