Latest in Gear

Image credit: Chesnot via Getty Images

Facebook expands its Data Abuse Bounty program to Instagram

It will reward people for reporting third-party apps that exploit user data.
75 Shares
Share
Tweet
Share
Save

Sponsored Links

Chesnot via Getty Images

Facebook will start rewarding security researchers who report data abuse happening on Instagram, the company has announced. This is an expansion of Facebook's Data Abuse Bounty program, which it introduced in April 2018. As part of these efforts, Facebook will now start accepting reports about third-party apps that improperly access and store user data, including applications and services that offer fake likes, comments and followers. Essentially, any app that asks for people's login information (like usernames and passwords) is violating Instagram's terms of use -- and Facebook wants the security community to notify it of anyone who may be taking advantage of this.

In addition to that, Facebook is working with security researchers to stress-test Checkout on Instagram, the shopping feature that lets people buy products without leaving the app, before it launches outside the US. Facebook says it has given a select group early access to Checkout on Instagram and will reward them for eligible reports. "Putting people first is one of Instagram's most important values, and keeping our service secure is an essential part of the work we do to serve our community," said Nam Nguyen, Instagram's head of engineering. "Expanding and building on the Facebook bug bounty program is a key development in our ongoing security efforts, and we are grateful to the wider security community for all they do to help keep our platforms safe."

Just to give you an idea of how much Facebook has paid people for their help, the company awarded more than $1.1 million to security researchers from across the world in 2018. And last year alone, Facebook says, the average payout for bugs that could lead to account takeover was increased to $40,000. All told, in 2018, Facebook received about 17,800 reports, with the average reward amount being around $1,500. Now that its Data Bounty Program covers Instagram, Facebook's hope is that with help from security researchers worldwide, it can keep the popular app safe from bad actors who could misuse people's data.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
75 Shares
Share
Tweet
Share
Save

Popular on Engadget

Nintendo's SNES-style Switch controllers are now available

Nintendo's SNES-style Switch controllers are now available

View
Mazda will show off its first EV at the Tokyo Motor Show

Mazda will show off its first EV at the Tokyo Motor Show

View
US Senators ask the FCC to review licenses with China-owned telecoms

US Senators ask the FCC to review licenses with China-owned telecoms

View
Verizon could carry OnePlus phones beginning in 2020

Verizon could carry OnePlus phones beginning in 2020

View
Pokémon’s New York-inspired monsters join 'Pokémon Go' today

Pokémon’s New York-inspired monsters join 'Pokémon Go' today

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr