Costco's IBM i Backbone: Why AS/400 Lineage Still Drives Retail Scale

Costco still runs a large slice of its retail operations on the same IBM iBM midrange lineage that traces back to the AS/400 — not because the company is stuck in the past, but because the platform delivers a combination of reliability, integrated transaction processing, backward compatibility, and a total-cost-of-ownership profile that has proven unusually hard to beat for Costco’s specific business model.

Background​

The AS/400’s long shadow: from OS/400 to IBM i and Power Systems​

IBM’s Application System/400 (AS/400) arrived in 1988 as a midrange server built for business throughput, integrated database services, and ease of administration. Its operating system, originally OS/400, later rebranded as i5/OS and finally modernized into IBM i, carried forward a critical design goal: strong backwards compatibility for business applications while enabling hardware evolution beneath the software layer. Over the decades IBM moved the platform’s instruction sets onto Power-series processors, and in 2008 consolidated System i and System p into the modern IBM Power Systems family, which can run IBM i, AIX, and Linux on the same physical hardware. The result is that, while a green-screen terminal may look like 1980s tech, the underlying stack today is very different and continues to be actively developed.

What “legacy” means here​

When journalists say “Costco uses 1980s IBM computers,” they refer to the lineage — the business logic (often written in RPG), the DB2 for i relational database, and the 5250 terminal model frequently emulated on modern monitors. Those components are descendants of the AS/400 architecture, but the hardware and firmware running modern stores are current Power Systems servers and supported IBM i releases, not museum pieces. That distinction is essential: IBM i shops benefit from decades of backward compatibility and stepwise modernization rather than a hard fork into irrelevance.

---

Why Costco’s choice makes sense for retail-scale transactions​

Transactional integrity, integrated database, and low operational friction​

Retail operations hinge on atomic, auditable transactions: checkout rings, price adjustments, inventory decrements, and vendor invoicing. The IBM i platform bundles an operating environment with an integrated DB2 database and a design that treats applications, data, security, and system management as a closely coupled unit. That integrated architecture reduces the surface area of complexity compared with multi-vendor stacks that rely on stitching separate database servers, application servers, and middleware together. For a company like Costco, which focuses on low SKU counts and massive transaction volumes per SKU, the predictability and transactional correctness of an integrated midrange system are powerful advantages.

Reliability at scale: what “five nines” and beyond mean in practice​

Enterprise IT studies and vendor surveys consistently rank IBM’s mainframe and Power lines among the most reliable commercial server platforms. Independent industry reliability surveys have reported extremely high uptime metrics for IBM Power and z-family platforms, and IBM highlights high-availability engineering as core to those product lines. For retail chains that can’t tolerate checkout or inventory-system outages during peak hours, the empirical reliability record of Power-based platforms is a substantial factor in buying decisions. That reliability is not marketing shorthand — for transaction-heavy workloads, minutes of unplanned downtime translate directly into millions of dollars of lost or delayed sales.

Cost, complexity, and Costco’s narrow SKU strategy​

Costco’s commercial strategy — a deliberately narrow assortment of roughly 3,500–4,000 SKUs at any given time — reduces the complexity of merchandise and inventory systems relative to sprawling general-merchandise retailers. Costco’s co-founder Jim Sinegal has repeatedly described the SKU strategy (around 3,800 SKUs as a working average), and that constraint tilts the calculus toward a rock-solid transactional backend over a flexible catalogue engine that supports hundreds of thousands of SKUs. Maintaining IBM i-based systems that already do this work well can be materially cheaper than paying for a wholesale replatform plus integration, retraining, and risk during migration.

---

The technical shape of Costco’s deployed stack​

Green screens, 5250 terminals, and modern emulation​

A visible sign of IBM i’s lineage is the 5250-style interface familiar to many retail IT veterans: character-based screens, function keys, and terse menus. Today most sites use terminal emulators that display 5250 sessions in a GUI or run those screens in browser-based wrappers. That front-end modernization is cosmetic to the underlying point: the backend processing — inventory lookup, transaction posting, batch settlement — is still handled by IBM i or related Power Systems partitions. Journalists and IT insiders report that Costco’s core back-office and many store-level transactional workflows remain on this midrange stack.

