As Google and large application developers always take care about security of their users and try to provide a secure, safe and most comfortable users experience. Google Play Security Reward Program is running by Google to make applications that are listed on play store more secure and safe. And through the security reward program google trying to make all applications free to all vocabularies, malicious software, hacking and pushing etc.
For running security reward program Google has the partnership with HackerOne which is a website that manages bounty programs. HackerOne with creating a list of all application and flaws such as those that allow a hacker to redirect a user to a phishing website or infect a gadget with a virus. In the list all applications those are developed by many developers will be included and in the list, the applications those are developed by Google will also include.
The launch partners for this bug bounty are Alibaba, Dropbox, Duolingo, Headspace, Line, Mail.ru, Snapchat, and Tinder, with more to come in the future if the program proves to be successful .
All the applications developers participating in into the program must have their own coordinated disclosure program in place, Security researcher will be rewarded by Google Play Security Reward Program only after the vulnerability is made public by the participating company. Once the vulnerability is publicized, the discoverer will have 90 days to apply for the additional reward from Google. As the bug bounty is there purely to provide an additional bonus payment over and above what is offered by each participating company, the bug bounty currently only has one payment tier; $1,000 for remote code execution.
In the official page of Google Play Security Reward Program Google published that ," The Google Play Security Reward Program recognizes the contributions of security researchers who invest their time and effort in helping us make apps on Google Play more secure. All Google’s apps are included and developers of popular Android apps are invited to opt-in to the program. Interested developers who aren’t currently in the program should discuss it with their Google Play partner manager. Through the program, we will further improve app security which will benefit developers, Android users, and the entire Google Play ecosystem. " .