PIV Card
What is PIV Card?
PIV CardA US federal smart card that carries identity credentials and PKI keys as defined by FIPS 201 and NIST SP 800-73, used by federal employees and contractors.
A Personal Identity Verification (PIV) card is the standardized identity badge mandated by Homeland Security Presidential Directive 12 (HSPD-12) and specified by NIST in FIPS 201 and the SP 800-73, 800-76 and 800-78 series. The card combines a printed photo and visual identifiers with an ISO/IEC 7816 smart-card chip and optional contactless interface; it stores PKI certificates for PIV authentication, digital signature, key management and card authentication. Federal civilian agencies use PIV to sign emails, log on to Windows and PIV-enabled applications and access facilities. PIV-I is the interoperable variant for contractors and partners.
● Examples
- 01
A US federal employee inserting a PIV card and entering a PIN to log on to a government Windows workstation.
- 02
Signing an email in Outlook with the PIV Digital Signature certificate.
● Frequently asked questions
What is PIV Card?
A US federal smart card that carries identity credentials and PKI keys as defined by FIPS 201 and NIST SP 800-73, used by federal employees and contractors. It belongs to the Cryptography category of cybersecurity.
What does PIV Card mean?
A US federal smart card that carries identity credentials and PKI keys as defined by FIPS 201 and NIST SP 800-73, used by federal employees and contractors.
How does PIV Card work?
A Personal Identity Verification (PIV) card is the standardized identity badge mandated by Homeland Security Presidential Directive 12 (HSPD-12) and specified by NIST in FIPS 201 and the SP 800-73, 800-76 and 800-78 series. The card combines a printed photo and visual identifiers with an ISO/IEC 7816 smart-card chip and optional contactless interface; it stores PKI certificates for PIV authentication, digital signature, key management and card authentication. Federal civilian agencies use PIV to sign emails, log on to Windows and PIV-enabled applications and access facilities. PIV-I is the interoperable variant for contractors and partners.
How do you defend against PIV Card?
Defences for PIV Card typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for PIV Card?
Common alternative names include: Personal Identity Verification card, FIPS 201 card, PIV.
● Related terms
- cryptography№ 1054
Smart Card
A credit-card-sized device with an embedded secure microcontroller that stores credentials and performs cryptographic operations, defined by ISO/IEC 7816 for contact cards.
- cryptography№ 138
CAC (Common Access Card)
The smart-card identity credential issued by the US Department of Defense to military, civilian and contractor personnel for physical and logical access.
- cryptography№ 413
FIDO Security Key
A hardware authenticator that uses the FIDO U2F or FIDO2/WebAuthn standards to perform phishing-resistant, public-key-based authentication to web and enterprise services.
- identity-access№ 708
Multi-Factor Authentication (MFA)
An authentication method that requires two or more independent factors — typically from different categories — before granting access.
- network-security№ 1253
X.509 Certificate
A standard structure for a digital certificate that binds a public key to an identity through a signature from a trusted certificate authority.
- network-security№ 878
Public Key Infrastructure (PKI)
The combined system of policies, software, hardware and trusted authorities used to issue, distribute, validate and revoke digital certificates that bind identities to public keys.
● See also
- № 739Nitrokey