Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cardholder Authentication for the PIV Digital Signature Key



William Polk, Hildegard Ferraiolo, David Cooper


FIPS 201-2 requires explicit user action by the Personal Identity Verification (PIV) cardholder as a condition for use of the digital signature key stored on the card. This document clarifies the requirement for explicit user action to encourage the development of compliant applications and middleware that use the digital signature key.
NIST Interagency/Internal Report (NISTIR) - 7863
Report Number


personal identification number, personal identity verification, PIN caching, PIV


Polk, W. , Ferraiolo, H. and Cooper, D. (2015), Cardholder Authentication for the PIV Digital Signature Key, NIST Interagency/Internal Report (NISTIR), National Institute of Standards and Technology, Gaithersburg, MD, [online], (Accessed July 19, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created June 17, 2015, Updated October 12, 2021