Regional sites:    Specialized sites:
PIV Card   In Production
 
 
 

In response to the US Presidential Directive HSPD 12, the NIST Computer Security Division initiated a new program for improving the identification and authentication of Federal employees and contractors for access to Federal facilities and information systems. Federal Information Processing Standard (FIPS) 201, entitled Personal Identity Verification (PIV) of Federal Employees and Contractors, was developed to satisfy the requirements of HSPD 12, approved by the US Secretary of Commerce, and issued on February 25, 2005.

Gemalto provides a range of smart cards compliant with the FIPS 201 standards and approved by the US GSA for acquisition by the Federal Agencies. These cards have a few very distinctive characteristics:
 

  • they have undergone a long and thorough certification and compliance testing process, through an independent security laboratory.
  • they all are dual-interface cards, as mandated by the FIPS 201 standard
  • they are carry the Gemalto PIV applet which provides the required operations to integrate in a FIPS 201 environment
  • they are extensible with custom applications as they are based on the latest Java Card platform
Features and Benefits
  • Full compliance with regulations

With more than 7 products in the official GSA Approved Products List, Gemalto is a leading provider of PIV compliant products and the preferred choice for a number of government customers for their compliance to HSPD-12. These products are currently used by several Federal Agencies in the US as part of their FIPS 201 infrastructure, and some are even used as reference implementations by evaluation laboratories.

  • Leaner operations and cost reduction

FIPS 201 products provide secure and rapid electronic identification of employees, which translates in a much faster and simpler procedures for your personnel working in different agencies. Besides, combining their use with an internal PKI project, an agency can also leverage these products in world-class operational improvements: an example is digital signature, whose adoption through paperless operations saves time, money and ultimately benefits the environment.

  • Improves productivity and accountability by simplifying access to information systems

Employee identification and strong authentication have proven to significantly improve productivity by simplifying the access to IT systems. Through a single sign on experience, users avoid the hurdles of multiple passwords, organizations save in their management (reset, synchronization, etc), and the overall infrastructure can step up to accountability standards required from modern IT systems through the capability to undoubtedly account for every use of its network or application components.

  • Maximizes adaptability through a broad industry interoperability

Beyond the compliance with the standard, the FIPS 201 certification process ensures a strong level of compatibility between products, providing a stable infrastructure to build additional applications and improve your return on investment.

 

News
  • February 2009: Gemalto and ActivIdentity receive FIPS 140-2 Level 2 evaluation for a card combining the Gemalto TOP DM card platform and ActivIdentity's Digital Identity Applet Suite V2 for Extended PIV.
  • November 2008: Gemalto PIV DL card receives FIPS 140-2 and NPIVP evaluations, making it the first large memory (128KB max) PIV-compatible card.
  • May 2007: Gemalto receives FIPS 140-2 Level 3 evaluation for the first 128K -based smart card. 
  • September 2006: Gemalto announces a large memory dual-interface Java card. [This card model is now called TOP DL]. This card platform is targeted to the public sector market and will be the basis of a large memory PIV card. It provides 128KB of memory for applications and data. For detailed specs, see the product comparison table here.
  • July 2006: Gemalto first to receive FIPS 140-2 evaluation for its PIV card. [This card model is now called PIV DM].
 
Technical Specifications
Standards Compliance ISO 7816 1-3, ISO 14443 1-4, Java Card 2.2.1, GlobalPlatform 2.1.1, FIPS 140-2 Level 2, FIPS 201, SP 800-73, GSA Approved Products List requirements
Cryptography Support RSA (up to 2048bit), AES (128, 192, 256bit), 3DES (ECB, CBC), SHA-1
PIV Application
  • Support for all optional data containers
  • PIN Customization: User and Admin PIN value, length and retry counter. Support for PIN diversification.
  • Key Customization: Diversification for PIV Admin Key (9B)
  • PIV Data Personalization through GP Secure Channel Protocol: standard and secure
Platform Features
  • Dual-Interface card: support for contact and contactless communication modes
  • Speed up to 256Kb/s
  • Support for Secure Channel Protocol (SCP01)
  • Support for Delegated Management
  • Support for Multiple Logical Channels
Models
  • PIV DM: mainstream card, based on a 72K chip, compliant with SP 800-73-1 (full options), exists in "Prox" version (with HID Prox compatibility)
  • PIV DL (upcoming): based on a 128K chip, compliant with SP 800-73-2 (full options)


SafesITe PIV TPC Card Brochure 

Compatibility

Although the PIV standard and the GSA Approval procedure ensure a certain level of product interoperability, it unfortunately only deals with the pure PIV application and sometimes lacks a system-wide application approach (PKI and logical access in general have a vast ecosystem). The table below tries to list the applications that proved complementary to our PIV card offer.

 

Category Application Vendor PIV DM PIV DL
OS Support TokenD Apple Y  
PIV Class mini-driver Microsoft Y  
Encryption Whole Disk Encryption PGP ongoing  
Identity Management DirectControl 4.2 Centrify Y  
CMS/IDMS MyID PIV Intercede Y  
ANDiS BellID Y  
Hardware D430 / D630 / D830 Dell Y  
SmartCard Keyboard HP Y  

 

Next Steps

 

 
EU Commitments | Sitemap | Disclaimer | © 2006-2010 Gemalto NV