The PIV Program Office has received several inquiries about the use of the READ BINARY command. The PIV endpoint specification (SP800-73-1, Part 3) is the mandatory basis for interagency interoperability between PIV cards and host systems. It specifies the use of GET DATA for reading data objects from PIV cards on both the contact and contactless interfaces. PIV interoperability conformance testing verifies the presence and correct operation of the GET DATA command in both modes.

The PIV transitional specification(SP800-73-1, Part 2) includes the READ BINARY command as part of the interface definition for file system cards. READ BINARY is common among contactless card readers, as it was also specified in GSC-ISv2.1 (NISTIR 6887). For these reasons it is clear that some transitional systems will use READ BINARY.

The PIV standards allow cards with a single chip and dual interfaces, and also cards with dual chips (one chip with a contact interface and one with a contactless interface). This leads to the possibility that a dual chip card might support the endpoint interface on the contact chip and the transitional READ BINARY command on its contactless chip.

The presence of READ BINARY on the contactless chip of such a card would not disqualify it from conformance to the endpoint specification provided the card supports all commands (SELECT, GET DATA and GENERAL AUTHENTICATE) mandated for the contactless interface in that specification. In other words, support for READ BINARY on a card application submitted for endpoint specification compliance testing should be strictly an additional feature rather than a substitute for card reading capability provided by the mandatory GET DATA command of an endpoint compliant card.



Computer Security Division
National Institute of Standards and Technology

NIST is an agency of the U.S Commerce Department

NIST Privacy Statement/Security Notice
NIST Disclaimer and Privacy Notice

Page created on: April 25, 2006

Page updated on: December 9, 2013