Google paid out $6.5 million in bug-bounty rewards in 2019, which doubles the internet behemoth’s previous annual top total. It has also highlighted additional bonuses that are now in effect for Chrome and Android.
Last year saw some notable changes for Google’s Vulnerability Reward Programs (VRPs), including the launch of the Developer Data Protection Reward Program aimed at uncovering data-abuse issues in Android apps, OAuth projects and Chrome extensions. Requested quarry includes apps that violate Google Play, Google API and Google Chrome Web Store Extension privacy policies. Depending on the impact of the bug found, researchers could net as much as $50,000 for a single report.