Google has updated the terms of the Android Security Rewards program, which provides for the payment of rewards
How much and what to pay
So, Google has increased the amount of payments for previously undetected software errors. This applies to smartphones Pixel 4, Pixel 3a, Pixel 3a XL, Pixel 3 and Pixel 3 XL.
The biggest reward is $ 1 million. This money will be paid to someone who finds a vulnerability in hardware protection based on the Google Titan M chip. This amount can be increased to $ 1.5 million if the vulnerability is discovered in the preliminary assembly of Android software before its release.
For detecting attacks that could lead todata theft, offer $ 500 thousand. For vulnerabilities in Secure Element, Trusted Execution Environment and the kernel - $ 250 thousand. For bypassing the screen lock system and weaknesses in the "privileged processes" you can get $ 100 thousand.
By the way, over the past 12 months, the company paid about $ 1.5 million for the vulnerabilities found. The maximum payout in one hand was $ 201,337. The average payout was $ 3,800.</ p>