Google has always offered cash to those who report vulnerabilities and bugs that could result in an exploitation of a Google product, but as the reports began to trickle in, the search engine giant decided to up the ante.
In general, the amount for reporting a bug has more than doubled from the previous $3,1333.70 to $7,500 when reporting a bug from Google Accounts. For Google Wallet and Gmail the reward has actually tripled, making a bug report worth $5,000. Significant authentication bypasses and information leaks was also bumped up to $7,500.
“Our vulnerability reward programs have been very successful in helping us fix more bugs and better protect our users while also strengthening our relationships with security researchers,” said the Online Security Blog Google runs.
This program has led to the identification of 1,500 vulnerabilities across all of Google’s services, resulting in over $800,000 in payout by Google to around 250 people. Most, but not all, of these vulnerabilities were found my security research teams.