In a blog post, Google gave the announcement that they are expanding their Android Security Rewards (ASR) program. The company is offering USD $1 million to the person who can successfully hack the Titan M security chip on its Pixel 3 or 4. In addition, there is a 50% bonus if a security researcher is able to find a flaw in developer preview versions of Android. In other words, the prize is now valued at USD $1.5 million. Google will only grant the reward if researchers are able to demonstrate an exploit that allows persistent access to Pixel phones.
Titan M was introduced in 2018 with Pixel 3. The chip secures a user’s sensitive data and operating system. In fact, Titan M protects your Android phone in many different ways. Google says the chip provides:
- Security in the Bootloader.
- Lock Screen Protection.
- On-Device Disk Encryption.
- Secure Transactions in Third-Party Apps.
- Insider Attack Resistance.
Google has added new categories to the Android Security Rewards program. Other than the $1,000,000 the company is also offering rewards of up to $500,000. If security researchers can bypass the lock screen, they may be eligible for $100,000. Attacks that can steal data from pixel phones will get rewards up to $500,000 from Google. Visit the Rewards Program Rules page for further details.
How Much Has Google Paid to Previous Researchers to Hack its Phones?
The Android Security Rewards program started in 2015. The aim of the program was to reward researchers who find and report security issues to help keep the Android operating safely. In the past 4 years, the program has paid out $4 million and awarded over 1,800 reports.
Google says it has paid $1.5 million to researchers in the past 12 months. In 2019, the company gave out $15,000 on average per researcher. Moreover, this year the biggest reward given out was $161,337. Guang Gong’s report detailed the first reported “1-click remote code execution exploit chain” on the Pixel 3 device. So, he was awarded $161,337 from the Android Security Rewards program and $40,000 by the Chrome Rewards program for a total of $201,337.
You May Like Bluetooth Devices Vulnerable to Hacking
To conclude, I think this is a great initiative by Google to further secure its Pixel phones. Usually, immoral hackers target big companies and hack their products. If they find any flaws, they then steal the company’s private information and sell it. Google’s offer gives the hackers the motivation to not sell the data to other companies, but report it back to Google and get a reward for it.
What are your thoughts on the reward? Is it too much or too little? Let us know your thoughts in the comments below! Continue to check out Maticstoday for the latest news items, product reviews, security practices, and video game discussions.
Javeria Qureshi is a Content Writer and Web Developer at Codematics Inc. In her free time, you can find her watching Patriot Act with Hasan Minhaj, reading books or drinking chai. Search for her articles under the hashtag #JQArticle on Twitter or LinkedIn.