Now Available: Final NIST SP 1800-12, Derived PIV Credentials


The final version of the National Institute of Standards and Technology (NIST) Special Publication (SP) 1800-12, Derived Personal Identity Verification (PIV) Credentials, is now available.

Pivot toward using derived PIV credentials on mobile devices. The federal government relies on PIV cards to securely authenticate and identify employees and contractors when granting access to federal facilities and information systems. While PIV card access works well on desktop computers and some laptops, it can be tricky, or just plain cumbersome to access federal resources from a mobile phone or tablet using a PIV card.

A derived PIV credential leverages identity proofing and vetting results of current and valid credentials used in government-issued PIV cards by enabling secure storage of an equivalent credential on devices that don’t have PIV card readers.

Reduce your learning curve to implement derived PIV credentials and improve workplace productivity. The National Cybersecurity Center of Excellence (NCCoE) demonstrates, step-by-step, how organizations can use standards-based, commercially available technologies—following the guidelines in NIST SP 800-157, Guidelines for Derived Personal Identity Verification (PIV) Credentials—to enable access to information systems and websites from mobile devices that lack PIV card readers. Using the guide, agencies will be able to leverage mobile devices in ways that offer greater flexibility for users and potentially enable higher levels of employee productivity and satisfaction.