Google has lastly launched a põrnikas bounty programme for Android apps on Google Play Store, inviting safety researchers to honor too written report vulnerabilities inward some of the most pop Android apps.
Dubbed "Google Play Security Reward," the põrnikas bounty programme offers safety researchers to move straight amongst Android app developers to honor too laid upwardly vulnerabilities inward their apps, for which Google volition pay $1000 inward rewards.
"The destination of the programme is to farther better app safety which volition produce goodness developers, Android users, too the entire Google Play ecosystem," the applied scientific discipline giant says inward a blog post published today.
Google has collaborated amongst põrnikas bounty platform, HackerOne, to deal backend for this program, similar submitting reports too inviting white-hat hackers too researchers.
White-hat hackers who want to participate tin submit their findings straight to the app developers. Once the safety vulnerability has been resolved, the hacker needs to submit his/her põrnikas written report to HackerOne.
Google volition too then pay out a vantage of $1,000 based on its Vulnerability Criteria, wherein, according to the company, to a greater extent than criteria may live added inward the future, creating to a greater extent than reach for rewards.
"All vulnerabilities must live reported straight to the app developer first. Only submit issues to the Play Security Rewards Program that accept already been resolved past times the developer." HackerOne said.
"For now, the reach of this programme is express to RCE (remote-code-execution) vulnerabilities too corresponding POCs (Proof-of-concepts) that occur Android 4.4 devices too higher."It is an unfortunate truth that fifty-fifty later thence many efforts past times Google, malicious apps continuously somehow managed to fool its Play Store's safety machinery too infect millions of Android users.
It's notable that Google Play Security Reward programme does non include finding too reporting fake, adware or malware apps available on Google play store, thence the programme volition non deport upon the increase inward malicious apps on Google's app platform.
For now, a express number of Android apps accept been added to Google Play Security Reward Program, including Alibaba, Snapchat, Duolingo, Line, Dropbox, Headspace, Mail.ru too Tinder.
So what you lot are waiting for?
Roll upwardly your sleeves too start hunting for vulnerabilities. For to a greater extent than details nearly Google Play Security Reward Program, catch HackerOne.
