You heard many things about Google. As you all know Google always stay alert if it is a matter of security. For Google user’s security and privacy comes first. These days we heard several data breach issues and not able to find any application or those platforms which are properly secured and free from malware. To stop all these things Google has taken several steps. Earlier developers are not giving attention before publishing any app in play store. They just made the app and published easily in Google Play store. Now Google restricted them, they have to wait for Google’s approval before publishing. In this article we are going to discuss about another step taken by Google called security reward program. Stay connected till last to know about it.

Google is always doing something new to stop the data breaches. Google Play Security Reward Program is the example of it. In this program Google promote the android developer to explore the loopholes in their apps and softwares and also reward them with some amount. Now Google expanded its security reward program after adding Developer Data Protection reward Program. Let’s try to know what it is exactly and how it works.

Quick intro about Google Play Security Reward Program.

This year Google is completely dedicated to their user’s data safety and security.  They showed something different with updating Google Play Security Reward Program. It is a bug bounty program offered by Google play. In this program all apps are covered and all Android app developers can take part in this program.

It will enable Google to watch and fix any issue and also reward Android developers for this cooperation and help to boost Google’s ecosystem. I this program all apps of pay store which has over 100 million downloads are included.

Google expanded its security reward program after adding Developer Data Protection Reward Program
Image Credit: Google Image

The reward has been increased in comparison of before. Reward amount is different and totally depends on types of vulnerability. Like to detect the bug related to data theft, for this reward amount will be $3000, to detect local code execution $ 4000 and to detect Remote code execution $20,000 will be given as reward.

This is only valid till on or before 16th October 2019. Developers can claim for reward only till 16th of October. 

Get aware about Developer Data Protection Reward Program now.

Okay so in this article we will explain you about both programs. The first one we have mentioned above Data security reward program, which comes under bug bounty program. Now try to understand what actual Developer Data Protection Reward Program (DDPRP) is. It is an expansion of Data Security reward program and also comes under Bug Bounty. The purpose of this bounty program is to identify and mitigate the data abuse issues in apps, OAuth projects and also in chrome extensions. You heard about the above program reward now understand this one too as it rewards the users in the same way as Google’s other program did. Want to know the reward amount? If you submit a single report of data abuse then it net cost would be $50,000 bounty.

Wants to know the reward amount in Google Play Security Reward Program.

Now you need to know about this program’s reward Google speaks out about this program’s reward that till now it pays approx. $265,000 bounties. After updating in apps the number of paid bounty had been increased and reaches till $75,000 bounties that have been paid out. Some other rewards are also available like-

  • Reward for remote code execution bug increases the amount from $5,000 to $20,000
  • Reward for theft of insecure private data , the amount has been increases from $1,000 to $3,000
  • Reward for accessing protected app components has been increasd from $1,000 to $3,000
  • Also provide bonus reward to those for disclosing vulnerabilities to participating app developers. 

Some rules for Google Play Security Reward Program

  • If you find any vulnerability then submit it directly to the related app developers. This program is just for requesting bonus bounties.
  • Only app developers are invited in this program. It is the responsibility of the developers only.
  • If we talk about the reward rules that you need to know, they are ultimately at the discretion of Google and HackerOne. No app developers have control over reward.
  • If same report has been submitted by different developers then in that case first report will be eligible for reward.
  • Don’t submit the report with real user data.

Why Google is so strict?

Within few months we saw many data breaches issues. Over 100 apps had been removed by Google from play stores. Some popular apps also get infected by malware. If you remember the most popular app Cam Scanner, Google removed it permanently from play store due to hidden advertisement. It has more than 100 million users and trusted app among users. This is tough not only for Google but also for Android users. Google has updated the bug bounty program to decrease the data mitigation and data abuse issues. This is actually good to promote this with giving rewards.  

Google is doing all such task to secure us and our smartphone so that’s why they expanded the program called Google Play Security Reward Program. They expanded it and now the program will watch out every app which got millions of download.

While knowing about CamScanner and their millions of users and its popularity, Google removed such apps permanently.  Google has taken some steps to improve their security strategy as we all know. Now Google decided that if an application mishandles the local phone data or share information with third-party advertisers then Google will remove it permanently. This is the reason Google has updated and expanded its security reward program with Developer Data Protection reward Program. Google will also eliminate those apps where it violates Chrome web store minimum user data privacy requirement. Google can remove the app forever.

Conclusion

This program will definitely make the security of Google strong. Nowadays Google is strict over data breaches and third party advertisement. Google step forward for the users. Security is the first priority for Google so keep patience. Right now we get to know about these programs. If you are interested in reward then make sure to understand the rules of Google Play Security Reward Program first. This is all about Bug Bounty Program by Google. If we get any further information regarded this we will update you. Kindly comment below and let us know about this article or if you want to know anything about another topic.

Till then keep reading and get in touch with us for more updates.