Power Systems versatility: IBM i, AIX and Linux on the same iron​

Modern Power Systems hardware supports logical partitioning (LPARs) and can host multiple operating systems simultaneously. Costco’s environment reportedly includes instances of IBM i (the AS/400 lineage) alongside other UNIX-derived workloads such as AIX, and customer deployments frequently run Linux as well. That flexibility allows teams to keep stable, transactional workloads on IBM i while using Linux or AIX for newer services, middleware, or analytics — a hybrid approach that eases incremental modernization without forcing a big-bang migration.

---

Security: why “can’t be hacked” is misleading — and what does protect IBM i shops​

Security by design vs. security by obscurity​

A recurring claim in consumer-facing coverage is that IBM i systems get fewer attacks because attackers focus on Windows and Linux. There’s a kernel of truth: a smaller, more specialized platform attracts less commodity malware than massively targeted operating systems. But obscurity is not security. Security practitioners working with IBM i report both builtin capabilities (strong object-level protections, EBCDIC-to-ASCII separation, integrated DB2 security primitives) and real-world gaps: default credentials, open network services, misconfigured FTP/ODBC endpoints, and unpatched management interfaces. History shows IBM i shops that neglected modern security hygiene have been compromised or nearly compromised. In short, the platform can be made very secure — but only when administrators apply modern controls and monitoring rather than relying on obscurity.

Examples: near-misses and misconfigurations​

Public write-ups from security researchers and IBM i specialists document cases where inadequate hardening allowed privilege escalation, menu-bypass attacks, or exposure via integration endpoints. In some reported incidents, organizations mitigated broad ransomware impact by virtue of their IBM i environment being isolated, but those same incidents drove significant post-incident modernization of perimeter and endpoint defenses. The technical lesson is clear: IBM i reduces some classes of risk but introduces others if the platform’s unique architecture is not actively defended.

---

Talent, maintenance, and the economics of staying put​

Aging expertise and the training gap​

A well-known operational pressure for IBM i shops is workforce renewal. Many original AS/400 and iSeries engineers are approaching retirement, and mainstream graduates rarely encounter RPG or IBM i in university curricula. That has created an active market for specialized consultancies and training providers that teach modern developers how to maintain and extend IBM i systems. Companies that lean on IBM i must either build training pipelines or contract specialist providers — both of which factor into long-term cost calculations. Interviews with IBM i consultancy leaders underscore this skills bottleneck and the investment required to keep critical expertise in-house.

Maintenance costs vs. migration costs​

Maintaining a long-lived installed base has predictable, often modest, annual costs: hardware refresh cycles on Power Systems, OS/service pack updates, and specialist support. By contrast, migrating a mission-critical retail stack away from IBM i typically requires re-implementing business rules, rebuilding or porting decades of RPG customizations, extensive testing for transaction correctness, and a multi-month to multi-year deployment plan. For many companies — and especially for Costco, which prizes operational efficiency and low SG&A — the projected migration cost and the business risk of a faulty cutover often make retention the financially prudent option. Independent reporting and vendor analyses echo this cost/risk asymmetry.

---

The modernization playbook: how organizations reconcile IBM i with modern IT​

Modernization without migration: adapt the perimeter​

Many shops are choosing to modernize around IBM i rather than rip it out. Common tactics include:

• Wrapping legacy RPG programs with RESTful APIs (via JT400, web services, or middleware).
• Building web and mobile front ends that call the IBM i layer for transaction and DB operations.
• Offloading analytics, search, and machine learning workloads to separate Linux/Cloud platforms while keeping OLTP on IBM i.
• Using modern DevOps toolchains and source control with automation tools suited for IBM i.

These approaches preserve transactional integrity while delivering modern UX and integration capabilities. Consulting firms, tool vendors, and modernization success stories document a wide range of feasible patterns.

Full migration: when it happens, and why it’s hard​

Some organizations elect to migrate entirely — typically driven by leadership changes, regulatory pressure, or long-term strategic platform consolidation. Full migration is expensive because business rules encoded in RPG, complex batch flows, and vendor customizations must be re-implemented, tested, and reconciled with downstream partners. The migration path often follows one of three strategies: re-platform (lift-and-shift with emulation), rehost (move logic to different runtimes), or rewrite (re-implement in modern languages). Each option trades risk, cost, and speed differently. Case studies show migrations are feasible but require deep domain knowledge and extensive QA cycles.

