top of page
server storage
Card Structure

The PIV application is typically implemented on smart cards that comply with NIST standards, such as FIPS 201-2. These cards contain embedded microprocessors capable of securely storing and processing data. They also incorporate cryptographic modules that support various security algorithms.

data protection
Credential Data

PIV cards store various identity credentials, including personal information, digital certificates, and cryptographic keys. Personal information typically includes the cardholder's name, photograph, and unique identifier. Digital certificates, issued by a trusted authority, provide the cardholder's public key and attest to their identity. Cryptographic keys, including public and private key pairs, are used for secure communication and digital signatures.

legal document
Certificate Authorities

PIV cards rely on a hierarchical certificate authority (CA) infrastructure. The government operates a root CA that issues certificates to intermediate CAs, which, in turn, issue certificates to individual PIV cards. This hierarchical structure ensures the integrity and authenticity of the certificates used in the PIV ecosystem.

Card Authentication

Government NIST approved cards utilize cryptographic mechanisms for card authentication. This involves mutual authentication between the card and the card reader to ensure that both entities can trust each other. Cryptographic algorithms, such as RSA or elliptic curve cryptography (ECC), are used to establish secure communication channels.

Cryptographic Operations

PIV cards support a range of cryptographic operations, including encryption, decryption, digital signatures, and key generation. These operations are performed securely within the card's cryptographic modules, which comply with NIST-approved algorithms and key lengths. The cryptographic modules also ensure the protection of sensitive data and prevent unauthorized access or tampering.

password key
Cardholder Authentication

The PIV application employs strong cardholder authentication methods. This involves the use of biometric factors, such as fingerprints or iris scans, in combination with PINs or passwords. The biometric data is securely stored on the card, and the authentication process occurs locally on the card, minimizing the risk of unauthorized access.

key card
Access Control

PIV cards provide robust access control capabilities. The cardholder's identity is verified before granting access to secure facilities, networks, or systems. The PIV application employs cryptographic mechanisms to securely authenticate the cardholder and establish secure communication channels with the requesting entities.

user protection
Privacy Protection

The NFC smart card with integrated biometric sensor prioritizes privacy protection by performing the fingerprint matching process locally on the smart card. This ensures that the biometric data remains within the user's control and minimizes the risk of unauthorized access or misuse. The smart card only releases necessary data, such as authentication tokens, to authorized entities during the FIDO2 CTAP2.1 authentication process.

  Navigate through our security products. 

The Personal Identity Verification PIV Application

When used with government National Institute of Standards and Technology (NIST) approved cards, provides a highly secure and reliable method for identity verification and access control within government agencies.

In Summary

 The PIV application, when used with government NIST approved cards, provides a highly secure and reliable solution for identity verification and access control. The application leverages cryptographic mechanisms, cardholder authentication, hierarchical certificate authorities, and strict compliance with NIST standards to ensure the integrity, confidentiality, and authenticity of the cardholder's identity and credentials.

bottom of page