NIST's Personal Identity Verification Program (NPIVP) Testing

What atsec offers
The FIPS 201 standard defines the requirements for personal identification products issued by U.S. Federal departments and agencies. Through our accreditation as a NIST PIV testing laboratory, atsec offers these services related to the NIST Personal Identify Verification (PIV) program:

  • Assessment of test readiness for PIV applets (PIV card applications) and PIV middleware
  • Conformance testing of PIV applets (PIV card applications) and PIV middleware

Customers often also require FIPS 140-2 testing and GSA FIPS 201 Evaluation Program approval. Both of these are services that atsec offers.

Why our services are important to you
In response to U.S. Homeland Security Presidential Directive 12 (HSPD-12), the National Institute of Standards and Technology (NIST) Computer Security Division initiated a program for improving the identification and authentication of U.S. federal employees and contractors accessing U.S. federal facilities and information systems.

Compliance with Federal Information Processing Standard (FIPS) 201: Personal Identity Verification (PIV) of Federal employees and contractors is mandatory according to Homeland Security Presidential Directive 12 (HSPD-12). As a result of the directive, the heads of executive departments and agencies are mandated to have a program in place to ensure that identification products issued by their departments and agencies to Federal employees and contractors meet the standard.
NIST has developed a program to ensure that products claiming to meet the standard do so, and that compliant products are recorded on the NPIVP validated products list. Having your products tested, and as a result, included on the validated products list will facilitate sales of your product in the Federal arena.

Note that final product approval for Federal use is made through the GSA FIPS 201 Evaluation Program (see GSA FIPS 201 EP Evaluation).