PIV overview

Personal Identity Verification (PIV) is defined in FIPS 201. It is a US government standard defining various authentication and cryptographic operations using a smart card. It defines a set of functions and specifies behavior of a smart card. To be a PIV-compliant smart card, a device must implement these functions in the specified manner.

A developer that wants to build an application that utilizes a PIV-compliant smart card can read the PIV specification, create the command APDUs (see the article on APDUs), send them over an appropriate transport protocol, and interpret the response APDUs.

Alternatively, the developer can use the SDK. Make the connection, create a PivSession, then call appropriate methods, such as GenerateKeyPair or Sign.