Due to data abuse scandals and the numerous cases of malicious applications detected in the Play Store, today Google has expanded its error protection program to strengthen the security of Android applications and Chrome extensions distributed through its platform.
The Google Vulnerability Rewards program extension mainly includes two major ads.
First of all, the new program called the “DDPRP (Developer Reward Program”), in which Google will reward researchers and hackers who find “verifiable and unequivocal evidence” of the problem of data abuse in Android applications, OAuth projects, and the Chrome Extension.
“Secondly, expanding the scope of his Google Play Security Rewards Program (GPSRP) to include all Android applications from the Google Play Store with over 100 million installations or more, helping application developers interested in fixing the vulnerability through responsible disclosure.”
Get rewards for finding Android and Chrome apps that violate data
The Data Mistake Program aims to avoid scandals, such as Cambridge Analytica, that fined Facebook $ 5 billion for failing to identify situations where user data is unexpectedly used or sold or illegally repatriated without user consent.
“If misuse of data associated with the Chrome application or extension is detected, this application or extension will be removed from the Google Play or Google Chrome Web Store,” a Google statement said today.
“If the application developer misuses access to private areas of Gmail, his access to the API will be removed.”
Google has not yet announced any DDPRP reward tables but has guaranteed that one report can accumulate up to $ 50,000 depending on the impact.
Bug Bounty in all Android apps, over 100 million downloads
On the other hand, GPSRP, which was originally launched in 2017, has so far been limited to reporting only vulnerabilities in popular Android apps on the Google Play Store.
With the latest announcement, Google will now work with developers of hundreds of thousands of Android applications, each of which has been downloaded at least 100 million times, helping them to receive vulnerability reports and instructions on how to fix them on game consoles.
“These applications are now eligible for rewards, although application developers do not have their vulnerability detection or bug-finding programs,” Google said.
“If developers already have their programs, researchers can collect rewards directly from them in addition to Google prizes.”
As part of the Google ASI (App Security Improvement) program, this existing initiative has already helped more than 300,000 developers repair more than 1,000,000 applications on the Google Play Store.
It is hoped that both of these measures will allow Google to prevent the use of malicious applications for the Android and Chrome extensions by the data of its users and to increase the security of applications distributed through the Play Store.