Affiliate links on Android Authority may earn us a commission.Learn more.
Google will pay cash bounties for security flaws in high-profile apps
July 16, 2025
Mobilesecurityis paramount and Google is stepping up to the plate to ensure your apps aresafe. Today, Google announced that it was launching a new bug bounty program named the “Google Play Security Reward Program”. It aims to encourage developers and white hat hackers to poke and prod apps from the Play Store forvulnerabilities.
Right now, the apps in the new program will be via invite only. The list is small, but distinguished. It includesAlibaba,Dropbox,Duolingo,Headspace,LINE,Snapchat, andTinder. In addition to those headlining apps, Google will also include all of itsGoogle-developed Android appscurrently available in thePlay Store. Once the program rolls out further, Google says the program will be opt-in instead of using an invite system.
Google is setting up this program to reward researchers, but it doesn’t want to get too heavily involved. In addition to being kept in the dark about the bugs, it’s tapping HackerOne to handle most of the organization for the program. HackerOne will be in charge of submitting reports and inviting white-hat hackers into the program as it expands. You might remember thatQualcomm recently teamed up with HackerOneon a similar project. If you’re interested in the program, you can read more about the program’s rules and criteria at the link below.
The Google Play Security Reward Program is part of Google’s wider effort to make its platforms as safe as possible. It currently runs rewards-based programs for Google-developed websites and apps for Chrome and Chrome OS and for the latest version of Android running onPixel devices. Those programs are responsible for the fixing of hundreds of vulnerabilities and paying out millions of dollars in bounties.
Thank you for being part of our community. Read ourComment Policybefore posting.
