FB pixel

NIST asks for comment on credential security standard

| Stephen Mayhew
Categories Biometrics News  |  Uncategorized
 

The National Institute of Standards and Technology (NIST) has released the second-round draft version of its updated security standard for identity credentials in the Personal Identity Verification cards (PIV cards) that all federal employees and contractors must use. NIST is requesting comments from the public on the document, which is intended to be the last draft before the final version is published.

The document is the next step toward updating Federal Information Processing Standard (FIPS) 201, which was published in February 2005. Among its requirements are that all PIV cards contain an integrated circuit chip for storing electronic information, a personal identification number and protected biometric data—a printed photograph and two electronically stored fingerprints.

According to NIST computer security researcher Hildegard Ferraiolo, the update was anticipated from the start: “The original FIPS 201 indicates the standard should be reviewed after five years to see if changes need to be made. After implementing the standard, federal departments and agencies learned a number of lessons that, combined with technological changes over the years, made an update worthwhile.”

Ferraiolo says the update will not require anyone to replace their current PIV card, but will make the new cards, based on the revised specification, more flexible and effective. Among the numerous improvements in the revised draft are the abilities to:

  • Update a card’s credentials remotely without the need to appear in person at the issuer site, a change that should create significant cost savings.
  • Create additional credential for use on mobile devices such as smart phones.
  • Offer additional capabilities, such as secure messaging and on-card fingerprint comparison, to provide more flexibility in selecting the appropriate level of security for federal applications that use the PIV card for authentication.

Related Posts

Article Topics

 |   |   | 

Latest Biometrics News

 

EES troubles ignite speculation of further suspensions

Crowds, chaos and cranky travelers: The EU’s biometric border management scheme, the Entry-Exit System (EES), continues to fill headlines as…

 

UK Home Office eyes suppliers for SCBP biometrics platform

The Home Office is hosting a preliminary market engagement event to engage with potential suppliers for two not-yet-guaranteed future procurements…

 

Meta uses AI profiling to infer user age, enforce teen restrictions

Meta says it has begun using AI to detect and remove users under 13 from its platforms, and to automatically…

 

Market for agentic commerce keeps growing, outpacing rails

According to Grandview Research, the global agentic commerce market size was worth $5.71 billion in 2025 and is projected to…

 

VeryAI leverages palm biometrics to bind AI agents to users

A new Know Your Agent (KYA) protocol from VeryAI aims to answer the question of how to govern AI agentic…

 

Regula ups security of mDL verifications with server-side processing

Malware, rooted phones, tampered apps: User devices such as smartphones can pose risks to identity verification, as these environments are…

Continue Reading

Biometric Market Analysis and Buyer's Guides

Most Viewed This Week

Featured Company

Learn More

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events