Google has started a bug bounty program for Android where people can be awarded up to $40,000 if they find a bug in the company's mobile operating system.
Mobile devices such as smartphones and tablets have become one of the most common gadgets with which people connect to the Internet. However, most security measures are still used mainly in PCs or laptops, and many people tend not to bother about the security of their mobile devices that are vulnerable to cyber attacks.
Purchasing or selling stuff, receiving or sending emails, sharing files and more have become very common practices on mobile devices. There are many hackers looking out for confidential data that are also present in mobile devices.
Google's new Android Security Rewards program wants researchers to focus on mobile devices. People who find bugs and report them to the Android Security Team will be rewarded with cash and recognized by Google. The bounty will be based on the severity of the bug discovered. A researcher may also get a higher reward if the report submitted includes patches, reproduction codes and test cases.
The program currently covers bugs found in the Android operating system on Nexus 6 and Nexus 9 devices. Google also revealed that the device list may change in the future.
"Android Security Rewards covers bugs in code that runs on eligible devices and isn't already covered by other reward programs at Google," stated the Android Security Rewards webpage. "Eligible bugs include those in AOSP code, OEM code (libraries and drivers), the kernel, and the TrustZone OS and modules. Vulnerabilities in other non-Android code, such as the code that runs in chipset firmware, may be eligible if they impact the security of the Android OS."
Google believes that the entire Android ecosystem will see the benefit with the latest rewards programs. Google has full control over Nexus devices, which is the reason only select Nexus devices are listed in the program.
The latest rewards program will also motivate researchers to find a bug in the hope that they are monetarily rewarded.
The Android Security Rewards initiative was launched following a similar program that Google started in the past for its Chrome browser. Google is said to have paid more than $4 million in rewards since the launch of the program. This includes $1.5 million paid out in 2014.
Photo: Maria Elena | Flickr