Personal Identity Verification (PIV) is a security standard detailed in NIST FIPS 201-2 that creates a framework for multi-factor authentication (MFA) on a smartcard, typically a Java Card.
PIV credentials have certificates and key pairs, pin numbers, biometrics like fingerprints and pictures, and other unique identifiers. When put together into a PIV credential, it provides the capability to implement multi-factor authentication for networks, applications, and buildings.
While PIV was originally designed for the US government, it has seen widespread use in commercial applications. Its high assurance identity proofing and the ability to implement MFA to secure physical and network resources has made the standard very attractive.
In the case of US federal PIV cards, the credentials include:
- Digital photograph
- Biometric scan (fingerprints)
- Cryptographic keys
Enterprises that deploy PIV may not utilize every data field – it’s not uncommon to have systems without biometric capabilities. At its core, PIV is reliant on “cryptographic keys” in the form of X.509 digital certificates – the strongest form of authentication security.