---

Risks Costco faces by continuing to use IBM i — and how they can mitigate them​

Risks​

• Skills attrition: Fewer new hires know RPG and the IBM i ecosystem, increasing recruiting and training costs.
• Integration friction: Cloud-native teams and modern SaaS vendors often assume REST/JSON or cloud-native connectors; bridging those can add engineering overhead.
• Regulatory and compliance updates: PCI, privacy rules, and third-party audit expectations evolve; IBM i configurations must be demonstrably auditable and modernized logging/monitoring often need to be retrofitted.
• Security complacency: Assuming the platform is unhackable is dangerous. Misconfiguration or exposed integration points are persistent entry vectors.
• Vendor lock and modernization debt: Some business logic remains tied to proprietary behaviors; replacement options can require long rewrites.

Mitigations​

• Active training programs to grow IBM i competency, pairing experienced engineers with new hires.
• API facades to present modern interfaces and reduce coupling between IBM i specifics and new services.
• Comprehensive security hardening: regular audits, patching, multifactor access, object-level DB security, and centralized SIEM integration.
• Hybrid architectures that keep OLTP on IBM i while scaling analytics and customer-facing services in more agile platforms.
• Incremental migration pilots that port individual subsystems and quantify the risk/cost profile before committing to large-scale rewrites.

Evidence from service providers and IBM i consultancies documents each of these mitigation paths and shows how real-world firms have balanced risk against cost.

---

How this compares to other retail IT choices​

Large retailers pick very different stacks depending on scale, assortment strategy, and appetite for change. Companies with highly fragmented assortments or heavy omnichannel demands may justify cloud-first replatforming; others that run a narrow, high-throughput SKU base — where transaction correctness and uptime are paramount — often keep midrange systems in place or adopt hybrid models. External vendor surveys and industry reporting show IBM Power and mainframe families remain common in finance, retail, and manufacturing environments where uptime and transaction integrity are mission-critical. Those same surveys underscore why wholesale rip-outs are uncommon absent a compelling, quantified business case.

---

The bottom line for IT decision-makers and WindowsForum readers​

• Legacy does not mean obsolete. IBM i and Power Systems are actively maintained platforms with a compelling track record for transactional reliability and backwards compatibility. For retailers whose daily business depends on rock-solid OLTP and constrained SKU strategies, the platform can be the lowest-risk, lowest-cost core for years.
• Security and modernization are not optional. Continuing to operate IBM i requires contemporary security practices, monitoring, and API-driven modernization to integrate with modern analytics and e-commerce ecosystems. Relying on obscurity is a brittle strategy; documented incidents and security research stress the need for active defense-in-depth.
• Migration is expensive and risky — but possible. If the business case for leaving IBM i becomes compelling, plan for multi-year projects, incremental pilots, and rigorous QA. Many successful approaches preserve the IBM i as an authoritative transactional layer while moving ancillary workloads to more flexible platforms.
• Measure the right metrics. For retailers, the primary KPIs are transaction throughput, inventory accuracy, checkout availability, and total landed cost of ownership — not whether screens look modern. Any technology decision should tie directly to those operational outcomes.

---

Conclusion​

Costco’s continued reliance on IBM’s AS/400 lineage illustrates a pragmatic, outcome-driven approach to enterprise IT: when a platform reliably does the core job, replacing it purely for modernity’s sake is neither cheap nor risk-free. The AS/400’s descendants — IBM i on Power Systems — give Costco a stable, integrated transactional backbone that matches its narrow-SKU, high-throughput retail model. That said, complacency is the real risk. Security hardening, a steady pipeline of trained engineers, and pragmatic modernization layers (APIs, web UIs, analytics offloads) are essential to keep the business safe and competitive.
The lesson for IT teams is straightforward: evaluate legacy platforms by business fit and measurable outcomes, not by appearance. For many enterprises the right answer will be hybrid — preserve the transactional integrity where it matters, modernize interfaces and analytics where agility delivers value, and guard vigorously against the twin threats of skill erosion and security complacency.

---

Source: bgr.com Why Costco Still Relies On IBM Computers From The '80s - BGR