Download PDF version Contact company
PIV card technology use has begun to spread beyond federal employees and contractors
SIA's PIV Working Group proposed improvements to make the PIV card more usable

Recently, the Security Industry Association (SIA) submitted important new comments to NIST regarding the revised draft of FIPS 201-2, the standard for Personal Identity Verification (PIV). SIA’s PIV Working Group contributed comments and proposed improvements to make the PIV card more usable in physical access control applications, especially those that address the high security objectives of HSPD-12.

NIST released the first draft of the update to the 2005 FIPS 201 over a year ago and has again sought industry input on their latest work product. Though NIST has extensively addressed the comments received on the first draft, they have also introduced a number of new concepts, which have drawn strong reaction from industry. One of the main issues is the need to get the specification fully effective near term, since it will not be changed for at least five years after its anticipated release in early 2013.

There are several issues that are important to SIA and the security industry, including: the ability to achieve technical interoperability in Physical Access Control Systems (PACS); recognition of 3-factor authentication (card, PIN, biometrics), a long time industry practice; and outdoor environmental challenges which necessitate the use of contactless readers.  Per the current draft standard, contactless readers cannot be used for “High” or “Very High” confidence assurance levels.

Though NIST has extensively addressed the comments received on the first draft, they have also introduced a number of new concepts

“NIST has come a long way since 2004 when Homeland Security Presidential Directive-12 dictated the first versions of PIV be brought to market.  However, the initial implementations often used the basic CHUID reader technology, which is now being deprecated and demoted to low assurance levels, which is appropriate,” according to Rob Zivney, chair of SIA’s PIV Working Group.  “Now we need to more fully embrace the cryptographic and biometric capabilities of the card so we can use them securely over the contactless interface for the highest 3-factor authentication -- even when embedded in a mobile phone.  We offered suggestions that would bring the new technology to the PIV card much sooner than waiting out current lifecycles of both the Standard and the PIV Card,” Zivney added.

PIV card technology use has begun to spread beyond federal employees and contractors. A range of companies and entities that do business with the federal government -- aerospace and defense contractors, international banks and state governments – use PIV-I (PIV-Interoperable). Seaports and truckers use the TWIC (Transportation Worker Identification Credential) in the private sector and first responders are using the FRAC (First Responder Authentication Credential). All of these and more are based on PIV. As a result, SIA’s comments are as critical to the private sector as they are for the federal sector for which PIV was originally chartered.

Download PDF version Download PDF version

Related videos

Upgraded feature for Xesar - Now with smartphone as well!

Upgraded feature for Xesar - Now with smartphone as well!
Enhancing government security with proactive threat detection from Wavestore

Enhancing government security with proactive threat detection from Wavestore
Join the biggest hour for Earth

Join the biggest hour for Earth

In case you missed it

How can organisations integrate physical security with other systems, such as IT and HR?
How can organisations integrate physical security with other systems, such as IT and HR?

By linking human resource (HR) systems to physical security, access control systems can automatically update permissions based on employee changes, such as promotions, terminations...

How are wearable technologies impacting the security market?
How are wearable technologies impacting the security market?

The most common wearable device deployed by security professionals is the body-worn camera. Traditionally used by law enforcement professionals, these devices are finding more and...

Dahua AI perimeter protection for SMBs
Dahua AI perimeter protection for SMBs

The perimeter of a small and medium-sized business (SMB) property is its first line of defence against intruders. It keeps the premises away from theft, property loss and security...

Featured white papers
The security challenges of data centers

The security challenges of data centers

Download
Security practices for hotels

Security practices for hotels

Download
Access control system planning phase 2

Access control system planning phase 2

Download
SIA Identity and Biometrics Symposium

SIA Identity and Biometrics Symposium

Download
Gunshot detection

Gunshot detection

Download
More corporate news
Katsunori Yamanouchi becomes Vice President of Sony Professional Solutions Europe (PSE)

Katsunori Yamanouchi becomes Vice President of Sony Professional Solutions Europe (PSE)
Unipart Security Solutions appoints Ozan Azmi as national guarding manager

Unipart Security Solutions appoints Ozan Azmi as national guarding manager
BITmi honours SeeTec with Software Made in Germany seal of quality

BITmi honours SeeTec with Software Made in Germany seal of quality
Featured products
ASSA ABLOY Aperio P100 Padlock

ASSA ABLOY Aperio P100 Padlock
Climax Technology TouchPanel-3

Climax Technology TouchPanel-3
Hikvision 8MP Network Speed Dome Camera

Hikvision 8MP Network Speed Dome Camera