In the paper, entitled Panic? What panic? Is the industry in denial over the death of XP?, Software Director of Avnet Embedded Nick Donaldson explains that the withdrawal of XP support means the end of security patches and updates, leaving many thousands of XP-based payment devices worldwide vulnerable to "zero day" hacker exploits. These devices range from chip and PIN terminals, to EPOS tills, to toll barriers, parking machines, and many others.
Additionally, the withdrawal of support will mean that the PCI (Payments Card Industry) organisation that oversees the security of online transactions will no longer certify these devices and payment methods and may impose fines of up to £400,000 for non-compliance.
Simple migration to a newer operating system, however, isn't much of an option: the paper explains that neither Windows 7 nor Windows 8 will run successfully on all the devices that XP currently supports, nor offer PCI-compliant security on them. Yet few of the businesses that manufacture, distribute or use these devices have apparently realised this, with 40% of respondents polled saying they had "yet to even start migrating off XP" and 20% saying they "were not planning to do so at all."
Donaldson comments: "Put simply, many businesses are in denial about the dangers that these changes represent. We are talking here about an instantaneous loss of security that will immediately become exploitable by cybercriminals, leading potentially to the theft of millions. The businesses that manufacture, distribute and use these payment devices and mechanisms have been lulled into a false sense of security that they can simply deploy Windows 7 or 8 to do the same job as XP - but this just isn't true. Basically, if these businesses don't identify workable, PCI-compliant alternatives soon, there will be widescale consequences."
The paper is available to download here http://www.avnet-emb.eu/.... For more information, and to speak to an Avnet Embedded spokesperson, use the contact information below.