Google paying out cash bounties for identifying and solving Android vulnerabilities

Google takes security very seriously, and now that’s more true than ever. The company has offered bounties for anyone that could find or solve vulnerabilities in Chrome and their websites with their Security Rewards program, and today they’re extending that to cover Android, too.

Just how it works with other apps and services, if you find or fix a vulnerability in Android Google will pay out a bounty depending on how severe the bug or vulnerability is. Identifying a bug nets you anywhere from $500 to $2000 based on how severe the issue is. Providing test cases or patches for those bugs drastically increases the payout, topping out at around $8k for very critical vulnerabilities. If you can find a functional exploit via a third-party app installed on a device, Google will shell out upwards of $20k. Those are some pretty high rewards if you think you can slip through Android’s current state of security.

The only conditions to these bounties are that it must apply to the Nexus 6 or Nexus 9 AOSP or OEM code. They’ll also only be rewarding the first instance of a bug being disclosed. There are a handful of other rules and exceptions to read up on if you’re interested in taking a crack at snagging one of these bounties.

source: Android Security Rewards

Come comment on this article: Google paying out cash bounties for identifying and solving Android vulnerabilities