Google wants to be the undisputed leader in technology and the company is not leaving anything to chance. Part of its bug bounty program, Google is ready to offer hackers a reward of $1000 if they can find glitches in Google’s website and Android applications. The move is an attempt to improve the security and quality of apps and services by Google.
Google has pitched its operating system as the most open platform which has sometimes run the company into trouble. The fact that Android is open also becomes its biggest weakness. The operating system has been prone to malware and malicious contents in the past. Even after many efforts to improve the security of Android, it has faced severe criticism of having the most malicious apps on the platform. So to make things safer and better, Google has partnered with HackerOne to launch a bug bounty program. Under this program, any hacker who unearths glitches in operating system or apps will get a $1000 reward. In March 2017, Google had to remove more than 100 apps from Google Play in attempt to make the platform safer and free from malicious content.
To win the reward, hackers would be required to submit their finding via HackerOne bounty platform. The finding will then be reviewed by the Google team. Once the bug is confirmed and a fix would be developed by the team. Only after would the hacker be given the $1000 reward. Currently only selected applications like Dropbox, Snapchat and Tinder are being scanned for bugs. If the hackers are able to find bugs and the bug bounty program is successful, other apps will be scanned and fixed similarly.
According to Google, the program is currently limited to devices and applications powered by Android 4.4 and above. Soon, the company would be giving clarity on the reward program. Interestingly, many experts have questioned the entire bug bounty program to be safe or not. The fixes can be downloaded by attackers and unauthorized transactions can be made and then claim rewards. Many believe that the finding submitted may get leaked and hacked itself. False people could claim rewards.