Google invites the individual researchers and developers from across the globe to spot security issues in Android and Google Play Store. In return for the researchers’ efforts the company rewards them with the prize of real money. Google announced that its Android and Google Play Security Rewards programs have crosses $3M payouts. Under this program, the company incentivizes the bounty researchers to find bugs and flaws in Android and Google Play.
With the help of Android and Google Play Security program, Google resolves a number of security flaws in the Android ecosystem to enhance the user experience. The Mountain View company shared that this year the researchers have found 470 qualifying bugs in Android security. Besides, the average pay per researcher for each bug has jumped by 23 %, which makes the total reward expenditure form the company $3M to date. The program was launched by the company back in 2015 and continues to grow till now. According to the report, total 99 researchers have participated in the program with one or more flaws this year.
“Our Android and Play security reward programs help us work with top researchers from around the world to improve Android ecosystem security every day. Thank you to all the amazing researchers who submitted vulnerability reports ”, written by Jason Woloz and Mayank Jain, Android Security & Privacy Team.
Under the ASR program, the average reward that the company has given is $2,600 per reward and $12,000 per researcher. Among all the researcher Guan Gong has received the highest reward from Google of $105,000 for reporting a remote exploiting chain.
Talking about the Google Play Reward program, which was kicked off by the company last year in October invites the security researchers to find the vulnerabilities. According to Google in one year the researchers have submitted total 30 vulnerabilities and collected the total reward sum of $100k. As a result of found vulnerabilities, Google pushes major security updates for more 250 mobile devices from its manufacturing partners.
“Thank you to everyone internally and externally who helped make Android safer and stronger in the past year. Together, we made a huge investment in security research that helps Android users everywhere. If you want to get involved to make next year even better, check out our detailed program rules.”, the team added.