It is important for restaurants and retail stores to maintain payment card industry (PCI) compliance in order to protect their customers’ credit card data. On April 8, Microsoft will stop supporting Windows XP, the most installed operating system in hospitality establishments for more than a decade.

This is problematic for the many restaurants and retail stores that use Windows XP Pro with their point of sale (POS) system. In order to remain PCI compliant, businesses using Windows XP must upgrade their operating system before that date (with one exception: those using POSReady will have extended support through April 2019).

The run-down

Businesses that haven’t begun planning for these changes should start the process as soon as possible. On their website, Microsoft explained that based on historical customer deployment data, the average enterprise deployment can take 18 to 32 months from business case through full deployment. Small to medium-sized businesses may be able to get away with less preparation time, but with less than three months left, they are still cutting it close.

Businesses should also start their upgrade process as soon as possible because upgrade costs can vary depending on the age of your current POS system. They must leave enough time to budget for the upfront costs of a new system as well as enough time for installation and employee training.

Recommended steps:

  1. Determine whether or not your business will be affected by checking the operating system version you have installed in each of your POS terminals.
  2. Contact your POS system vendor to verify your findings.
  3. Ask them to recommend upgrade options that work well with your system.
  4. To choose an upgrade option, ask them to estimate costs and deployment time for each operating system, keeping in mind that you have little time left for training and installation.


Without Microsoft’s support, businesses still using Windows XP Pro will be vulnerable to security breaches as of April 8. As Microsoft releases security updates for its supported Windows versions, hackers will search for weak spots, using XP as a test. If they find the same weak spots in XP, malware authors will develop exploit code.

What could result:

  • Malware authors can gain access to your customers’ credit card or financial data.
  • Your business can be fined for failure to pass compliance audits or for being in a non-compliant state.
  • Your business can lose the ability to use major credit cards and access critical business data.
  • Your business’ public image could be tarnished by security breach or failure to pass compliance.


Many retailers and restaurateurs will choose to stick with a Microsoft operating system. For retail and hospitality POS applications, the company recommends Windows 8 and Office 2013. It explained that these systems can encourage employees to be more productive and could increasing operational efficiency through improved security. Not to mention, businesses that upgrade to these systems could take advantage of virtualization and cloud technology.