OnePlus, the smartphone manufacturer, had publicly announced the second data breach in two years back in November 2019. Since then, the company has promised to launch a new bug bounty program by the end of the year 2019. The move was made to bump up security measures and prevent future breaches. Now, the company has finally announced that its bug bounty program is live.
For users that find any bug or vulnerabilities in the systems, they can submit it on OnePlus’s official website that features a new bug report section. Users must login first and apparently, the company will be creating and updating a leaderboard of top contributors. The company will even feature the top three contributors on the bug bounty’s main page as well.
In the about section of the bug bounty program, OnePlus promises to reward users that submit reports according to certain tiers.
-
- Special cases: up to $7,000 (roughly 49,000 CNY)
- Critical: $750–$1,500 (5,258-10,517 CNY)
- High: $250–$750 (1,752-5,258 CNY)
- Medium: $100–$250 (701-1752 CNY)
- Low: $50–$100 (350-701 CNY)
Editor’s Pick: OnePlus 7 and OnePlus 7 Pro’ latest update brings back “Hide Notch” feature
The exact definition of the tiers are still uncertain, however, OnePlus states that the reward you may receive is, “determined based on vulnerabilities severity and actual business impact.” The company had previously announced that it would partner up with a world renowned security platform in December 2019. That is now confirmed to be the startup HackerOne.
The collaboration with HackerOne is starting as a pilot program which would see numerous select security researchers being invited to test against OnePlus’ systems. The company also mentioned that a public version of the same will be launched in 2020.
UP NEXT: Richard Yu: Huawei shipments to reach 230 million by the end of 2019