Google is expanding its bug bounty program to more apps on the Play Store
What you need to know
- Google is expanding its Security Reward Program and launching a new Developer Data Protection Reward Program.
- The Security Reward Program now covers all apps on Google Play with 100 million or more installs — even if app developers don't have a bug bounty program set up.
- With the Developer Data Protection Reward Program, Google aims to crack down on data abuse in apps.
The Google Play Store is filled with a seemingly endless number of apps, and in an age where digital security is becoming more and more important, having systems in place to ensure these apps are as stable and secure as can be is critical. On August 29, Google announced a couple of big changes coming to the Play Store to help with this effort.
First thing's first, the existing Google Play Security Reward Program (GPSRP) is getting a considerable revamp. The GPSRP was launched in June 2017 with HackerOne to help identify bugs in apps, and today, it's being expanded to include any apps on the Play Store that have at least 100 million installs — even if the developers of said apps don't have their own bug bounty program established.
Since it was launched a little over two years ago, the GPSRP has paid out more than $265,000 in bug bounties.
In addition to the GPSRP getting revamped, Google's also launching a new initiative called the "Developer Data Protection Reward Program" (aka DDPRP).
Google's once again working with HackerOne, and with DDPRP, the companies aim to:
DDPRP will compensate anyone that's able to "provide verifiably and unambiguous evidence of data abuse", with maximum bounties being as high as $50,000.
Google Pay shouldn't be so terrible in 2019
Get the top Black Friday deals right in your inbox: Sign up now!
Receive the hottest deals and product recommendations alongside the biggest tech news from the Android Central team straight to your inbox!
Joe Maring was a Senior Editor for Android Central between 2017 and 2021. You can reach him on Twitter at @JoeMaring1.