Google has paid security researchers $1.1 million dollars since launching its Android bug bounty program in 2015. But now Google expanded its Android bug reward because “after the launch of bug bounty program no security researcher has claimed the top bounty reward.”
The Android team made changes in two bug bounty rewards, Rewards for a remote exploit chain increase from $50,000 to $200,000 and rewards for a remote kernel exploit increase from $30,000 to $150,000.
This table shows the reward amounts for typical rewards:
Google have received over 450 qualifying vulnerability reports from security researchers. And the average pay per researcher jumped by 52.3%. Google’s bug bounty program paid 115 individuals with an average of $2,150 per reward and $10,209 per researcher.
As last month Google announsed that Android is running on over 2 billion devices. The company’s security team is working around the clock protect users.
Not only Google but almost all big companies trust on bug bounty programs to secure their products. By increasing reward amount Google might want to attract more security researchers to find android bugs.
Happy hacking and best of luck!