Google is upping its security game with the launch of a new Developer Data Protection Reward Program (DDPRP) and the significant expansion of the Google Play Security Reward Program (GPSRP).
According to the company, GPSRP will now include all Google Play apps with 100 million or more installs. The significant change is that all of these apps will be eligible for bug-bounty payment, even if the app publisher doesn't run its own bug-bounty program. For those apps from publishers that do have existing bug-bounty programs, the GDSRP will now pay bounties in addition to those paid by the publisher.
The new DDPRP is being done in collaboration with HackerOne. The program is aimed at data-abuse issues in Android apps, OAuth projects, and Chrome extensions. The program, Google said in an announcement, is intended to reward any researcher providing "verifiably and unambiguous evidence of data abuse."
Google noted that it is particularly interested in situations where user data is being sold unexpectedly or repurposed in an illegitimate manner without user consent.
Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio
More Insights
Support the originator by clicking the read the rest link below.
