Latest in Gear

Image credit: Chris Velazco/Engadget

Samsung’s mobile bug bounty program pays up to $200,000

It's reaching out to the security community for help finding exploits.
231 Shares
Share
Tweet
Share
Save

Sponsored Links

Chris Velazco/Engadget

Samsung is the latest in a long line of tech titans to announce its very own bug bounty program. As its title suggests, the newly-launched Mobile Security Rewards Program will pay users for reporting vulnerabilities in the company's latest firmware. If you spot a weakness, and back it up with solid research, you could pocket up to $200,000. That's in line with the sums offered by the likes of Google (for Android) and Apple. Like those companies (along with Microsoft, Facebook, and Twitter), the rewards program sees Samsung reaching out to researchers to help squash bugs.

Now, before you unleash your inner black-hat hacker on a Samsung Galaxy S8, there are some finer details you should be aware of. Firstly, the program isn't just limited to the Korean manufacturer's latest devices. It encompasses a range of handsets and tablets released from 2016 onwards (roughly 38 devices in total). In order to qualify for a cash prize, you'll be required to identify an exploit that can compromise a handset without the need for a physical connection or third-party app. Bounties are also available for unearthing flaws in other Samsung services, including its Bixby digital assistant, Samsung account, Samsung Pay, and Samsung Pass.

The company already has a bug bounty program in place for its Smart TVs. And, earlier this year, it received a wake up call regarding its Tizen mobile OS, after a researcher discovered 40 unpatched exploits in its system.

Although bug bounties aren't a cure-all for security, they're viewed by some corporations as a positive strategy. Google, which forked out millions in rewards in January, claims they help it to make products safer. And, it says, they encourage the wider security research community to report flaws to the source, instead of exploiting them for their own gain.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
231 Shares
Share
Tweet
Share
Save

Popular on Engadget

Russia reportedly breached encrypted FBI comms in 2010

Russia reportedly breached encrypted FBI comms in 2010

View
Elon Musk insists 'pedo guy' tweet wasn’t serious accusation

Elon Musk insists 'pedo guy' tweet wasn’t serious accusation

View
Nintendo's SNES-style Switch controllers are now available

Nintendo's SNES-style Switch controllers are now available

View
Mazda will show off its first EV at the Tokyo Motor Show

Mazda will show off its first EV at the Tokyo Motor Show

View
US Senators ask the FCC to review licenses with China-owned telecoms

US Senators ask the FCC to review licenses with China-owned telecoms

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr