NIST issues report to improve management of PIV cards

The National Institute of Standards and Technology is trying to improve how agencies deploy and use card management systems under Homeland Security Presidential Directive 12.

Through a new publication, Personal Identity Verification Card Management Report issued earlier this week, NIST gives project managers an overview of card management systems, identifies generic card management requirements and looks at some of the technical approaches to fill the existing gaps in PIV card management.

The report builds upon Special Publication 800-73, which outlines the interfaces for PIV cards.

NIST said SP 800-73 does not 'contain a complete card management specification for PIV systems.' And with many agencies looking at ways to enhance the card management and personalization capabilities of the PIV card, NIST officials thought the report would help 'maintain backwards capability and enable development of fully functional and interoperable PIV cards that can be deployed across multiple card management systems and host middleware.'

In the report, NIST also said agencies should consider using International Standards Organization (ISO) 7816 standard for smart cards for a cryptographic discovery mechanism. NIST said 'to enhance interoperability, it is useful to specify a minimum mandatory subset of 7816-15,' so as to not add too much complexity to the card and the management system. Additionally, the report provides a list of possible ISO 7816-16 tag sets.

'Expanding the PIV command set to include management and personalization would result in a higher level of consistency and testability for PIV card issuance processes, enhanced ability to outsource various card management components and functions and improved overall security for the federal PIV framework,' NIST said.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected