Samsung Increases Security Rewards Bounty to $1 Million

by | Aug 7, 2024 | News

Samsung has published its first-ever annual report on its Mobile Security Rewards Program, which offers cash prizes to security researchers for finding security issues with its products and services. It shared insights into the program’s progress over the years and detailed the prizes it paid out in 2023. The company also announced that the maximum bounty for a bug has been increased from $200,000 to $1 million.

Samsung’s Security Rewards Program now offers up to $1 million bounty

Launched in 2017, Samsung’s Mobile Security Rewards Program is a bounty program aimed at addressing security issues in Galaxy devices, first-party apps, and other products and services it offers to billions of consumers globally. External researchers can report the flaws to the company and earn cash if their reports qualify for a reward. The reward amount depends on the severity of the issue and other factors.

Nearly seven years after its launch, Samsung is here with the first annual report on the program. The company has paid out nearly $5 million to security researchers during this time, with the highest single award of $120,000. In 2023, Samsung paid $827,925 to 113 security researchers worldwide. TASZK Security Labs took home the highest amount of $81,370, with one of its reports fetching a cash prize of $57,190.

The Barcelona, Spain-based security firm reported vulnerabilities that could potentially lead to remote attacks. Oversecured Inc. reported the most security issues (79) under the Security Rewards Program last year. The firm has been submitting bug reports to the company since 2021, helping secure its products from a wide range of vulnerabilities. It also filed the most reports in 2022 and received the highest total rewards that year.

Going forward, Samsung plans to launch a special bounty program for AI products. It has already started the Mobile AI Security rewards program as a pilot. The company aims to make its AI products more secure as it looks to establish a lead in this booming industry. It offers up to $1 million in cash prizes if researchers can find bugs that allow remote arbitrary code execution on highly privileged targets such as Knox Vault. Samsung has explained all the rewards on its security blog.

Share this Post

___________________________

New Blog Posts

___________________________

SmartThings Update Taken Down After Bricking Galaxy Phones

SmartThings Update Taken Down After Bricking Galaxy Phones

A recent update for Samsung's SmartThings Framework app bricked several Galaxy devices. The Galaxy S10 and Note 10 series were the worst affected, though the update also put a few other models in endless bootloops. The company has now acknowledged the issue and pulled...

Galaxy Ring is Available for Free with FSA or HSA Accounts

Galaxy Ring is Available for Free with FSA or HSA Accounts

If you have an eligible FSA or HSA account, you can snag Samsung's $399 Galaxy Ring at no cost. The company has announced that its first smart ring qualifies for reimbursement through Flexible Spending Accounts (FSA) and Health Savings Accounts (HSA). However, it's...

One UI 7 Animations Could be a Game-Changer for Galaxy Experience

One UI 7 Animations Could be a Game-Changer for Galaxy Experience

One UI 7 has been long rumored to bring massive changes to Samsung's custom Android skin. We went hands-on with the upcoming update at SDC 2024 a few hours ago and it sure looks like a major overhaul. The company has tweaked a lot of things to enable a smoother, fluid...