NIST seeking comments on PIV interface standards

The National Institute of Standards and Technology has issued draft specifications for smart cards to retrieve and use identity credentials under Federal Information Processing Standard 201.

NIST Special Publication 800-73-1 specifies a personal-identification verification data model, communication interface and application programming interface. The document also 'constrains implementers' interpretation of the standards to ease implementation, facilitate interoperability and ensure performance.'

SP 800-73-1 includes standard interfaces for transitional approaches that some agencies, such as the Defense Department, are taking and end-point approaches, which many agencies that don't have card systems in place, are taking. NIST will accept comments through Feb. 28.

The release of the draft specification comes on the heels of NIST's pre-approval to two more smart cards that would meet PIV II. A card from GemPlus SA of Luxembourg and another from Sagem Orga of Paderborn, Germany, are going through the pre-approval process. NIST also has pre-approved three middleware products from Sagem, GemPlus and ActivCard Inc. of Freemonst, Calif.

The smart cards must now undergo testing for compliance with FIPS-140-2 Cryptographic Module Validation Program to ensure they still conform to the security requirements. Because smart cards that include the PIV application are cryptographic modules, conformance to FIPS-140-2 needs to be re-examined to make sure they continue to conform, NIST officials have said.

Oberthur Card Systems of Rancho Dominguez, Calf., had the first card pre-approved, and its certification is under NIST review, according to NIST's Web site.


  • Russia prying into state, local networks

    A Russian state-sponsored advanced persistent threat actor targeting state, local, territorial and tribal government networks exfiltrated data from at least two victims.

  • Marines on patrol (US Marines)

    Using AVs to tell friend from foe

    The Defense Advanced Research Projects Agency is looking for ways autonomous vehicles can make it easier for commanders to detect and track threats among civilians in complex urban environments without escalating tensions.

Stay Connected