Google has a Bug Bounty program where they reward individuals for reporting vulnerabilities found in various services. Recently, Google announced the discontinuation of reward payouts for reporting security vulnerabilities in apps on Google Play as part of the Google Play Security Reward Program (GPSRP).
The program for reporting app vulnerabilities on Google Play has been in place since October 2017, targeting app developers on Android, not Google’s own apps. It is a collaboration between Google and a select list of large app developers, with the latest revised conditions only applying to apps downloaded more than 100 million times. Google’s aim with this initiative is to ensure that Google Play is a store with secure apps for users.
Google explained the reason for ending the GPSRP to researchers and developers, citing a significant reduction in reported vulnerabilities due to the increased security of the Android operating system.
The GPSRP will continue to accept reports for these vulnerabilities until August 31 and will evaluate all reported vulnerabilities by September 15, with final summaries by September 30.
Source: Android Authority
TLDR: Google ends reward payouts for reporting app security vulnerabilities on Google Play as part of the GPSRP, attributing the decision to increased security of the Android operating system.
Leave a Comment