More Info
Read our full whitepaper on OmniPass and HSPD-12 Compliance
Government Solutions
Homeland Security Presidential Directive 12 (HSPD 12), dated August 27, 2004, entitled “Policy for a Common Identification Standard for Federal Employees and Contractors,” directed the adoption of a Federal standard for secure and reliable forms of identification for Federal employees and contractors. It further specified secure and reliable identification that:

  • Is issued based on sound criteria for verifying an employee’s identity
  • Is strongly resistant to identity fraud, tampering counterfeiting and terrorist exploitation
  • Can be rapidly authenticated electronically
  • Is issued only by accredited providers
The directive stipulated that the standard include graduated criteria, from least secure to most secure, to ensure flexibility in selecting the appropriate level of security for each application.

As a result of HSPD 12, the National Institute of Standards and Technology (NIST) published the FIPS 201 standard on February 25, 2005. The FIPS 201 standard defines the Personal Identify Verification (PIV) card, which forms the basis of all Federal employee and contractor identification – the PIV Card is a secure identification badge for all employees and contractors that can allow or deny a user access to any physical or logical resource in the Federal government. An example of the PIV card is shown in Figure 1 below.

Figure 1. Example of PIV Card


FIPS 201 has broken down the implementation of the PIV card into two phases: (1) PIV-I and (2) PIV-II. The first phase PIV-I, deals only with the minimum requirements of HSPD 12 and covers only the processes around the physical issuance of the PIV Card. The second phase PIV-II, deals primarily with using the PIV Card for physical and logical access control. It is the compliance with PIV-II that will drive changes in the physical access control systems as well as the logical information systems, so that the PIV Card (including the user’s biometric information which is stored on the PIV Card) becomes the mandated form of authentication for each user. This white paper is primarily concerned with PIV-II requirements and how the OmniPass product family can help achieve compliance.

Federal departments and agencies were required to meet the requirements of PIV-I no later than October 27, 2005, in accordance with the timetable specified in HSPD 12. The deadline for complying with PIV-II, the part of the specification requiring the PIV card to be used for logical information system access control, is set for October 27, 2006.



© 2000 - present, Softex Incorporated. All Rights Reserved Privacy Policy Site Map