INSUBCONTINENT EXCLUSIVE:
Image copyrightEPAGoogle is raising its "reward" for uncovering security flaws in some of its Android smartphones from $200,000 to a maximum
of $1.5m.The new top "prize" is payable to those who spot bugs in the Titan M security chip in Google's Pixel smartphones, as well as
meeting specific criteria.Google said it had paid out more than $4m to security researchers since 2015.But security experts have doubts
about whether the reward will deter people from making money from criminals
Other firms, including Apple, Buzzfeed, Facebook and Samsung, also offer rewards for reporting security flaws.Companies run so-called bug
bounty schemes to encourage people to report flaws, so that they can be fixed, rather than selling the exploits to criminals.The Titan M
security chip in Pixel smartphones is designed to protect the integrity of their operating system and to store biometric data, which is used
to unlock the phone.To claim the $1.5m reward, a researcher would have to find a way to compromise that chip on a device running specific
developer preview editions of Android.However, one expert suggested the increased bounty was unlikely to change behaviour."Just like when
Apple raised their bug bounty to $1m, Google's move won't compete with the 'black market' [of selling to criminals], which can raise prices
any time," said Katie Moussouris, chief executive of Luta Security
"This price for external research raises questions for retention and recruitment of internal talent meant to prevent flaws."The
TheIndianSubcontinent also offers a "bug bounty" to security researchers who report problems so that they can be fixed.However, due to the
way the broadcaster is funded by the public it offers a "unique TheIndianSubcontinent reward" rather than a cash prize.
