Google Offers $1,000 Bounty to Hackers to Hack and Fix Play Store Apps

Google is offering a $1,000 (£760) bounty to security researchers if they can successfully hack apps on the Google Play Store and help fix the problems.

Bug bounty programmes are a common way for firms to reward hackers who discover vulnerabilities in their software and reveal them to developers so that they can be fixed rather than exploited.

The concentration on app security comes as Google launches its new smartphones that are called Pixel 2 and Pixel 2 XL, which run on Android.

Google has been reprimanded for what has been regarded as the poor security restriction of its Play Store.

Research by Check Point, a security company, suggested that the automated system of Google failed to discover 50 malware apps which were downloaded by about 4.2 million times before being removed.

Malware does not only affect the Google Play Store, but because of how open the Android operating system is compared to that of Apple’s iOS – which is controlled tightly by its producers in Cupertino, California – it has been discovered more often by researchers.

According to Symantec, Apple’s tight examination of apps on its App store, as well as the much larger market share of Android, may be to blame.

Malware apps would not be revealed by the Play Store bug bounty programme, however, which will concentrate on keeping the most popular apps which opt into it to be secure.

Based in Mountain View, California, Google has forged a partnership with HackerOne, the popular bug bounty platform, to reward those who discover, disclose, and help fix the most severe security flaws.

So far, only eight developers have opted into the programme, including Snapchat, Dropbox, and Tinder.

Google also offers reward programmes for hackers who discover vulnerabilities in its Chrome web browser, which currently grants security researchers $100,000 (£75,900) as its top reward.