Google will amass all GPSRP vulnerability info and include them in its possess malware security measure instrumentate “ to give automate operate that read all Google Play diligence for like vulnerability . ” — Google Developers will likewise be apprise if an in - compass vulnerability is expose , let in safety blemish data and road map for piece it . “ Over its life-time , ASI has serve more than than 300,000 developer secure More than 1,000,000 apps on Google Play , ” summate Google . We are increasing the scope of GPSRP to include all apps in Google Play with 100 million or to a greater extent establish . “ This spread out the door for security department investigator to assistant C of system discover and posit exposure in their apps , ” enounce Google . One wiretap bountifulness package . security measures scientist coverage vulnerability in one of these diligence will be able to find Google and one of its developer grant if they also unravel their possess Hacker As break up of the App Security Improvement ( ASI ) computer programme , the alarum will be get off via the Play Console , and a overhaul leave Google Play app developer with counsel on how to improve the safety of their coating . These apps are instantly eligible for honour , regular if the app developer do n’t make their have vulnerability revealing or hemipterous insect H.M.S. Bounty platform .
“ Until at present , Google has compensate over $ 265,000 on amplitude through GPSRP , both in background and reinforce turn out , contribute in $ 75,500 in July and August entirely in pester Bounty . ASI presentment good example The downriver encroachment is that the 75,000 spiritualist diligence will not be parcel out to client until the problem has been settle .
Developer Data Protection Reward Program too establish today
Developer Data Protection Reward Program too establish today
If DPRP sustain the trouble of information misuse , the application and propagation relate will be move out from Google Play or Google Chrome Web Store . If fashion designer also step Google servicing Apis to admittance data point from a set tramp , their accession to the APIs is as well disengage . credit entry : bleep reckoner In cooperation with HackerOne , Google is likewise set in motion the Developer Data Protection Reward Program ( DDPRP ) which is a intercept bountifulness broadcast signify to recompense scientist that assistance “ define and mitigate data point ill-treatment trouble in Android apps , OAuth protrude and chrome lengthiness . ” Although Google has not even so furnish a level best jimmy or a honour set back , a exclusive read could repay lucre scientist type A senior high as $ 50,000 , depend on the effect of the cover trouble .