Google Play attempts to make Android apps safer through rewards program

Google will pay $1,000 to those who find vulnerability in Android apps

Google Play has teamed up with HackerOne, an independent bug bounty platform, to create the Google Play Security Rewards System, with $1,000 up for grabs for flaws found in popular Android apps.

The program hopes to improve security research as well as app security which will benefit Android users, developers, and Google Play as a whole.

Apps such as Duolingo, Snapchat, Tinder, Dropbox, and Headspace are currently in the Google Play Security Reward program, with the hopes of more apps joining later on.

The system works by encouraging hackers to identify problems and vulnerabilities within different apps. However, the bugs have to follow certain criteria to qualify for the reward.

As of right now, the program is limited to remote-code-execution vulnerabilities and corresponding proof of concepts which run on devices with Android 4.4 or higher. This would include vulnerabilities that allow the downloading and execution of malicious code, the manipulation of a user interface to commit a transaction, and the opening of a webview leading to phishing attacks.

After a bug has been identified, the hacker works directly with the developer to fix the problem by reporting the issue to the firm through provided links. Once it is fixed, the hacker reports it to the Google Play Security Reward System, which will then consider it for the $1,000 reward, provided it followed the criteria.

"As the Android ecosystem evolves, we continue to invest in leading-edge ideas to strengthen security," said Vineet Buch, the director of product management at Google Play.

"Our goal is continue to make Android a safe computing platform by encouraging our app developers and hackers to work together to resolve unknown vulnerabilities, we are one step closer to that goal."

Featured Resources

Four cyber security essentials that your board of directors wants to know

The insights to help you deliver what they need

Download now

Data: A resource much too valuable to leave unprotected

Protect your data to protect your company

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

Recommended

How to unroot Android
Google Android

How to unroot Android

9 Sep 2020
Google Meet attendance reports are now available to more Workspace customers
video conferencing

Google Meet attendance reports are now available to more Workspace customers

25 Nov 2020
Google discloses actively-exploited Windows zero-day vulnerability
hacking

Google discloses actively-exploited Windows zero-day vulnerability

2 Nov 2020
Apple reportedly ramps up search engine development
iOS

Apple reportedly ramps up search engine development

29 Oct 2020

Most Popular

80% of cyber professionals say the Computer Misuse Act is working against them
Security

80% of cyber professionals say the Computer Misuse Act is working against them

20 Nov 2020
Cisco acquires container security startup Banzai Cloud
Security

Cisco acquires container security startup Banzai Cloud

18 Nov 2020
350,000 Spotify users hacked in credential stuffing attack
Security

350,000 Spotify users hacked in credential stuffing attack

24 Nov 2020