In 2022, most transactions happen over the internet, and people slowly begin to use software-related transactions. It can be a basic media share or cash share. Every detail is sensitive when it goes from one place to another. Since the usage becomes high so thus, the security flaws. Google always considers safety and security. But, It doesn’t mean they are 100% noticing all the spots. There may be an unnoticed gray area that may become vulnerable to leak user details. When an average person or security agency sees that and reports it to Google, it is valid; then Google will reward them with their bug bounty program. Google Paid Out Vulnerability Reward of $8.7 Million to 696 Contributors in 2021 alone.
Table of Contents
Google Vulnerability Reward Program
Last Year, Google announced the launch of its new Bug Hunters portal at bughunters.google.com, which brings together all of the company’s VRPs (Google, Android, Chrome, and Google Play) to streamline bug submissions. Additionally, it has dedicated information to help researchers develop their abilities.
$8.7 Million Reward paid in 2021 by Google under the Vulnerability Rewards Program
To improve platform and product protection, Google has vulnerabilities Reward Programs (VRPs) to protect Android Play Chrome and web service. Bug-bounty software can reveal as much about the organization’s willingness to cooperate with other security researchers to discover and correct security weaknesses within their products as they do about their vulnerability to attacks that could target their technology. Researcher payouts rise in 2021 by 2 million from 2021 up to $8.7 million. The amount consists of 696 participants in 62 countries.
The amount was an immediate 30% increase from $6.7 million in reward money Google paid bug-hunters in 2020. The increase may have had to do with increased payouts for certain types of bug discovery. However, a lot of it also was due to the comparatively high number of flaws researchers continue to find in Google’s leading technology.
Category Wise Reward
The most lucrative Reward paid last year was $157,000 due to a security flaw in Android. The Internet giant paid out around 3 million dollars in bounty payouts for researchers who discovered bugs on the Android platform but claims that the $1.5 million rewards it gives for the Titan-M security chip of Pixel security flaws aren’t claimed.
Google Chrome Reward
Chrome is a prime example. In 2021, researchers who took part in Google’s vulnerability reward program disclosed the existence of 333 distinct Chrome security vulnerabilities. These vulnerabilities are 10 percent more than 300 Chrome security bugs that Google reported in 2020. In all, Google gave $3.3 million to researchers worldwide who discovered and disclosed Chrome security vulnerabilities to Google in 2021. This was compared to $2.1 million worth of rewards in the year prior, which was 83% more than 2019.
The bulk ($3.1 million) part of Chrome payments went to security researchers who discovered security flaws in the Chrome browser. Google paid $250,000 to fix issues in Chrome OS, including a maximum reward of $45,000 for one privilege escalation issue.
Android Chip Security Reward
In the Android Chipset Security Reward Program (ACSRP), Google partners with other well-known Android chipsets makers. In this category, Google paid a total of $296,600 to more than 220 authentic and unique security reports.
You may wonder what the use of these programs is. Even big companies may ignore some things, and regular users may find the flaw. Google employs skilled persons to figure out general security issues, and they pay for them. When ordinary people find what they miss, They have to get some compensation. The Vulnerability Program is for that kind of task. Year by year, we are evolving a lot in technologies, So Thus the flaws. The details remind us of one thing.
Even though the company is trying its best, As per the user side, We have to take additional measures like Strong Passwords, Two-Factor authentication. The Reward amount is increasing every year. The reason is the currency rate decreased, and Google is rewarding more. The main reason is vulnerability is increasing. Please share your thoughts or experience below on saving ourselves from those vulnerabilities.
Selva Ganesh is the Chief Editor of this Blog. He is a Computer Science Engineer, An experienced Android Developer, Professional Blogger with 8+ years in the field. He completed courses about Google News Initiative. He runs Android Infotech which offers Problem Solving Articles around the globe.