Google is all set to expand the scope of its security rewards program. The company has now added Android operating system into it. The security reward program was meant to reward researchers/developers for finding and fixing bugs in Google's products and services. As per announcements, Android OS will now be covered under the program.
Google made the official announcement via company's blog. It reads:
"We're expanding our program to include researchers that will find, fix, and prevent vulnerabilities on Android, specifically.”
Google's reward program is an initiative to ensure improved security and overall usability of Google's services. Inclusion of android OS in the list was being anticipated for so long as the subscriber base for Android smartphones skyrocketed in recent times.
Google beings the program with its popular Nexus devices. Google said:
"For vulnerabilities affecting Nexus phones and tablets available for sale on Google Play (currently Nexus 6 and Nexus 9), we will pay for each step required to fix a security bug, including patches and tests.”
As per the blog, Google will classify the android bugs and vulnerabilities into three categories namely Critical, High, and Moderate. The rewards will be decided according to the gravity of that vulnerability.
The final decision to consider a vulnerability eligible for the reward will be taken by Google. The cash rewards range from $2,000 (roughly Rs. 1.28 lakhs) for critical bugs to $1,000 (roughly Rs. 64,000) and $500 (roughly Rs. 32,000) for high and moderate bugs.
June 17th, 2015 at 5:39 pm
Google will give both money and public recognition to security specialists who find
and reveal vulnerabilities to the Android Security Team.
June 17th, 2015 at 5:45 pm
These programs can be productive for both security researchers and the organizations who offer the bounties
June 18th, 2015 at 11:46 am
Android will keep on participate in Google’s Patch Rewards Program which pays for commitments that enhance the security of Android..