Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Projects Personal Identity Verification

Personal Identity Verification of Federal Employees and Contractors PIV

PIV Standards and Supporting Documentation

Each title heading is clickable - clicking each title will expand/collapse the list of standards & supporting documents.

  • SP 800-78-5 Cryptographic Algorithms and Key Sizes for Personal Identity Verification 
    (July 2024) 
  • SP 800-76-2 - Biometric Data Specification for Personal Identity Verification
    (July 2013)
  • SP 800-73-5 - Interfaces for Personal Identity Verification (3 Parts)
      Part 1 of SP 800-73-5PIV Card Application Namespace, Data Model and Representation
      Part 2 of SP 800-73-5 -  Part 2- PIV Card Application Card Command Interface
      Part 3 of SP 800-73-5  - Part 3- PIV Client Application Programming Interface 
    (July 2024)
  • NIST IR 7676 - Maintaining and Using Key History on Personal Identity Verification (PIV) Cards
    (June 2010)
  • Cybersecurity White Paper (CSWP 4) - Best Practices for Privileged User PIV Authentication
    (April 2016)
  • SP 800-156Representation of PIV Chain-of-Trust for Import and Export
    (May 2016)
  • SP 800-116 Revision 1A Recommendation for the Use of PIV Credentials in Physical Access Control Systems
    (June 2018)
  • NIST IR 7863 - Cardholder Authentication for the PIV Digital Signature Key
    (June 2015)
  • SP 800-85A-4 - PIV Card Application and Middleware Interface Test Guidelines (SP 800-73-4 Compliance) 
    (April 2016)
  • SP 800-85B - PIV Data Model Conformance Test Guidelines
    (July 2006)
  • DRAFT SP 800-85B-4 - PIV Data Model Conformance Test Guidelines
    (August 2014)
  • SP 800-96 - PIV Card / Reader Interoperability Guidelines
    (September 2006)
  • SP 800-87 Revision 2 Codes for the Identification of Federal and Federally-Assisted Organizations
    (April 2018)
    Please email Agency Code update requests to [email protected]
  • SP 800-79-2 - Guidelines for the Accreditation of Personal Identity Verification (PIV) Card Issuers (PCI’s)
    (July 2015)
  • SP 800-166 - Derived PIV Application and Data Model Test Guidelines
    (June 2016)
  • SP 800-157 - Guidelines for Derived Personal Identity Verification (PIV) Credentials
    (December 2014)
  • NIST IR 8055 - Derived Personal Identity Verification (PIV) Credentials (DPC) Proof of Concept Research 
    (January 2016)

Foundational publications are earlier work (NIST Interagency Reports - NISTIR) that demonstrated various capabilities of PIV card/system. Many of the concepts/outcomes in these NISTIRs are reflected in the current version of the PIV Standard and/or associated Special Publications.

  • NIST IR 7284 - Personal Identity Verification Card Management Report
    (January 2006)
  • SP 800-104 - A Scheme for PIV Visual Card Topography (this document is now incorporated in FIPS 201-3)
  • NIST IR 7452 - Secure Biometric Match-on-Card Feasibility Report
    (November 2007)
  • NIST IR 7337 - Personal Identity Verification Demonstration Summary
    (August 2006)

Contacts

Dr. Ramaswamy Chandramouli - NIST
[email protected]

Andrew Regenscheid - NIST
[email protected]

Topics

Security and Privacy: Personal Identity Verification

Laws and Regulations: Homeland Security Presidential Directive 12

Created May 24, 2016, Updated December 30, 2025