Introduction to PIV Enablement Guides
Welcome to the Personal Identity Verification (PIV) Card Playbook! On this site you will find detailed documentation on how to successfully implement common PIV processes at your organization.
To return to the main playbook, click here.
What is PIV?
A Personal Identity Verification (PIV) card is a reliable, government-wide identity credential used to access Federally controlled facilities and information systems at the appropriate security level. PIV cards store information such as pin numbers, biometrics like fingerprints and pictures, and other unique identifiers that allow for multifactor authentication. The release of HSPD-12 and the subsequent technical requirements of FIPS 201 have driven and guided the development and implementation of PIV cards across the Federal Government.
Why is PIV enablement important?
Enabling systems and facilities to use PIV authentication greatly enhances the security stance of an organization. PIV cards allow for a high level of assurance in the individuals that access your resources, as they are only issued by trusted providers to individuals that have been thoroughly verified, and are highly resistant to identity fraud, tampering, counterfeiting, and exploitation.
What should be PIV enabled?
Any system at your organization that requires heightened security for determining who should gain access to the resources it protects can be PIV enabled. While PIV cards can be used for making authentication decisions on almost any system, they are especially useful for systems that protect highly sensitive information, as PIV cards provide the highest level of assurance in the user attempting to access the protected resource. Physical locations can also be safeguarded through PIV enablement, ensuring that only the proper individuals can gain access to a particular facility, building, or room.
This Playbook
You will find two different kinds of guidance documents in this Playbook; Developer Guides and User Guides. Developer guides are tailored to help system administrators and developers assure that they have technically configured their systems and infrastructure to fully support PIV solutions. User guides are to be leveraged by end users seeking general information on their PIV card and how to use it to successfully access federal resources.
For more information on PIV cards:
- NIST Special Publication 800-73, “Interfaces for Personal Identity Verification” - specifies the interface and data elements of PIV cards
- NIST Special Publication 800-76, “Biometric Data Specification for Personal Identity Verification” - specifies the technical acquisition and formatting requirements for biometric data of the PIV system
- NIST Special Publication 800-78, “Cryptographic Algorithms and Key Sizes for Personal Identity Verification” - specifies the acceptable cryptographic algorithms and key sizes to be implemented and used for the PIV system