Google Play attempts to make Android apps safer through rewards program

Google will pay $1,000 to those who find vulnerability in Android apps

Google Play has teamed up with HackerOne, an independent bug bounty platform, to create the Google Play Security Rewards System, with $1,000 up for grabs for flaws found in popular Android apps.

The program hopes to improve security research as well as app security which will benefit Android users, developers, and Google Play as a whole.

Apps such as Duolingo, Snapchat, Tinder, Dropbox, and Headspace are currently in the Google Play Security Reward program, with the hopes of more apps joining later on.

The system works by encouraging hackers to identify problems and vulnerabilities within different apps. However, the bugs have to follow certain criteria to qualify for the reward.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

As of right now, the program is limited to remote-code-execution vulnerabilities and corresponding proof of concepts which run on devices with Android 4.4 or higher. This would include vulnerabilities that allow the downloading and execution of malicious code, the manipulation of a user interface to commit a transaction, and the opening of a webview leading to phishing attacks.

After a bug has been identified, the hacker works directly with the developer to fix the problem by reporting the issue to the firm through provided links. Once it is fixed, the hacker reports it to the Google Play Security Reward System, which will then consider it for the $1,000 reward, provided it followed the criteria.

"As the Android ecosystem evolves, we continue to invest in leading-edge ideas to strengthen security," said Vineet Buch, the director of product management at Google Play.

"Our goal is continue to make Android a safe computing platform by encouraging our app developers and hackers to work together to resolve unknown vulnerabilities, we are one step closer to that goal."

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now
Advertisement

Recommended

Visit/cloud/cloud-computing/354479/google-adds-partners-to-real-time-translation-tools
cloud computing

Google adds partners to real-time translation tools

8 Jan 2020
Visit/mobile/23617/the-best-smartphones-to-buy
Mobile

Best smartphone 2019: Apple, Samsung and OnePlus duke it out

24 Dec 2019
Visit/hardware/354336/the-it-pro-products-of-the-year-2019-all-the-years-best-hardware
Hardware

The IT Pro Products of the Year 2019: All the year’s best hardware

24 Dec 2019
Visit/marketing-comms/search-engine-optimization-seo/354339/google-is-getting-worse-as-it-does-more
search engine optimization (SEO)

Google is getting worse as it does more

21 Dec 2019

Most Popular

Visit/microsoft-windows/32066/what-to-do-if-youre-still-running-windows-7
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
Visit/policy-legislation/data-governance/354496/brexit-security-talks-under-threat-after-uk-accused-of
data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
Visit/operating-systems/25802/17-windows-10-problems-and-how-to-fix-them
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
Visit/hardware/laptops/354533/dell-xps-13-new-9300-hands-on-review-chasing-perfection
Laptops

Dell XPS 13 (New 9300) hands-on review: Chasing perfection

14 Jan 2020