Samsung launches a bug bounty program for its smartphone software
Samsung has today launched its Mobile Security Rewards Program, an initiative designed to compensate users for reporting weaknesses in its firmware—and much to our surprise, it isn’t only available for owners of its latest smartphones; some of the devices on the list date back to 2015.
In order to be eligible for a cash prize, you’ll need to identify an exploit in the latest version of the company’s firmware that can be used to compromise the security of a handset without the need for a physical connection—a USB cable, for example—or third-party computer software.
As outlined in the conditions printed on the firm’s Mobile Security blog, the amount of compensation you’ll receive will depend on the level of security risk assigned to your report by its experts; if happen you uncover a severe exploit, though it’s unlikely, your payout could be as much as $200,000.
The only caveat? You can’t discuss the vulnerability in public until Samsung gives you the green light, and that could take anywhere from two-days to two-months; however, that’s a standard requirement of most bounty programs offered by leading manufacturers, including Apple and Microsoft.