Tomorrow, April 8, Microsoft will no longer provide support for that operating system.
That means Microsoft will no longer issue security updates to patch holes in Windows XP, leaving those ATMs exposed to new kinds of cyberattacks.
If banks fail to upgrade their ATMs to a newer version of Windows, customers might be at risk. If hackers discover new flaws in Windows XP, those bugs will go unaddressed, leaving attackers free to exploit them.
It can't yet be known what hackers could do with a Windows XP ATM after April 8. But the prospect of providing a potentially compromised machine with your account and PIN information is unsettling.
Major banks have been cutting special deals with Microsoft to extend life support for their Windows XP machines while they replace their fleet of ATMs. JPMorgan bought a one-year extension of service and plans to start upgrading ATMs to Windows 7 at Chase banks in July. Citibank and Wells Fargo said they're also upgrading ATMs, but they wouldn't provide details about their plans. Bank of America also intends to ask for an extension.
Replacing the operating systems on ATMs is a major undertaking. In the United States, there are 210,500 bank ATMs, about 200,000 of which run on Windows XP, according to Retail Banking Research in London. In most cases, banks must upgrade the software one ATM at a time, and some will need the entire computer inside replaced too. Labor included, it's a process that experts in the ATM industry say could cost anywhere between $1,000 and $3,500 apiece.
Consumers using smaller banks would be well advised to inquire how they are planning to deal with the security issues involved.
And, by the way, if you’re still running XP on your computer, you might want to consider upgrading to Windows 7 or 8. When Windows XP tech support ends this month, your computer may be more susceptible to hackers and viruses.