Google extends bounty Program for Security of the Google Play apps most downloaded

Google extends bounty Program for Security of the Google Play apps most-downloaded

The security of the applications that we download from the Apps Store in Google is something we always take for granted. However, events such as those experienced a few hours ago with CamScanner and your app highlight that there is still much work to be done.

an application To hostel malware inside and causes the withdrawal of the Google Play Store seems to have been the impetus for the company’s Mountain View decided to improve the system of protection offered. And in this case expanding the awards to those who find apps with some malicious code.

Now the apps 100 million downloads


And is that Google has announced that expands the coverage given to this type search for threats, well, now, the system of rewards for discovering an error or risk-gives coverage to all of the applications with 100 million downloads or more.

This system, called Rewards Program Security from Google Play (GPSRP) , existed from a long time ago and the number one goal was to encourage researchers to discover important vulnerabilities by means of rewards. Something like a search dead or alive now improved with the arrival of the new Rewards Program of Protection of Data for Developers (DDPRP).

in order To carry out its objectives, Google Play account with HackerOne and with the participation of some of the developers of most popular apps for Android. These have been broadened with the passage of time from an initial group quite reduced.

The difference is that the form of procedure changes, and if you previously could only access to a reward by means of the vulnerabilities sent to the own programs of the developers of applications, now developers can reveal problems with any application that has more than 100 million downloads directly Rewards Program Security on Google Play .

“we’re increasing the reach of GPSRP to include all applications in Google Play with 100 million or more installations. These applications are now eligible for rewards, even if the developers of the application do not have their own disclosure of vulnerability or reward program for errors”.

once set in developer’s knowledge, the company then works with the same to correct these errors. In addition, if an application developer has a public disclosure of vulnerabilities or a rewards program of errors, you can request the reward to this program is always that the developer has already confirmed that the vulnerability has been fixed in the last 90 days.

The application must have more than 100 million installations.

These programs are aimed at those “situations in which the user data is used improperly, or re-used unlawfully without the consent of the user. Seek to avoid, to the extent possible, in the Google Play continue to exist applications with Malware and that of given, these are discovered as soon as possible.

More information | Google Blog

we Also recommend

So is PhotoGuard, an Android app to protect your photos using encryption for military

QualPwn, so is the vulnerability of Snapdragon that is fixed with the security patch August

The risks of using apps obsolete, and how Android Q wants to solve the problem

The news Google extends bounty Program for Security of the Google Play apps most downloaded was originally published in Xataka Android by Jose Antonio Carmona .

Xataka Android

Google extends bounty Program for Security of the Google Play apps most downloaded
Source: english  
August 29, 2019

Next Random post