????2014年4月8日以后，微軟（Microsoft）將終止支持擁有13歷史的Windows XP操作系統，同時也不會再提供自動安全補丁。大家或許覺得感到最大不便的應該是那些政府機構和大叔大爺們，但事實上另一批使用Windows XP系統的大戶則是銀行的自動柜員機以及信用卡銷售系統，它們每天都處理著幾十億美元的交易。

????盡管不少大型零售商和大型銀行很可能已經準備好迎接XP時代的終結了，但是別忘了依托于XP的金融系統還包含著大量獨立的ATM運營商和小型金融機構。除了發布空洞的警告之外，行業分析師和內幕人士們也認為，更換操作系統的高成本和它帶來的不便將導致這些小企業在未來很多個月里繼續使用已經過時的XP系統，而這也將給他們的系統帶來嚴重的隱患。

????杰瑞?內文斯是堪薩斯城一家名叫Snow & Co的雞尾酒吧的老板，他現在就面臨著這樣的兩難局面。他的酒吧不到一年前從支付服務提供商Micros公司處購買了一臺銷售點系統，才用了幾個月就被告知需要升級至Windows 7系統，升級費用為1700美元。幸運的是他的酒吧根據合同還在服務期內，所以這次升級是免費的。但是內文斯說：“如果你是一家小企業，這意料之外的1700美元的費用讓你不禁會想，還是碰碰運氣，湊合著接著用吧。”另外內文斯還表示，等待系統升級的客戶排了一條“超級長”的隊，現在他正在祈禱他的系統能趕在4月8號的期限前完成升級。

????水星支付系統（Mercury Payments Systems）的約翰?伯克利指出，不同的零售信用卡處理機的價格相差很遠。“如果你有合格的硬件，只需要直接升級操作系統就可以了。但是對于有些商家來說，要從XP升級到Windows 7，就必須更換全新的硬件。”而這個價格就遠遠不是1700美元能搞定的了。

????而對于ATM機來說，軟件升級帶來的挑戰更大。許多ATM廠商正在為基于XP系統的ATM機提供軟件升級，有些還是最近一個月內才開始的。但是升級成本卻高得另人咂舌。

????FIS Global公司北美借記卡和ATM系統副總裁杰伊?韋伯說：“一臺購買不到五年的ATM機……升級一次軟件的費用是4000到5000美元。”軟件成本之所以這樣高，有一部分原因是由于ATM機的許多專門軟件是基于Windows XP系統編寫的，很難輕易嫁接到一個新的操作系統上。另外使用10年以上的ATM機則需要完全更換。韋伯表示，新的高端ATM機的價格至少都在每臺5萬到6萬美元。

????韋伯表示：究竟是否更新系統，選擇權被拋給了ATM運營商和企業主。“很多企業都在研究升級軟件的投資額，同時把它與潛在的風險進行權衡”，而且許多公司已經做好了賭一把的準備。伯克利說：“4月9號馬上就要來了，等到這一天過了，還會有一些商家沒有升級系統。”韋伯稱這將是“一個細水長流的過程，一個較緩慢的更新過程”。許多系統都會選擇不更新，而且將維持這種不安全的狀態度過2014年年底。

????另外，運營商們得到的一些錯綜復雜的消息可能會進一步強化這種猶豫心態。美國支付卡行業安全標準委員會（the Payments Card Industry Security Standards Council）已經向零售商們發布了建議對銷售點系統進行升級的警告，但是以他們現行的信用卡網絡操作安全標準來看又不需要升級。韋伯本人對這個問題的態度比較樂觀，他說：“這個風險很難量化，市場上有很多現成的技術能夠有助于減輕這種風險。”比如現在大多數支付系統都在一個“相當封閉的電信環境”里運營。

????After April 8th, 2014, Microsoft (MSFT) will end support, including automatic security patches, for its 13-year-old Windows XP operating system. This may sound like an inconvenience primarily for government agencies and aging uncles, but another major set of Windows XP users are the automated teller machines and credit card sales systems that handle billions of dollars of transactions daily.

????While major retailers and banks are likely to be well-prepared for the end of XP, financial systems based on the software are also in the hands of a far-reaching hodgepodge of independent ATM operators and small businesses. Despite ample warning, industry analysts and insiders agree that high cost and inconvenience will keep plenty of these smaller players running outdated software for many months to come -- with serious implications for the security of their systems.

????Jerry Nevins, co-owner of the Kansas City cocktail bar Snow & Co., is close to the dilemma. Snow & Co. bought a point of sale system less than a year ago from the payments servicer Micros -- only to be told within a few months of the need for an upgrade to Windows 7, at a cost of $1,700 for the single-store system. Luckily, Snow & Co. was still under a service agreement, so its upgrade was free. But as Nevins puts it, "If you're a small business, an unexpected $1,700 might be like, eh, I'll go ahead and take my chances." Moreover, Nevins describes a "huge line" of Micros customers waiting for an upgrade. He's crossing his fingers that Snow & Co. will be upgraded before the April 8 deadline.

????Costs to retail credit card processors will vary widely, says John Berkeley of Mercury Payment Systems. "If you have the right hardware you can just upgrade the OS, but for some merchants upgrading from XP to Windows 7 can mean all new hardware," likely costing much more than that $1,700.

????The challenges of upgrading become even bigger in the case of ATMs. ATM manufacturers are offering software upgrades for machines still based on XP -- though some of those have been available for less than a month. But the cost to upgrade can be staggering.

????According to Jay Weber, vice president in charge of North American debit and ATM systems for FIS Global, "An ATM machine purchased in the last five years ... would only need a software upgrade of $4,000 to 5,000 per machine." That software cost is so high in part because much specialized software written for Windows XP can't be easily ported to a new operating system. But ATMs 10 years old or more would need to be completely replaced, and Weber says that new high-end ATMs can cost at least $50,000 to $60,000 per device.

????ATM operators and business owners are largely being left to decide on their own whether to upgrade or not, says Weber. "Organizations are trying to look at the investment of the upgrade and weight it against their perceived risk" -- and many seem to be ready to take their chances. "[April 9th] is going to come and go, and there are going to be some merchants who haven't done it yet," says Berkeley. Weber speculates that "it's going to be a trickle approach, a slower ramp-up," with many systems going without an upgrade -- and remaining officially insecure -- through the end of 2014.

????This hesitancy may be worsened because operators are getting mixed messages about their risk. The Payments Card Industry Security Standards Council has issued public warnings about the need for retailers to upgrade their point of sale systems, but their current set of standards, which are used to determine eligibility to operate on credit card networks, do not require it. And Weber himself seems sanguine: "The risk is hard to quantify. There's a lot of technology in place in the marketplace to help mitigate the risk," such as the "fairly closed telecom environment" that most payment systems operate on.