Jumio would like to inform you of some new developments as we work diligently to complete our activities addressing the recent Heartbleed vulnerability in OpenSSL software.
As you were previously alerted, Jumio deployed a hotfix early Wednesday 9 April UTC to fix the vulnerability in our systems. We also released new SDKs for our mobile offerings to replace certificates and prepare for full revocation of other associated certificates.
At that time, you were notified that Monday 12 May would be the day when all previous SDKs would cease to function. Due to consultation with our merchants, we have moved that date to Tuesday 27 May. On that day, the following will occur:
- We will revoke all old mobile certificates
- All previous, unsupported SDKs will cease to function and an error message will be displayed allowing end users to cancel their scans
- Additionally, we will revoke our Netverify Web certificate, which is particularly important if you employ Certificate Pinning