U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Personal Identity Verification of Federal Employees and Contractors PIV

PIV Standards and Supporting Documentation

PIV Card Specifications:

  • SP 800-78-4 - Cryptographic Algorithms and Key Sizes for Personal Identity Verification 
    May 2015
  • SP 800-76-2 - Biometric Data Specification for Personal Identity Verification
    July 2013
  • SP 800-73-4 - Interfaces for Personal Identity Verification (3 Parts)
       Part 1- PIV Card Application Namespace, Data Model and Representation
       Part 2- PIV Card Application Card Command Interface
       Part 3- PIV Client Application Programming Interface 
    May 2015
  • NISTIR 7676 - Maintaining and Using Key History on Personal Identity Verification (PIV) Cards
    June 2010

PIV Applications:

  • White Paper - Best Practices for Privileged User PIV Authentication
    April 2016
  • SP 800-156 Representation of PIV Chain-of-Trust for Import and Export
    May 2016
  • SP 800-116 Revision 1A Recommendation for the Use of PIV Credentials in Physical Access Control Systems
    June 2018
  • NISTIR 7863 - Cardholder Authentication for the PIV Digital Signature Key
    June 2015

PIV Card and Middleware Conformance Testing:

  • SP 800-85A-4 - PIV Card Application and Middleware Interface Test Guidelines (SP 800-73-4 Compliance) 
    April 2016
  • SP 800-85B - PIV Data Model Conformance Test Guidelines
    July 2006
  • DRAFT SP 800-85B-4 - PIV Data Model Conformance Test Guidelines
    August 2014

* Note: SP 800-85B adheres to the PIV cryptographic specifications in SP 800-78 and the PIV Interfaces specification in SP 800-73-1. Updates to SP 800-85B are planned once the final SP 800-73-2 is published.


PIV Reader Specifications:

  • SP 800-96 - PIV Card / Reader Interoperability Guidelines
    September 2006

PIV Accreditation:

  • SP 800-87 Revision 2 Codes for the Identification of Federal and Federally-Assisted Organizations
    April 2018
    Please email Agency Code update requests to piv_comments@nist.gov
  • SP 800-79-2 - Guidelines for the Accreditation of Personal Identity Verification (PIV) Card Issuers (PCI’s)
    July 2015

Derived PIV Credential for Mobile Devices:

  • SP 800-166 - Derived PIV Application and Data Model Test Guidelines
    June 2016
  • SP 800-157 - Guidelines for Derived Personal Identity Verification (PIV) Credentials
    December 2014
  • NISTIR 8055 - Derived Personal Identity Verification (PIV) Credentials (DPC) Proof of Concept Research 
    January 2016

 

Foundational Publications:

Foundational publications are earlier work (NIST Interagency Reports - NISTIR) that demonstrated various capabilities of PIV card/system. Many of the concepts/outcomes in these NISTIRs are reflected in the current version of the PIV Standard and/or associated Special Publications.

  • NISTIR 7284 - Personal Identity Verification Card Management Report
    January 2006
  • SP 800-104 - A Scheme for PIV Visual Card Topography (this document is now incorporated in FIPS 201-3)
  • NISTIR 7452 - Secure Biometric Match-on-Card Feasibility Report
    November 2007
  • NISTIR 7337 - Personal Identity Verification Demonstration Summary
    August 2006

Created May 24, 2016, Updated September 24, 2021