Update – “Heartbleed” Vulnerability

Jumio would like to inform you of some new developments as we work diligently to complete our activities addressing the recent Heartbleed vulnerability in OpenSSL software.

As you were previously alerted, Jumio deployed a hotfix early Wednesday 9 April UTC to fix the vulnerability in our systems. We also released new SDKs for our mobile offerings to replace certificates and prepare for full revocation of other associated certificates.

At that time, you were notified that Monday 12 May would be the day when all previous SDKs would cease to function. Due to consultation with our merchants, we have moved that date to Tuesday 27 May. On that day, the following will occur:

  • We will revoke all old mobile certificates
  • All previous, unsupported SDKs will cease to function and an error message will be displayed allowing end users to cancel their scans
  • Additionally, we will revoke our Netverify Web certificate, which is particularly important if you employ Certificate Pinning

Jumio Customer Service at https://support.jumio.com or support@jumio.com is here to help you if you have any questions.

About Jumio Corp

Jumio delivers the next-generation in identity verification, enabling businesses to reduce fraud and increase revenue while providing a fast, seamless customer experience.