Google is expanding the scope of its bug bounty program to include external apps

Google is expanding the scope of its bug bounty program to include external apps. Its Google Play Security Reward Program now rewards researchers for finding bugs across all apps in Google Play with 100 million or more installs. In parallel, Google launched the Developer Data Protection Reward Program in collaboration with HackerOne, aimed at surfacing data abuses in Android apps, OAuth projects, and Chrome extensions. This type of bug bounty program pays hackers to find flaws and report them back to Google and receive a payout, rather than using them maliciously or selling them to people who misuse them. Google has paid out over $15 million to researchers since launching its bug bounty program in 2010. These latest bounty program additions extend payouts to apps created by external companies, too. Venture Beat