NewsGoogle Increases Top Android Bug Bounty to $200,000

Google Increases Top Android Bug Bounty to $200,000

Developer.com content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

In an attempt to entice more security researchers to find and report Android exploits, Google has raised its top bug bounty payouts to $200,000. Previously, the most a researcher could get for reporting an Android bug was $50,000.

To get that top payout, developers will have to demonstrate a remote exploit of vulnerabilities in Google’s TrustZone and Verified Boot technologies. And if researchers fund a bug in the Android kernel that they can exploit remotely, they’ll get up to $150,000 (increased from $30,000).

Over the past two years, no security researcher has successfully demonstrated exploits against TrustZone or Verified Boot. However, 31 people have received payments of $10,000 or more for participating in the Android Security Rewards Program.

View article

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends & analysis

Latest Posts

Related Stories