Google expands bug bounty program to include the most popular apps on the Play Store

Google will pay researchers up to $20,000 for finding bugs in the top Play Store apps.


Google has now expanded its bug bounty program to include the most popular apps on the Play Store. These are apps with 100+ mn installs to their name. Bounties of up to $20,000 can be claimed.

Google had initially launched the Google Play Security Rewards Program (GPSRP) as a way for hackers and security researchers to report vulnerabilities in eight top apps on the Play Store. The expanded scope now makes the program more useful for hunting out security vulnerabilities in apps.

As per the rules, researchers must first disclose the vulnerabilities to the app developer. They can then report it to Google, which will then evaluate and offer the additional bounty as it sees fit.

In partnership with HackerOne, a bug bounty platform started by hackers and security researchers, Google is also offering a Developer Data Protection Reward Program, reports Engadget.

The program will provide security researchers with an incentive (worth up to $50,000) for hunting down “data abuse issues” in Android apps, Chrome extensions, etc.

Google expands bug bounty program to include the most popular apps on the Play Store

Google will pay researchers up to $20,000 for finding bugs in the top Play Store apps.