Android Enterprise bug bounty program pays out up to $250,000

Google has created a bug bounty program for Android Enterprise. Users who have signed up for this initiative and find bugs on the company platform can receive a reward of up to $250,000 for doing so.

The Android Enterprise Vulnerability Program lets users search for vulnerabilities in Pixel phones running Android Enterprise. If a full exploit is found, Google promises to give a maximum of a quarter of a million dollars for it, converted about 215,000 euros. This is in line with the rewards Google offers for its other bug bounty programs. The amount of the reward depends, among other things, on the seriousness of the bug found and the completeness of the bug report.

Google says it created this program as part of its initiative to make the Android Enterprise environment more secure. As part of this, Google Android Enterprise also says it will provide more security options, using the zero-trust model.

Google reports that it will switch from the WebView protocol to Custom Tabs for authentication in the future. According to Google, the latter can be used to collect trust signals, and employees would be better digitally protected. It also offers access to single sign-ons for various apps and websites, according to the company.

Finally, Google reports that it will also make the work profile on Android phones available to unmanaged users, so that even people who are not covered by an employer can keep their work and private apps separate. The company says Google Workspace users will be able to take advantage of it next year.