Details of the Mobile Vulnerability Reward Program (VRP) were announced by the company on Twitter. The bounty program aims to keep user data safer, find and eliminate vulnerabilities in first-party Android apps.
With the program it offers to people who want to try their expertise in this way, Google offers to pay people who find errors. Rewards range from $500 to $30,000 depending on the level of errors.
Google will pay based on the level of bugs found
Within the scope of the Mobile Vulnerability Reward Program (VRP) offered by Google; Tier 1 applications consisting of Google Play Services, AGSA, Google Chrome, Google Cloud, Gmail and Chrome Remote Desktop will be considered.
In addition to these, applications made by the developers will also be evaluated. These applications are; Google LLC, Developed with Google, Research at Google, Red Hot Labs, Google Samples, Fitbit LLC, Nest Labs Inc., Waymo LLC, and Waze.
The amounts that the company will pay for the errors found are divided into stages. According to this; “Tier 3” applications where the attacker is found to be on the same network will be paid $500 for the theft of sensitive data or other security vulnerabilities. This amount has been determined as the minimum amount that the company will pay.
According to the company’s announcement, arbitrarily executing code remotely offers the ultimate reward. According to the statement, Google costs 30 thousand dollars for Tier 1; It will award $25,000 for Tier 2 and $20,000 for Tier 3.
Apart from this, depending on the initiative of the company, a bonus of 1000 dollars is given to people.
You can find more detailed information about Google’s Mobile Vulnerability Reward Program (VRP) at this link.
47231
