Google's new bug bounty program is aimed at making Android apps more secure

By Digit NewsDesk | Published on Oct 23 2017
Google's new bug bounty program is aimed at making Android apps more secure
HIGHLIGHTS

The Google Play Security Reward program offers $1000 to researchers for submitting vulnerabilities in Android apps on Google Play.

Apple iPhone XR 64GB at Lowest Price Ever

6.1" display | 50% Faster Graphics performance | TrueDepth camera

Click here to know more

Google has introduced its new Google Play Security Reward Program, as a way to “incentivise security research” into Android apps that are downloaded from Google Play. Under the program, independent security researchers and developers will be able to submit vulnerabilities in existing Android apps, to Google. The company will evaluate these submissions and pay $1000 to the researcher who found the vulnerability.

According to Google, the program is currently limited to “remote-code-execution” vulnerabilities. RCE vulnerabilities are those that allow attackers to run code on a smartphone without users knowing or permitting the same. The company has tied up with bug bounty platform HackerOne, to enable researchers to submit vulnerabilities.

Further, the company says vulnerabilities will first need to be reported to the app developer in question. The Play Security Rewards program will only entertain issues that have already been resolved by the developer. Also, only issues that have been fixed within a 90 day period will qualify for the rewards.

The Google Play Security Reward program seems to have a pretty wide scope as well. “All Google-developed Android apps available on Google Play are in scope,” says Google. However, it urges researchers to report vulnerabilities in Google apps to the Google Vulnerability Program or the Chrome Reward Program.

Videos

Google Pixel 2 & Pixel 2 XL First Look
logo
Digit NewsDesk

The guy who answered the question 'What are you doing?' with 'Nothing'.

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of Thinkdigit.com as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.