The Clock is Ticking


April 8, 2014 is getting closer every day and now that the calendar has turned the page to 2014 there may be a little more desperation in the air.  This is not like the Y2K scare that was founded on fear and outlandish claims, but a reality, based on Microsoft’s plans to discontinue support of the Windows XP operating systems.

What this means for your Point of Sale (POS) system is that there will be no more security updates and /or patches for any Windows XP Operating Systems.  Also, this means that a simple upgrade to Windows 7 or 8 will not necessarily fix the problems as much of the old, out of date hardware that uses Windows XP will simply not work with newer Windows programs.  Due to this change, many trying to eek by on Windows XP Operating Systems may have trouble staying PCI compliant as new vulnerabilities crop up every day, but there will be no patches available to make sure the system remains safe.

In the grocery industry due to low margins, a new investment to keep up with technology may be hard to swallow but the alternative could have devastating consequences.  If your system is not in accordance with PCI Guidelines then your customer data has the potential to become corrupt through security breaches.

Not only does this put you and your customers at risk, but it also means that you could be hit with fines. According to pcicomplianceguide.org, the fines will range from $5,000 to $100,000 per month for non-compliance. Also, transaction fees can be increased and your payment company may even terminate your agreement.  This effectively could leave your organization without the ability to take credit and debit cards as well as Electronic Benefits Transfer (EBT) cards. That should make you think twice and think fast about a total system upgrade or solution.

A word of caution, trying to use a duct tape or bailing wire approach may end up costing you more in the long run.  Just because you can get your old system to function on Windows 7 doesn’t cover all of the bases. Each application’s PA-DSS validation must include testing from each and every platform.  In other words, just because it can, does not mean you are in compliance.  After paying for all of the costs associated with “making it work” you may have to invest in a totally upgraded system anyway. 

The best approach at this time is to find out your operating system and then see if an upgrade is in order. If you still have Windows XP, it more than likely is. It will be much better to bite the bullet and upgrade rather than run the risk of fines, negative publicity, additional costs for poorly executed, non-functioning solutions or alienating your customer and put your data in the hands of hackers.