Google announced that it has expanded its vulnerability rewards program to now include Android as well.
The Android Security Rewards program, is a complement to the existing Google bug bounties for the company’s Chrome browser and other Google products.
Currently, only the Nexus 6 and Nexus 9 are eligible for rewards making them first line of smartphones to offer bug bounty.
[quote type=”border_left”]We designed the program to make sure that the entire Android ecosystem will benefit from this vulnerability research, said Android security engineer Jon Larimer. In addition to paying rewards for vulnerabilities, this program offers even larger rewards for security researchers that invest in tests and patches that will make the entire ecosystem stronger.[/quote]
Rewards range from $500 for “critical” exploits” and can can go up to $8,000 for researchers who report a critical bug, provide a test case and submit a patch.
On top of that Google will offer a $30,000 reward to researchers who can find compromises in the kernel, TrustZone, or the Verified Boot process.
Check out Google’s blog for more details.
