ATM Machine

Will Your ATM Work after April 8?

Thursday Review staff | published Thursday, January 30, 2014 |

Microsoft is killing off Windows XP, the once popular and widely sold version of its operating system which dominated the personal and business computer markets in the early aught years.

Actually, Microsoft is not exactly killing Windows XP, but merely terminating any further tech support for the twelve year old operating system, which means no more of those helpful if sometimes annoying Windows Updates. The updates have been developed and run for years now as a way to keep the XP system stable and free of viruses and malware.

But now Microsoft says enough is enough, and on April 8 of this year they will pull the plug on those update and patches. Microsoft says the process of keeping XP viable is costing them too much money and distracting Windows from moving on bravely into the 21st Century. Millions of computers still use XP, with the majority of those in businesses and government offices. (See related article, Mini Y2K; Thursday Review).

The costs will be huge as consumers and businesses make the upgrade to newer hardware and newer operating systems.

But there is another, perhaps more costly problem lurking out there.

By some estimates, 90 to 95 percent of the ATM machines in the U.S. and Canada use some version of Windows XP, and Microsoft says that—other than a few exceptions—they will not support those thousands of machines with updates or patches. Bloomberg Businessweek estimates that there are 420,000 ATM machines in the U.S. alone, which means that perhaps four fifths of those are facing potential problems on April 8 if they are not upgraded to Windows 7 or newer versions.

Banking experts says that many of those machines will be upgraded by the deadline, but thousands will not.

Many computer analysts and technology experts have stressed (as has Microsoft) that computers using the XP operating system will continue to operate normally, but the upgrades and patches are necessary to maintain not only adaptability, but also safety in world of viruses and malicious attacks. The chief concern: the banking and financial industries in the U.S. have been sluggish in their response to these developments and changes. One need look no further than the recent cyber-attacks on Target, Neiman Marcus and Michael’s to see the extreme vulnerability that the financial networks face in North America.

Furthermore, Microsoft has already extended their deadline several times during the past few years, and they view any additional support as a lost cause in terms of resources and cost.

One solution has been to offer an extension of sorts to financial and banking firms willing to pay for extended, customized support. Several companies have already opted to purchase an extension, a decision based on the fact that the cost of a mass ATM upgrade or replacement program between now and April 8 would be prohibitive. JP Morgan opted for the extended plan, as did other firms with heavy investment in older machines.

Part of the problem resides in the fact that the nation’s ATM system is connected by way of a network that is 40 years old—a patchwork of services, vendors, complex interconnects, modems, phone lines and banking technology that dates back to the 1980s. Many banks, and many of the vendors who build and support ATM machines (like NCR and Diebold), have been lax in the way they have kept pace with newer computer technologies, and have been slow to untangle the old infrastructure. The cost of conversion has encouraged the uniformly slow response to the looming XP deadline among banks.

A few companies will get to keep a grandfathered-in subcategory of XP called Windows XP Embedded, which, by its design, is somewhat more resistant to malware and security problems. Microsoft has reluctantly agreed to support the XP Embedded version until mid-2016, but at that point even that operating system will be phased-out.

There is good news for everyone once the transition is complete.

Newer machines, and those who have already made the conversion to Windows 7, will offer bank customers plenty of advanced features—most notably touch screen technology to replace the 1980s style buttons which are common on so many ATMs. Another development will be ATMs designed to work with newer, more secure chip technologies. By early 2016 most debit and credit cards now in use—the ones with a magnetic strip on the back and that little security code—will be replaced by newer cards which will contain an encrypted microchip (designed to be far more resistant to the sort of cyber-attack seen by millions of Target shoppers). ATMs with newer versions of Windows will be easily adaptable to the more secure cards.

In the meantime, there are plenty of folks out there who predict another Y2K, only this could be real. Banks, credit unions and other financial institutions not prepared for the April conversion could face problems, sooner rather than later, if machines begin to fail or if security systems fail.

Advice for the wary consumer: play it safe and be prepared by getting enough cash from your favorite machine to ride out the temporary storm. It won’t be the end of the world (like it was at midnight on December 31, 1999), but it could get mightily inconvenient when your nearby ATM stops working.

Related Thursday Review articles:

Who Pays for the Target Breach?; R. Alan Clanton; Thursday Review; January 15, 2014

Target's Woes Get Worse; R. Alan Clanton; Thursday Review; January 11, 2014