Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Guidelines for Derived Personal Identity Verification (PIV) Credentials



Hildegard Ferraiolo, David A. Cooper, Salvatore Francomacaro, Andrew R. Regenscheid, Jason Mohler, Sarbari Gupta, William E. Burr


This recommendation provides technical guidelines for the implementation of standards-based, secure, reliable, interoperable PKI-based identity credentials that are issued by Federal departments and agencies to individuals who possess and prove control over a valid PIV Card. The scope of this document includes requirements for initial issuance and maintenance of these credentials, certificate policies and cryptographic specifications, technical specifications for permitted cryptographic token types and the command interfaces for the removable implementations of such cryptographic tokens.
Special Publication (NIST SP) - 800-157
Report Number


authentication, credentials, derived PIV credentials, electronic authentication, electronic credentials, mobile devices, personal identity verification, PIV


Ferraiolo, H. , Cooper, D. , Francomacaro, S. , Regenscheid, A. , Mohler, J. , Gupta, S. and Burr, W. (2014), Guidelines for Derived Personal Identity Verification (PIV) Credentials, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], (Accessed April 17, 2024)
Created December 19, 2014, Updated November 10, 2018