RFID and Fingerprint Scanner Team Up for Olympic Security

Hundreds of athletes, coaches and media representatives are sporting passive high-frequency RFID cards used to screen visitors to the German House.
Published: August 20, 2008

Every two years, Deutsche Sport-Marketing, the marketing and management agency for Germany’s Olympic teams, sets up what’s called the Deutsches Haus (German House), the meeting point that also serves as the “temporary embassy” of the German Olympic family. For the 2008 Summer Olympics in Beijing, visitors to the German House need a special ID card that combines RFID, biometric and other technologies.

More than 400 German athletes and hundreds of coaches, officials, guests and media representatives are sporting RFID-enabled cards that are part of a security system designed and built by Bundesdruckerei (BDR), a Berlin-based provider of passport and ID-card systems, ID documents, high-security cards, document-checking devices and security software. The ID cards contain passive 13.56 MHz high-frequency RFID inlays that comply with the ISO 14443 standard. Fixed RFID readers have been set up at three gates with turnstiles at the main entrance to the German House, according to BDR spokesperson Iris Köpke, and four mobile readers stand in the ready for times when long lines of people wait to enter the facility.


When issuing a card, the system scans the fingerprint of a person’s left index finger, which is then stored in the back-end database.

Each card has visual data printed on it, such as the cardholder’s photograph and name and the dates that person is authorized to enter, says Köpke. The card also has a bistable display, which can retain an image without power, to indicate the cardholder’s membership in a predefined group—for example, the German Olympic Sports Federation. Encoded on the RFID inlay is a unique identification (UID) number that has been associated with that cardholder in a back-end database. The cards are small enough to fit into wallets, purses or even pants pockets. “However, most visitors wear the card in a plastic pouch hung around their neck,” says Köpke.

When issuing a card, the system scans the fingerprint of a person’s left index finger, which is then stored in the back-end database. The fingerprint is not stored in the card’s chip, so “that no sensitive data are lost if a guest loses his or her card,” says Köpke. The gates at the turnstiles, and the mobile readers, all include fingerprint scanners.
To enter the German House, the cardholder has to place the card on the gate’s RFID interrogator and the appropriate finger into the gate’s fingerprint scanner. The interrogator reads the card’s UID, and the data record (including the stored fingerprint) associated with that number is retrieved from the database. If all the data matches, a green indicator lamp lights up, the turnstile is automatically unlocked, and the cardholder can enter the German House.

The fixed readers are linked to the back-end database via a local area network, and the mobile readers are connected via a wireless network. The system employs encryption to protect the data as it traverses the network, Köpke says.


To enter the German House, visitors must place their ID card on the gate’s RFID interrogator and their appropriate finger into the gate’s fingerprint scanner.

In late 2007, after Deutsche Sport-Marketing had defined its specifications for the system, BDR began designing the access system used for this summer’s Games. BDR then carried out site inspections in Beijing and decided on the exact locations for the security system. “At the beginning of this year, we started the specific programming work. We used state-of-the-art processes and algorithms for fingerprint acquisition and verification when designing and implementing the access-control system,” says Köpke.

Although it is possible for someone to create a counterfeit access card identical to the ones issued by Deutsche Sport-Marketing in Beijing, Köpke says it is “impossible to manipulate Bundesdruckerei’s system.” That’s because, even though the readers might scan a bogus card and the person’s fingerprint, “the doors will not open because the person’s data record is stored in the database and so cannot be used for the live comparison. For the same reason, the gate will not open if an unauthorized person tries to use a card that has been lost. In this case, too, the data record in the database would not match the live fingerprint.”

BDR had previously designed access systems for Germany, at both the 2004 Summer Olympic Games in Athens and the 2006 Winter Games in Turin. Each time, the company introduced new features. In Turin, for example, BDR added a feature whereby visitors also had their cards read on leaving the building. “This made it possible to know how many people were actually in the German House at any time. This information would be important, for example, if the House had to be evacuated in the event of a fire,” Köpke says. The bistable display being used this summer in Beijing is a new addition to the system.