Google is taking Android security very seriously. Since the company launched the Android Security Rewards program last year, it has reportedly paid a hefty $550,000 to 82 people for discovering various bugs in Android.
It seems, however, as though Google wants to take things to the next level. The company will be offering between 33 percent and 50 percent more money than previously for reports of Android bugs filed after June 1, 2016. Researchers who show a proof of concept and a proposed patch will get 50 percent more, while others will get 33 percent more than previous payouts.
According to a blog post on the Google security blog, the top-paid researcher was paid a whopping $75,750 for 26 vulnerability reports, and 15 researchers were paid $10,000 or more.
“Together, we made a huge investment in security research that has made Android stronger. We’re just getting started and are looking forward to doing even more in the future,” said Google in its blog post.
Of course, Google isn’t only concerned with Android. If a developer or hacker finds a bug that isn’t part of the Android operating system, Google is still encouraging them to report it, as that will help improve the security of the wider mobile industry. Not only that, but Google also has rewards programs in place for Chrome, its web browser, and for other services that it operates. So far it has given away more than a million dollars in rewards.
Rewards programs are great not just for hackers, but also for consumers. These programs encourage hackers to report their findings instead of exploiting them for their own gain. For this reason, a number of large tech companies have implemented rewards programs of their own. Companies that have done so include the likes of Microsoft, Oculus, and PayPal.
Of course, Google isn’t the only one taking mobile security seriously — Apple just announced that it will be mandating the use of HTTPS encryption for apps in the App Store by January 1, 2017.