Home

PIV

Personal Identity Verification (PIV) is a government-wide standard in the United States for issuing and using identity credentials to allow federal employees and contractors to access facilities and information systems. Established by the FIPS 201 standard, PIV aims to provide a single, interoperable credential that supports strong authentication, identity assurance, and secure transactions across agencies. It is described and governed through a set of NIST standards that specify the data model, cryptography, and implementation requirements.

A PIV credential is typically a smart card that conforms to ISO/IEC 7816 and commonly supports an

Issuance and management are administered by federal agencies. Eligible personnel undergo identity proofing and background checks

Beyond federal use, the PIV framework has inspired interoperability efforts like PIV-I for non-federal entities and

ISO/IEC
14443
contactless
interface.
The
card
stores
the
cardholder’s
identity
data,
a
photograph,
and
often
biometric
data,
along
with
cryptographic
keys
and
X.509
digital
certificates.
The
PIV
data
model
defines
data
elements
such
as
a
Cardholder
Unique
Identifier
and
certificate
chains.
On
the
cryptographic
side,
the
card
holds
certificates
for
PIV
authentication,
digital
signatures,
and
key
management,
enabling
secure
login
to
IT
systems,
digital
signing
of
data,
and
encrypted
communications.
before
enrollment;
the
card
is
issued
with
appropriate
certificates
and
access
profiles.
Cards
can
be
read
by
compatible
readers
and
middleware
to
enable
physical
access
to
facilities
and
logical
access
to
networks
and
applications.
Certificates
and
revocation
mechanisms,
such
as
certificate
status
checks,
underpin
ongoing
credential
validity.
has
influenced
broader
identity
and
access
management
practices.
The
program
emphasizes
privacy,
security,
and
standardized
credentialing,
while
requiring
appropriate
infrastructure
and
lifecycle
management.