In 2017, Google launched the Google Play Security Rewards Program (GPSRP) and three years after its creation, they have just announced an improvement in the program.
With the aim of improving security in the Android environment, now the GPSRP, in addition to the programs developed by Google, will include programs with more than 100,000,000 downloads hosted in the Google Play Store. Independently of whether these are third-party applications.
Google has also created the Developer Data Protection Reward Program (DDPRP), a reward program in collaboration with HackerOne, which seeks to identify and solve data abuse problems in Android applications, OAuth projects and Chrome extensions.
In this way, Google is committed to promoting security in its operating system, and urges any developer or cybersecurity researcher to report any vulnerabilities they find. GPSRP bonuses range from $500 to $20,000, depending on the criticality of the reported vulnerability.