Radio frequency identification (RFID) tags are susceptible to computer viruses and can be used to corrupt RFID databases, according to new research.
The radio tags, which are becoming increasingly common in everything from household goods to hi-tech passports and public transport tickets, can be infected with a virus, studies by scientists at the Free University in Amsterdam found.
The Dutch researchers had planned to demonstrate how such a chip can be infected despite only having a small amount of memory at the Pervasive Computing and Communications conference.
According to the researchers' website, the threat arises when hackers cause valid RFID tags to behave in unexpected and generally malicious ways. The scientists said that when an RFID reader at a supermarket checkout counter reads the tag on a product, the software driving it could add the item scanned to the list of the customer's purchases, tallying up the total after all products have been scanned.
"Here is where the trouble comes in. Up until now, everyone working on RFID technology has tacitly assumed that the mere act of scanning an RFID tag cannot modify back-end software, and certainly not in a malicious way. Unfortunately, they are wrong," the researchers said on the website.
The team said its dealings with those in charge of RFID systems dismissed security concerns as "academic, unrealistic and unworthy of spending any money on countering, as these threats are merely 'theoretical.'"
The scientists plan to make the RFID "malware" publicly available in the hope of convincing the industry that the problem is serious.
"It is a lot better to lock the barn door while the prize race horse is still inside than to deal with the consequences of not doing so afterwards," said the website.