Terms of Use For FixedByVonnie

By proceeding to access fixedByVonnie.com, you expressly acknowledge, and agree to, all of the following:

fixedByVonnie.com is a personal website and blog owned by Security Plus Pro LLC, which is being presented for informational purposes only. The views on this website are solely those of the website owner (and not those of any employer or of any professional associations affiliated with the website owner).  Any views expressed in this website and any information presented on this website, or in any of its blog entries, should not be relied on for any purpose whatsoever other than as the personal opinions of the website owner.  The website owner expressly disclaims any and all liability for any information presented on this site.  The owner of this website and its blog posts shall not be held liable, and shall be held harmless, for any errors or omissions in any information or representations contained in this website, or in any of its blog entries.  The website owner also expressly disclaims any liability for the current or future availability of any such information. The website owner makes no representations as to the accuracy or completeness of any information on this website or which may be found by following any link on this website. The website owner shall not be held liable for any losses, injuries, damages, claims, or causes of action, from the display or use of any information on this website or in any of its blog entries. If you use the information on this website, or on any of its blog entries, you do so solely at your own risk.

Over 95% of ATMs in the world are still on Windows XP - fixedByVonnie

Over 95% of ATMs in the world are still on Windows XP

ATM Keypad

Have you heard of Luther George Simjian?

He was a visionary.  A luminary.  A prolific inventor with 219 patents who in 1939 believed his Bankmatic Automated Teller Machine would change the financial landscape forever.  Despite resistance from banks, he was unremitting in his ideas and transcended all doubt we he induced Citibank to give it a 6-month trial.

Today, according to research from Statistic Brain, there are approximately 2.2 million ATMs in use around the global. Furthermore, the U.S Government Accountability Office published a report that says there are an estimated 420,000 ATMs in the United States alone.

NCR is the largest ATM manufacturer in the world. In a video interview for NCR Corporation, Robert Johnson, marketing director for NCR, said the user interface for ATM’s hasn’t changed in the past 20 years.  This immutability of the ATM is a huge liability because it means the technology that processes our financial transactions is grossly antiquated.

But this is the thing: ATMs are computers and computers need operating systems.  And guess what operating system most ATMs use?

Windows XP.

In fact, Robert Johnson told @nicksummers at BusinessWeek today that over 95% of the worlds ATMs rely on Windows XP.  In other words, over 2 million of the total 2.2 million ATMs in the world run on sorely outdated software.

The most exasperating fact is that Microsoft is slated to end support for Windows XP on April 8th 2014.  This means those 2 million ATMs won’t be able to install any security updates.  And no security updates means the operating system will be vulnerable and become susceptible to being compromised.

Now, it’s one thing if you’re running Windows XP on your personal computer, it’s another if you using it at the office; however, when you’re a huge bank with entire fleets of ATMs running Windows XP you have a huge problem.

The Federal Trade Commission has provisions in place under the Fair Credit Billing Act to give you the right to refuse credit card payment on products or services that you didn’t get; however, debit cards are another story. Sure, you can report fraudulent debit card transactions but  the process is burdensome.  Ultimately banks can’t afford to have their reputations bruised because of rudimentary security practices.

The threat is real and unless banks get serious about maintaining and decommissioning antiquated systems, there will always be the possibility of making the front page of the New York Times because the Syrian Electronic Army exploited a vulnerability in your bank machines.

The quasi-good news is that Microsoft is cognizant of the issue and two days ago announced continued support for antimalware sigatures for XP through July 14th 2015 but this does nothing for the much need security patches.   The bottom line is banks will either need to trash or upgrade their dated ATMs and they need to act fast.

Depending on the size of the bank and number ATMs in operation, this can cost tens of thousands of dollars, especially if new hardware is required.   And given that most ATMs are almost two decades old, new hardware is a very real necessity.

Ultimately, this is a herculean task that will take months to implement but in light of the recent security breaches in the news these days, people are more concerned than ever that their personal information stays safe.

Do you think banks will upgrade their archaic ATMs before the April deadline?  Let me know in the comments.


Connect with Vonnie on Twitter

Posted in News, Windows, Windows XP Tagged with: