Contact company icon Add as a preferred source Download PDF version
PIV card technology use has begun to spread beyond federal employees and contractors
SIA's PIV Working Group proposed improvements to make the PIV card more usable

Recently, the Security Industry Association (SIA) submitted important new comments to NIST regarding the revised draft of FIPS 201-2, the standard for Personal Identity Verification (PIV). SIA’s PIV Working Group contributed comments and proposed improvements to make the PIV card more usable in physical access control applications, especially those that address the high security objectives of HSPD-12.

NIST released the first draft of the update to the 2005 FIPS 201 over a year ago and has again sought industry input on their latest work product. Though NIST has extensively addressed the comments received on the first draft, they have also introduced a number of new concepts, which have drawn strong reaction from industry. One of the main issues is the need to get the specification fully effective near term, since it will not be changed for at least five years after its anticipated release in early 2013.

There are several issues that are important to SIA and the security industry, including: the ability to achieve technical interoperability in Physical Access Control Systems (PACS); recognition of 3-factor authentication (card, PIN, biometrics), a long time industry practice; and outdoor environmental challenges which necessitate the use of contactless readers.  Per the current draft standard, contactless readers cannot be used for “High” or “Very High” confidence assurance levels.

Though NIST has extensively addressed the comments received on the first draft, they have also introduced a number of new concepts

“NIST has come a long way since 2004 when Homeland Security Presidential Directive-12 dictated the first versions of PIV be brought to market.  However, the initial implementations often used the basic CHUID reader technology, which is now being deprecated and demoted to low assurance levels, which is appropriate,” according to Rob Zivney, chair of SIA’s PIV Working Group.  “Now we need to more fully embrace the cryptographic and biometric capabilities of the card so we can use them securely over the contactless interface for the highest 3-factor authentication -- even when embedded in a mobile phone.  We offered suggestions that would bring the new technology to the PIV card much sooner than waiting out current lifecycles of both the Standard and the PIV Card,” Zivney added.

PIV card technology use has begun to spread beyond federal employees and contractors. A range of companies and entities that do business with the federal government -- aerospace and defense contractors, international banks and state governments – use PIV-I (PIV-Interoperable). Seaports and truckers use the TWIC (Transportation Worker Identification Credential) in the private sector and first responders are using the FRAC (First Responder Authentication Credential). All of these and more are based on PIV. As a result, SIA’s comments are as critical to the private sector as they are for the federal sector for which PIV was originally chartered.

Learn why leading casinos are upgrading to smarter, faster, and more compliant systems

Related videos

Find Lost Wallet with Dahua WizSeek

Find Lost Wallet with Dahua WizSeek
Dahua Traffic Signal Controller Highlight

Dahua Traffic Signal Controller Highlight
Insta DomainLink Secret™

Insta DomainLink Secret™

In case you missed it

Which Vertical Markets Have The Greatest Growth Potential For Security?
Which Vertical Markets Have The Greatest Growth Potential For Security?

To serve various vertical markets and industries effectively, security professionals must recognize that each sector has unique assets, risks, compliance requirements, and operatio...

eCLIQ Enhances Security At Marin Hospital Of Hendaye
eCLIQ Enhances Security At Marin Hospital Of Hendaye

The Marin Hospital of Hendaye in the French Basque Country faced common challenges posed by mechanical access control. Challenges faced Relying on mechanical lock-and-key technol...

What’s Behind (Perimeter) Door #1?
What’s Behind (Perimeter) Door #1?

A lot has been said about door security — from reinforced door frames to locking mechanisms to the door construction — all of which is crucial. But what security measur...

Featured white papers
The Key To Unlocking K12 School Safety Grants

The Key To Unlocking K12 School Safety Grants

Download
Honeywell GARD USB Threat Report 2024

Honeywell GARD USB Threat Report 2024

Download
Physical Access Control

Physical Access Control

Download
The 2024 State Of Physical Access Trend Report

The 2024 State Of Physical Access Trend Report

Download
The Security Challenges Of Data Centers

The Security Challenges Of Data Centers

Download
More corporate news
IQinVision Products Gain UL Listed Status In The US And Canada

IQinVision Products Gain UL Listed Status In The US And Canada
Complete Pixel, Manufacturer’s Representative Group Begins Operations In The Middle East

Complete Pixel, Manufacturer’s Representative Group Begins Operations In The Middle East
Linear integrates with Secure Wireless to strengthen its RF development capabilities

Linear integrates with Secure Wireless to strengthen its RF development capabilities
Featured products
KentixONE – IoT Access And Monitoring For Data Centers

KentixONE – IoT Access And Monitoring For Data Centers
Climax Technology HSGW-Gen3 Modular Smart Security Gateway

Climax Technology HSGW-Gen3 Modular Smart Security Gateway
Delta Scientific DSC50 ‘S’ Barrier: Portable, Crash-Rated Vehicle Mitigation Solution

Delta Scientific DSC50 ‘S’ Barrier: Portable, Crash-Rated Vehicle Mitigation Solution