INTERNET GIANT has beefed-up its Android bug bounty programme, increasing the financial rewards on offer to ethical hackers.
Last year, the company teamed up with HackerOne to introduce the 'Google Play Security Reward Program,' which the firm described as "the first and only bug bounty programme for an app ecosystem".
Although the programme has only been up and running for a few months, Google has decided to increase its bonus awards.
Now, hackers who identify remote-code execution flaws can get up to $5,000 in cash. Previously, this reward was capped at $1,000.
The internet giant has also implemented a new category for the $1,000 reward mark, covering vulnerabilities that could result in business and personal data theft.
Additionally, the company will reward people who track down "vulnerabilities that result in sensitive information being transferred unencrypted, or bugs that result in access to protected app components are now in scope".
The programme covers a string of popular apps, including Dropbox, Tinder, Fitbit, Headspace, Pandora, Line, Duolingo and Alibaba.
HackerOne, an independent bug bounty platform, has been working on the scheme with Google and says that more rewards will be added as more developers opt to take part in the programme.
"HackerOne's customers have already resolved over 60,000 valid security vulnerabilities with help from the world's largest hacker community," claimed the firm.
"With your help, we will resolve more vulnerabilities and make Android the safest computing platform in the world for its more than two billion active devices."
Google this week also spilled some more details about how the programme has been going so far, revealing that it paid out $2.7m in total in 2017.
The biggest reward of the year was a hefty $112,500, which handed to a bug bounty under after he uncovered a Pixel exploit that combined a remote code execution bug in the sandboxed Chrome render process with a subsequent sandbox escape through Android's libgralloc. µ
Alexa. Amazon News. Cyberspace
Investigation will 'take a close look at the culture of the company'
Cements all kinds of commitments from both sides
Firm warns that 'techical error' exposed names and email addresses