Latest in Gear

Image credit:

Google's bug bounty program now covers all popular Android apps

Any app with more than 100 million installs is eligible.
Share
Tweet
Share

Sponsored Links

oatawa via Getty Images

There have been several instances of malware discovered in apps on the Google Play Store recently, and now Google is enlisting further help from the public in beefing up the security of the apps it distributes on its platform.

Google's expanded initiative, called the Google Play Security Reward Program, offers rewards to developers who uncover issues in apps on the Play Store. Previously, the program only covered a set list of eight top apps, but now any app from the Play Store with more than 100 million installs is fair game. If developers discover and disclose a vulnerability in an app to Google, they can claim bounties of up to $20,000.

Typical bug bounty programs are run by companies to offer rewards to people who find security issues within the company's own software. This program is unusual in that it offers bounties for finding vulnerabilities in other company's apps as well.

"This opens the door for security researchers to help hundreds of organizations identify and fix vulnerabilities in their apps," a Google spokesperson said. If an app developer has its own bug bounty program, bugs can be claimed from both the app developers and Google.

In addition, Google is launching a Developer Data Protection Reward Program to hunt down "data abuse issues" in Android apps, OAuth projects and Chrome extensions. This means findings apps which are using or selling users' data without user consent. If a data abusing app or extension is reported to the program, it will be removed from the Play Store or the Chrome Web Store and the bug hunter will receive a payment of up to $50,000.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

The 2020 Engadget Holiday Gift Guide

The 2020 Engadget Holiday Gift Guide

View
'Marvel's Avengers' hasn't turned a profit yet

'Marvel's Avengers' hasn't turned a profit yet

View
The best TV deals we could find for Black Friday

The best TV deals we could find for Black Friday

View
'Star Wars Squadrons' next-gen update packs 4K, 120 FPS tweaks

'Star Wars Squadrons' next-gen update packs 4K, 120 FPS tweaks

View
CD Projekt Red shows off 'Cyberpunk 2077' next-gen gameplay

CD Projekt Red shows off 'Cyberpunk 2077' next-gen gameplay

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr