Samsung has finally introduced a bug bounty program. The Korean tech firm announced that it will pay rewards up to $200,000 to anyone who discovers vulnerabilities in its products. The Mobile Security Rewards Program covers 38 Samsung mobile devices which are still receiving monthly and quarterly security updates. The mobile devices eligible for the rewards include those in the Galaxy S, Galaxy Note, Galaxy A, Galaxy J, and the Galaxy Tab series. Samsung’s flagship devices, the S8, S8+, and Note 8 are included.
The company will also reward those who find vulnerabilities in Bixby, Samsung Pay, Samsung Account, Samsung Pass, and other services. The amount paid starts from $200 and will depend on the severity of the bug and the researcher’s “ability to provide proof of concept.” A pilot bug bounty program was introduced in January 2016.
However, the Microsoft’s $250,000 bounty for Windows 10 security bugs is still ahead of Samsung’s bounty. Facebook has paid security researchers for finding bugs, while Google also runs a program, and Apple launched an invite-only program with rewards of up to $200,000 as well. All these bounties have led to helping hackers make millions legally, while a single researcher has made $225,000 just by hacking browsers.