|  Home  |  About COACT  |       		  
  COMMON CRITERIA
  FIPS 140-2
  SCAP TESTING
  PIV TESTING
  CERTIFICATION (C&A)
  SECURITY SERVICES
  GSA SCHEDULE
  CONTRACT VEHICLES
Personal Identity Verification (PIV) Testing
 

PIV smart cards are physical access cards that may also be used for access to IT systems. These are dual interface smart cards conforming to ISO 7816 for contact interfaces and ISO 14443 for contactless interfaces.

The COACT CAFE Lab has been authorized to test both PIV client middleware and PIV on-card applications. Implementation of FIPS 201, Personal Identity Verification (PIV) of Federal Employees and Contractors - August 2005

Currently, PIV applications must also undergo a FIPS 140-2 validation. PIV certificates may be issued prior to the completion of the associated FIPS 140-2 validation. At this time, all FIPS 140-2 validation that are associated with a PIV application certifications must reference the FIPS 201 (PIV) certificate. PIV certificates will have a separate listing on the NIST website.http://csrc.nist.gov/npivp

A FIPS 140-2 validation of the smart card (including the PIV application) must be done at overall level 2 with level 3 physical security. The PIV application is then also tested using the methodology in FIPS SP 800-85, which is derived from FIPS SP 800-73 and is performed on a test tool provided by the NPIVP. Read the SP800-85 document

If a vendor wishes to have client-side middleware only tested, a FIPS 140-2 validation is not required. A PIV certificate for this middleware will be issued upon successful validation of the tests found in FIPS SP 800-85.

For more information on PIV Testing, please contact piv@coact.com


 
Contact Us  |  Sitemap  |  Privacy Statement  |  Copyright COACT, Inc. 2008. All rights reserved.