Hackers, it's your time to shine.
Google, in collaboration with bug bounty platform HackerOne, has launched the Google Play Security Reward Program, which promises $1,000 to anyone who can identify security vulnerabilities in participating Google Play apps.
Thirteen apps are currently participating, including Tinder, Duolingo, Dropbox, Snapchat, and Headspace.
Apps usually run their own bounty programs on a smaller scale. This is the first time that Google itself has offered a reward on behalf of developers.
Here's how it works. If you find a security vulnerability in one of the participating apps, you can report that vulnerability to the developer, and work with them to fix it. When the problem has been resolved, the Android Security team will pay you $1,000 as a reward, on top of any reward you get from the app developer.
Google will be collecting data on the vulnerabilities and sharing it (anonymized) with other developers who may be exposed to the same problems.
For HackerOne, it's about attracting more and better participants in bounty programs. A developer who uncovers a vulnerability in Tinder will now receive a the cash bonus from Google in addition to the money they receive from Tinder's program.
"Participating apps that already have a bug bounty program will now have the opportunity to attract an even more diverse set of hackers," Adam Bacchus, HackerOne's chief bounty officer, told Mashable.
The 13 apps currently participating were selected based on their popularity among Android users. After a trial period with the small group, Google will open the program to the larger community.