As per the latest report, Google is trying to extend the bug bounty program for the play store. To secure all the apps in the Play Store, GPSRP or Google Play Security Reward Program was launched 2 years back. But now it is getting an extension and it will include all the applications having downloads of more than 100 million. Despite the presence of their own bug bounty and vulnerability reward programs, Google has included them.
According to the Security and Privacy Officials for Google Android, this program will help the app developers know about the vulnerabilities. This way, the security researchers can assist thousands of businesses in recognizing the possible threats in their applications and fix them. In addition to the Google rewards, the examiners can gather rewards from the developers’ programs, if they have any.
Why Should App Developers Come Up with Better Programs for Benefits?
Moreover, as per the officials, all the app developers should come up with their own bug bounty programs and team up with the security researchers. An Idea of GPSRP: From its inception in 2017, GPSRP was offering about $5,000 dollars bounties for the bugs of remote code execution and 1000 dollars for other bugs that are responsible for thievery of private data. But last July, Google has increased these payouts after noticing that GPSRP doesn’t provide the perfect traction.
$5,000 dollars was increased to $20,000 dollars for the remote code execution bugs and for other bugs, the amount was increased to $3,000 dollars. However, just the subset of the applications was in the program. But now, as Google has included all the applications that have 100 million or more downloads, the researchers will be more interested in its bug bounty program. Bug Bounty programs have always been a point of great interest for all programmers and app developers.
