Google improves Google Play Security Reward Program
In 2017, Google launched the Google Play Security Rewards Program (GPSRP) and three years after its creation, they have just announced an improvement in the program.
With the aim of improving security in the Android environment, now the GPSRP, in addition to the programs developed by Google, will include programs with more than 100,000,000 downloads hosted in the Google Play Store. Independently of whether these are third-party applications.
Google has also created the Developer Data Protection Reward Program (DDPRP), a reward program in collaboration with HackerOne, which seeks to identify and solve data abuse problems in Android applications, OAuth projects and Chrome extensions.
In this way, Google is committed to promoting security in its operating system, and urges any developer or cybersecurity researcher to report any vulnerabilities they find. GPSRP bonuses range from $500 to $20,000, depending on the criticality of the reported vulnerability.
References:
- 29/08/2019 android-developers.googleblog.com Expanding bug bounties on Google Play
- 29/08/2019 zdnet.com Google adds all Android apps with +100m installs to its bug bounty program
- 29/08/2019 xatakandroid.com Google amplía el Programa de Recompensas de Seguridad de Google Play a las apps más descargadas
- 29/08/2019 andro4all.com Mejoras y más recompensas en el programa Google Play Security Rewards: saca el ‘hacker’ que hay en ti y gana dinero con ello