U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Projects Personal Identity Verification

Personal Identity Verification of Federal Employees and Contractors PIV

PIV Standards and Supporting Documentation

PIV Card Specifications:

  • SP 800-78-4 - Cryptographic Algorithms and Key Sizes for Personal Identity Verification 
    May 2015
  • SP 800-76-2 - Biometric Data Specification for Personal Identity Verification
    July 2013
  • SP 800-73-4 - Interfaces for Personal Identity Verification (3 Parts)
       Part 1- PIV Card Application Namespace, Data Model and Representation
       Part 2- PIV Card Application Card Command Interface
       Part 3- PIV Client Application Programming Interface 
    May 2015
  • NISTIR 7676 - Maintaining and Using Key History on Personal Identity Verification (PIV) Cards
    June 2010

PIV Applications:

  • White Paper - Best Practices for Privileged User PIV Authentication
    April 2016
  • SP 800-156 Representation of PIV Chain-of-Trust for Import and Export
    May 2016
  • SP 800-116 Revision 1A Recommendation for the Use of PIV Credentials in Physical Access Control Systems
    June 2018
  • NISTIR 7863 - Cardholder Authentication for the PIV Digital Signature Key
    June 2015

PIV Card and Middleware Conformance Testing:

  • SP 800-85A-4 - PIV Card Application and Middleware Interface Test Guidelines (SP 800-73-4 Compliance) 
    April 2016
  • SP 800-85B - PIV Data Model Conformance Test Guidelines
    July 2006
  • DRAFT SP 800-85B-4 - PIV Data Model Conformance Test Guidelines
    August 2014

* Note: SP 800-85B adheres to the PIV cryptographic specifications in SP 800-78 and the PIV Interfaces specification in SP 800-73-1. Updates to SP 800-85B are planned once the final SP 800-73-2 is published.

PIV Reader Specifications:

  • SP 800-96 - PIV Card / Reader Interoperability Guidelines
    September 2006

PIV Accreditation:

  • SP 800-87 Revision 2 Codes for the Identification of Federal and Federally-Assisted Organizations
    April 2018
    Please email Agency Code update requests to piv_comments@nist.gov
  • SP 800-79-2 - Guidelines for the Accreditation of Personal Identity Verification (PIV) Card Issuers (PCI’s)
    July 2015

Derived PIV Credential for Mobile Devices:

  • SP 800-166 - Derived PIV Application and Data Model Test Guidelines
    June 2016
  • SP 800-157 - Guidelines for Derived Personal Identity Verification (PIV) Credentials
    December 2014
  • NISTIR 8055 - Derived Personal Identity Verification (PIV) Credentials (DPC) Proof of Concept Research 
    January 2016

 

Foundational Publications:

Foundational publications are earlier work (NIST Interagency Reports - NISTIR) that demonstrated various capabilities of PIV card/system. Many of the concepts/outcomes in these NISTIRs are reflected in the current version of the PIV Standard and/or associated Special Publications.

  • NISTIR 7284 - Personal Identity Verification Card Management Report
    January 2006
  • SP 800-104 - A Scheme for PIV Visual Card Topography (this document is now incorporated in FIPS 201-3)
  • NISTIR 7452 - Secure Biometric Match-on-Card Feasibility Report
    November 2007
  • NISTIR 7337 - Personal Identity Verification Demonstration Summary
    August 2006

Contacts

Ms. Hildegard Ferraiolo
hildegard.ferraiolo@nist.gov

Topics

Security and Privacy: Personal Identity Verification

Laws and Regulations: Homeland Security Presidential Directive 12

Created May 24, 2016, Updated September 24, 2021