Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.


The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Interfaces for Personal Identity Verification



David A. Cooper, Hildegard Ferraiolo, Ketan L. Mehta, Salvatore Francomacaro, Ramaswamy Chandramouli, Jason Mohler


[Superseded by SP 800-73-4 (May 2015, w/updates as of 2/8/2016):] FIPS 201 defines the requirements and characteristics of a government-wide interoperable identity credential. FIPS 201 also specifies that this identity credential must be stored on a smart card. This document, SP 800-73, contains the technical specifications to interface with the smart card to retrieve and use the PIV identity credentials. The specifications reflect the design goals of interoperability and PIV Card functions. The goals are addressed by specifying a PIV data model, card edge interface, and application programming interface. Moreover, this document enumerates requirements where the international integrated circuit card standards [ISO7816] include options and branches. The specifications go further by constraining implementers' interpretations of the normative standards. Such restrictions are designed to ease implementation, facilitate interoperability, and ensure performance, in a manner tailored for PIV applications. [Supersedes SP 800-73-3 (February 2010): publication-search.cfm?pub_id=904797]
Special Publication (NIST SP) - 800-73-4
Report Number


authentication, FIPS 201, identity credential, HSPD-12, logical access control, on-card biometric comparison, Personal Identity Verification (PIV), physical access control, smart cards, secure messaging
Created May 29, 2015, Updated June 12, 2017