Wednesday , October 24 2018 Ausdroid » News » Google Play Security Rewards Program will reward hackers for vulnerabilities in Android apps


As holder of a lot of valuable personal information Google is highly conscious of security. Their bug bounties for Chrome, Android and other products offer generous cash rewards to anyone reporting vulnerabilities to them, and now they want to help third-party developers with the Google Play Security Rewards Program.

Under the new program, which is being run with HackerOne, hackerssecurity researchers can report vulnerabilities with popular apps found on Google Play to the developer of the app and once the issue is resolved they get a $1,000 reward from Google.

Google is currently looking for ‘RCE (remote-code-execution) vulnerabilities’ only at this stage with a Proof of Concept required as well that works on Android 4.4 devices and higher. That’s probably the worst kind of exploit, so very much worth following, but this could be expanded, though Google hasn’t said so.

At this stage, the program only covers ‘popular’ apps, which is basically apps from developers that Google has selected, but will be expanded, though slowly to include more. Google Play offers millions of apps (one site says 3.3 million) so it’s understandable that this is a staged rollout.

If you’re a security researcher and want to find out more you can head over to the HackerOne site to check out how to submit vulnerabilities for a reward.

Source: HackerOne.
Via: Google.

Daniel Tyson   Ausdroid's Editor in Chief

Dan is a die-hard Android fan. Some might even call him a lunatic. He's been an Android user since Android was a thing, and if there's a phone that's run Android, chances are he owns it (his Nexus collection is second-to-none) or has used it.

Dan's dedication to Ausdroid is without question, and he has represented us at some of the biggest international events in our industry including Google I/O, Mobile World Congress, CES and IFA.

1
Join the Ausdroid Conversation

avatar
1 Comment threads
0 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
1 Comment authors
Saikat Recent comment authors
  Subscribe  
newest oldest most voted
Notify of
Saikat
Guest

That’s some serious cash for the security researchers. Tons of bad apps listed in Google Play.

Check Also

Modified Google Camera app lets you try Night Sight on your Pixel phone

Google’s announcement of Night Sight for the Pixel 3 at their Made by Google event …