Skip to main content

Google paying big for bug fixes in the new Android Security Rewards program

exploit
Image used with permission by copyright holder
For some time now Google has offered cash rewards to researchers and developers who find and fix software vulnerabilities in its various websites and apps. Now that program is expanding even further, offering rewards for fixing issues in the Android operating system.

The new program is called Android Security Rewards, and was announced today at the Black Hat’s Mobile Security Summit in London. Generally, the program aims to address serious security-related issues, rewarding those who uncover vulnerabilities of critical, high, and moderate severity, though Google notes that it will reward certain patches for low-severity vulnerabilities on a case-by-case basis.

As the Android Security Rewards program only concerns the Android Open Source Project (AOSP), the program only covers vulnerabilities found “in the latest available Android versions for Nexus phones and tablets currently available for sale in the Google Store.” Right now this means only the Nexus 6 and Nexus 9 count. Google has indicated that no other products like the Nexus Player, Android Wear, or Project Tango are included in the program.

That’s a fairly small list, but those who find and fix vulnerabilities for either device do stand to make a fairly tidy sum for their time. The rewards start at $500 for simply finding and reporting a moderate-severity vulnerability. Finding and fixing a bug of critical severity, on the other hand, could get you $8,000, assuming the fix is accepted. Rewards for uncovering certain exploits can gain those who find them up to an extra $30,000.

Since Google began offering rewards for bug fixes in 2010 the company has paid out more than $4 million. Last year alone the company paid out $1.4 million to over 200 researchers. Considering Android’s popularity among developers, this number will likely grow significantly with the introduction of the Android Security Rewards program.

If you’re a developer or security expert, or are simply interested in learning more about the program, head over to Google’s Android Security Rewards page for more information.

Editors' Recommendations

Kris Wouk
Former Digital Trends Contributor
Kris Wouk is a tech writer, gadget reviewer, blogger, and whatever it's called when someone makes videos for the web. In his…
PayPal’s new Rewards feature adds Honey shopping discounts
PayPal

PayPal acquired rewards platform Honey several years ago and this week it announced it's folding Honey's features and services into its own platform as part of the new "PayPal Rewards" offering.

Honey is a popular browser extension that trawls the web in search of deals, coupons, and promotional codes. It means that from this week, all earned points, gift cards, and PayPal shopping credits acquired in Honey will now be viewable in a new Rewards section in the main PayPal app, making it easier for users to manage their related finances while also taking advantage of new ways to earn points.

Read more
Google is paying a historic $85 million fine after illegally tracking Android phones
Google Logo

Google will be paying Arizona $85 million in a settlement over a 2020 lawsuit that claimed the company was illegally tracking Android users for targeted advertising.

According to a report from Bloomberg, Attorney General Mark Brnovich filed a lawsuit in May 2020 claiming that Google violated the state's Consumer Fraud Act by gathering location data from Android users, even after people turned off their location settings. At the time, Google's own employees were confused about its privacy controls, admitting that it could use some fine-tuning so that when users deny the company permission to track their data, it has to respect their decision.

Read more
Android 13: Everything we know about Google’s big OS update
Android 13 logo on a Android logo background.

Google's Android 13 is finally here after months of testing. It's a pretty small update that sees Google building on what it started with Android 12 and 12L. Material You gets more colorful with additional customization features, and Google plans on expanding icon theming beyond the small selection of Google apps currently supported. The company also highlights privacy and security features in Android 13, and there's a lot of building upon Android's bigger-screen ambitions in foldables and tablets.

Finally, people with Chromebooks will see some Apple-like cross-device functionality that allows you to stream messaging apps to the big screen. This comes in addition to other Chrome OS features like a shared clipboard and the flexible Phone Hub.

Read more