ATMs near you can be easily hacked. Here’s why

What comes as a shock is that the ATMs are vulnerable to hackers as they are still running on old software, which has no security updates now.

Yes, the cash dispensing machines can be hacked and it seems the concerned authorities have learnt no lessons from the recent financial data hack in which 3.2 million Indian debit cards were compromised.

They can be easily hacked as these ATMs work on a software Microsoft stopped supporting more than two years back.

Around 70% of the 202,000 ATM machines in India run on Windows XP and haven’t been upgraded to Windows 7, Microsoft had long time back stopped security updates, patches and technical support for the XP version.

"Resilience of the ATMs is low as Windows XP is no longer supported by Microsoft. That means there are no bug fixes, no patches and ATMs are not upgraded to cope with vulnerabilities," Vivek Belgavi, partner and leader, fintech, PricewaterhouseCoopers (PwC), told ET.

As per experts, it is the responsibility of the banks to upgrade the ATMs.

“There's cause for worry. We have come across malware in unsupported Windows XP systems. Almost 75% of ATMs in India use unsupported Windows XP,” Altaf Halde, managing director of Kaspersky Lab, told ET.

Most ATMs in India are not owned by banks but by payment technology and service providers like Financial Software and Systems (FSS) and FIS Global.

"Majority of the ATM deployments in India happened in the last four years while the ATM refresh cycle is seven to 10 years," Balasubramanian, president, transaction processing and ATM Services, FSS, told ET, adding "The ATM providers (like NCR and Diebold) guarantee the hardware and software, but an upgrade has to be done."

Globally, ATMs are replaced every five years and automatically switched to new software. But in India, replacement can stretch to 10 years with older, decrepit machines often relocated and not scrapped.