NIST updates specs for next-gen PIV cards

NIST updates specs for next-gen PIV cards

The National Institute of Standards and Technology has updated authentication and cryptographic specifications for Personal Identity Verification cards that work with mobile devices and smartphones.

The update to Interfaces for Personal Identity Verification (Special Publication 800-73-4) provides additional ways to authenticate a cardholder’s identity. On-card biometric comparison helps preserve a cardholder’s privacy because the individual's fingerprint data never leave the card. A new specification protects wireless communications between the PIV Card and mobile device when the cardholder uses authentication, signature or encryption services with a mobile device. Another new security feature prevents a cardholder from changing the PIN to one that is too short.

Cryptographic Algorithms and Key Sizes for Personal Identity Verification (Special Publication 800-78-4 May 2015) updates the technical cryptographic details needed to maintain the security of the next-generation PIV Card.

Featuring a microchip with the employee’s photo, PIN, fingerprint information and other details, PIV cards give federal employees and contractors secure access to government facilities and computers.

The next-generation PIV card allows mobile devices to connect securely to government computer networks. It also provides stronger identity assurance for federal workers to enter many government facilities and use computers at those locations.

About the Author

Connect with the GCN staff on Twitter @GCNtech.

inside gcn

  • AI regulation

    Congress takes first steps toward regulating artificial intelligence

Reader Comments

Sun, Jun 21, 2015 Hitoshi Anatomi

Physical tokens, cards and phones are easily left behind, lost, stolen and abused. Then the remembered password would be the last resort. They ought to be more serious about the reliability of password/PIN. It is obvious that the conventional alphanumeric password alone can no longer suffice and we urgently need a successor to it, which should be found from among the broader family of the passwords and the likes.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group