Most ATMS still run on Windows XP, according to one industry estimate. With less than nine months until Microsoft stops supporting the OS, a credit union exec explains why upgrading is so painful for financial institutions.
8 Windows 8 Apps Under $25
(click image for larger view and for slideshow)
They're so commonplace that you'd be forgiven for forgetting that they're computers, albeit limited to a single application: Handling cash.
Automated teller machines, better known as ATMs, are indeed computers, though, even if we don't think of them in the traditional "PC" sense. There's a screen, a keypad, a user interface. Under the hood, there's memory, a processor and other hardware. There's also an operating system -- and if you had to bet your checking account, the smart money would say your ATM runs on Windows XP.
"It's like any other Windows-based PC," said John Campbell, manager of the automated delivery systems department at Virginia Credit Union, in an interview. "I tell the new hires here at work 'remember, your ATM is just this' -- and I point to the PC on their desk. And just like a PC at work or at home, Windows gets grumpy [in certain scenarios]."
Most ATMs used to run on IBM's OS/2. That changed in the early 2000s, according to Campbell, when IBM began phasing out OS/2 and later announced it would end support for the software. Most OS/2 terminals were upgraded to Windows XP-based systems. Although that enabled a good deal more functionality and potential applications, it added an equal dose of complexity.
"Nobody was ever hacked in OS/2," Campbell said, noting the popularity of Windows as a target for online criminals. "There's a lot more behind-the-scenes work you've got to do with these ATMs than you ever had to do in the OS/2 world."
Virginia Credit Union, with more than $2 billion in assets, operates 16 branches that count state employees as their largest customer segment. The bank's 34 ATMs have all been upgraded during the last several years to modern, full-functioning terminals running on XP. That gives it much in common with the rest of the ATM industry.
Dean Stewart, senior director of core product solutions at Diebold, one of the major ATM service providers, estimated that around 75% of ATMs in the U.S. are based on XP. Microsoft will end support for the popular but aged OS on April 8, 2014, less than nine months from now.
Although some banks and credit unions, Campbell's included, are busy upgrading their fleets to Windows 7 before next April, you don't need to be a math major to figure out that plenty of cash machines will still be running XP after the support cutoff. "It's not a simple flip," Campbell said.
Atop the list of problems that poses: running an unsupported OS would render a financial institution non-compliant with payment card industry (PCI) requirements. If declared non-compliant in an audit, fines could run thousands -- even tens of thousands -- of dollars per month, a potentially crippling cost for smaller financial institutions, according to Diebold's Stewart.
There are lots reasons why XP remains the dominant software powering so many ATMs. Several of them should sound familiar to IT pros that handle OS migrations for their corporate PC portfolios: Budget, hardware performance, and compatibility issues should make a few heads nod in agreement.
Other factors are specific to the banking industry and the operational complexity of managing ATMs. To the end user, ATMs are quite simple: They take deposits and spit out cash. For folks in Campbell's shoes, they're expensive and complicated machines that require a lot of upkeep.
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
2018 State of the CloudCloud adoption is growing, but how are organizations taking advantage of it? Interop ITX and InformationWeek surveyed technology decision-makers to find out, read this report to discover what they had to say!
Cybersecurity Strategies for the Digital EraAt its core, digital business relies on strong security practices. In addition, leveraging security intelligence and integrating security with operations and developer teams can help organizations push the boundaries of innovation.