Google is offering security experts a bounty to identify Android app flaws as the Alphabet Inc unit seeks to wipe out bugs from its Google Play store.
Called the “Google Play Security Reward” program, the new program aims to get researchers to work directly with Android app developers to find vulnerabilities. If you help a developer squash a bug, Google will pay you $1,000.
Google will partner with HackerOne, a bug bounty program management website, to target a list of apps and flaws such as those that allow a hacker to redirect a user to a phishing website or infect a gadget with a virus.
Software scans cannot match a person’s ability to discover “a truly creative hack,” Vineet Buch, director of product management for Google Play Apps and Games, said in an interview.
It’s notable that Google Play Security Reward program does not include finding and reporting fake, adware or malware apps available on Google play store, so the program will not affect the increase in malicious apps on Google’s app platform.
Google’s bug bounty program for its Android mobile operating system, launched in June 2015, doled out $1.5 million for hundreds of vulnerability reports over its first two years.