Many of you are aware of the Heartbleed bug, which is affecting certain versions of the OpenSSL framework. ACI is committed to providing best-in-class technology, protection and support for our customers.
As soon as the news broke, our Global Information Security team began conducting thorough evaluations of our software to determine any possible risks related to this vulnerability. This is in addition to our standard due diligence practice, which we believe is among the best in the industry.
As part of this process, we examined the internal components of our products, as well as cross-referenced the external components that our products may be dependent upon, or configured to work with. Our products are being evaluated as they are packaged and ready for deployment - this means we can evaluate risk based on how we have built the products, not on how they have been deployed in a customer's environment or customized by the customer.
We've been in close contact with customers via email and phone, to provide any guidance and assistance they need.
Our detailed assessment also evaluated our hosted products deployed in our data centers. None of the hosted ACI applications are exposed to the exploitation of this OpenSSL vulnerability. ACI On Demand's layered security design, along with our rigid adherence to patch management and continual security risk assessment, has served to avoid any risk of exploitation to our customers' hosted environments at the internet facing layer.
We are proactively keeping customers apprised of updates and recommend that anyone with questions contact HELP24 or your ACI customer support representative.
ACI Worldwide, Inc. develops, markets, installs, and supports a line of software products and solutions primarily focused on facilitating real-time digital payments. The Companyâs segments include Banks, Merchants, and Billers. It provides payment solutions to large and mid-size banks globally for retail banking, real time, digital, and other payment services. It support merchants globally, including Tier 1 and Tier 2 merchants, online-only merchants and payment service providers, independent selling organizations, value-added resellers, and acquirers who service them. Within the Billers segment, the Company provides electronic bill presentment and payment (EBPP) services to companies operating in the consumer finance, insurance, healthcare, higher education, utility, government, and mortgage categories. Its solutions include ACI acquiring, ACI issuing, ACI enterprise payments platform, ACI low value real-time payments, ACI high value real-time payments, and others.