Home » Industry News » Google Launched Google Play Security Reward Program for Android Security

Google Launched Google Play Security Reward Program for Android Security

Google Launched Google Play Security Reward Program for Android Security

Google has launched Google Play Security Reward Program just a few days back in coordination with bug bounty platform HackerOne. However, Google itself runs its own bug bounties for Android, Chrome, and websites and now expanding this concept to popular Android Apps. For this, researchers will be paid $1,000 reward for qualifying vulnerabilities.

As per HackerOne, hackers will identify the app vulnerabilities and report it to the developers as soon as they find them. After this, the hacker will request for a reward from the program. Once it is evaluated to check whether it meets the Google’s criteria or not, he will be awarded $1000 for this.

Note: Google brings the bug bounty vulnerability research model to Android apps in the Play Store.

Google Play Security Reward Program includes following apps till now:

– Dropbox, Alibaba, Duolingo, Line, Mail.Ru, Headspace, Tinder, Snapchat

How does it work?

To know its working, one should be aware of “qualifying bugs” for which researchers are awarded. These bugs are limited to RCE(remote code execution) flaws that work on Android devices with version 4.4 or above. This includes attacks which allow malicious code to be downloaded and executed, opening a webview in an app for phishing and manipulating the user interface to cause a fraudulent transaction. Here is its working:

– Researchers find bugs and report it directly to the app’s developer via their current vulnerability disclosure process.

– The bounty page consists of links to the page where they report issues to the participating firms.

– App developer fixes the bug while working with them.

– Once the bug gets resolved, the researchers request a reward from the Google Play Security Reward Program.

– Android Security team issues an additional reward to thank them for improving security within the Google Play ecosystem.

 

Many companies in the bounty program are already offering bug bounties separately via HackerOne or through their own programs. Some of these companies are listed below:

– Tinder has bug bounty which is a private program.

– Dropbox is running its bounty since 2014 and currently offers $15,625 for “trivial” RCE’s affecting its Android app, iOS and higher rewards for attacks on its servers.

– Snapchat has already paid out approx. $140,000 via HackerOne bounty program.

Google Play Security Reward Program “Top Benefits”:

– It aims to incentivize research in a bug bounty model.

– It can improve Android app security which will benefit app developers.

– It will also benefit the entire Google Play ecosystem and Android users.

– It will resolve unknown vulnerabilities and make Android a safe computing platform.

 

Apart from these, there are plenty of other features. For details, please have a look at this following video.

Conclusion:

As far we have seen, Google Play Security Reward Program offers a lot of benefits/rewards to increase android security. You might not be confused now for not opting this program even after watching the above video.

In fact, you can easily install the app from the Google play store. However, if you still have any query regarding this Android security reward program, then you are free to get expert advice from our Android development team at ValueCoders. ValueCoders, an Indian IT outsourcing company, provides expert software development teams for Android application development, for all your android app development needs. Contact Us Today!!

Looking to Hire Indian Developers?

Contact Us To Save Upto 50% Of Development Cost and 2x Faster Delivery

Are you ready to turn your idea into reality? Contact Us Now

More From ValueCoders Blogs:-

Node.js 10.0.0 is Available Now!

Node.js 10.0.0 is Available Now!

The Node.js project has recently released its latest version Node.js 10.0.0 on 24th April. It is the seventh major Node.js release since the launch of the Node.js […] - Read More

photo app

Prisma: How this photo app brings out the artist in you?

While Pokémon GO is ruling the app stores ,  Prisma is also catching everybody's eyes. This photo app originated from Germany has gone viral in only five weeks […] - Read More

Google’s Flutter Beta- Builds Beautiful Native Apps

Google’s Flutter Beta- Builds Beautiful Native Apps

Google has released the first beta SDK of Flutter, a mobile UI framework, which helps developers in creating interfaces for the apps on Android as well as the iOS […] - Read More

Angular 8: New Release To Be Expected In May!!

Angular 8: New Release To Be Expected In May!!

Google’s Angular Team is all set to release version Angular 8.0 of its web app framework in May 2019. This version is expected to include the first opt-in technical […] - Read More

Android Nougat Vs Marshmallow Vs Lollipop (infograph)

Android Nougat Vs Marshmallow Vs Lollipop (infograph)

Every-time Android appears in a new appeal with its brand new updates. From Donut(1.6) to Nougat(7.0) (newly released), it has been a glorious journey. In recent times, […] - Read More

Laravel 5.7 is now released!

Laravel 5.7 is now released!

Laravel 5.7 is now released and available to everyone. This release introduces several new features and many bug fixes and improvements over 5.6. Some of the new […] - Read More

Next.js 8 is Available Now With Better Build-Time Memory!

Next.js 8 is Available Now With Better Build-Time Memory!

Next.js has reached version 8. Next.js is a React framework for static and server applications. The latest version includes features such as Server.js without the […] - Read More

5 Things You Need to Know About Java 9

5 Things You Need to Know About Java 9

In the month of September 2017, Java announced the latest version of Java known as Java 9. It is released after more than 3 years after the release of Java 8, it is a […] - Read More

Angularjs 2: Official release from Google team

Angularjs 2: Official release from Google team

Now it's official. The complete new Angularjs version is now officially available. 6 years back in 2010, Google first launched Angularjs, a new way to develop web […] - Read More

VR Mobile Apps To Drive The Market In 2019

VR Mobile Apps To Drive The Market In 2019

Virtual Reality is no longer a future technology now as it is already expanding and on the verge of exploding, especially, due to increasing demand for VR mobile apps […] - Read More

Java 10: New Features And Enhancements

Java 10: New Features And Enhancements

Oracle has recently delivered the new Java 10 within the previously announced deadline. It is a feature release of the Java SE platform which got released on March 20, […] - Read More

Angular 4 Is Out Now!! Should You Switch From Angular 2?

Angular 4 Is Out Now!! Should You Switch From Angular 2?

From our last blog, you already know that Angular 4 was going to release in March 2017. On 23rd, Google's Angular team  finally announced the release of version 4 […] - Read More

Angular 6: How is it better than previous versions?

Angular 6: How is it better than previous versions?

On May 3, 2018, the Angular team announced the new version of Angular called as Angular 6. This released is focused on improving Angular toolchain. Angular is one of […] - Read More

React, Angular and Vue

Angular, React & Vue: What’s coming in 2017?

2016 has been a tremendous year for JavaScript. Host of new frameworks came to the picture. Some blurred, a few survived and a handful became shining stars. If you are […] - Read More

Featured Post

30 Simple and New App Ideas for Startups (AI, ML, Blockchain, AR/VR)

In 2019, the demand for app ideas is increasing. More and more businesses are building apps which are lightweight, tech-savvy, fast and serves the purpose. In 2017–18, there were around $197 billion of mobile app downloads, which will jump to a stunning mark of $352 billion by 2021. The era of complex and heavy apps[...] - Read More