Google hiring researchers to find Android apps and Chrome extensions misusing user data

Data misuse is when a business collects user data following some corporate policy and then later, use that data in an inappropriate manner, resulting in a legal violation. Google announced a bounty program almost a month ago with the aim of hiring security researchers to report cases of data abuse by third-party apps and extensions that have access to the Google API.

**Some key points of the program : **

1. Developer Data Protection Reward Program (DDPRP) aims to identify who is using or selling user data in an illegitimate way without user consent.

2. Security researchers can file valid data abuse reports via the DDPRP page on HackerOne and will be eligible for rewards up to $50,000.

3. This bounty is similar to the one that Facebook launched earlier and is done in the wake of data abuse scandals and several instances of malware app being discovered on the Play Store. Also, Google sits on a huge mountain of users' most personal details.

4. Google also expanded its Google Play Security Rewards Program (GPSRP) to include all Android apps on the play store that has more than 100 million installs. This was done with the objective that the developers can fix vulnerabilities in the app through responsible disclosures.

5. They also quote “If data abuse is identified related to an app or Chrome extension, that app or extension will accordingly be removed from Google Play or Google Chrome Web Store. In the case of an app developer abusing access to Gmail restricted scopes, their API access will be removed.”

Google is known for its robust account security. But not all developers build their apps with security practices in mind, thus, exposing user data to rogue parties, unintentionally. These bounty programs will go a long way towards addressing these concerns.

In Binaryfolks, we take user data security as well as application security as a top priority and it’s inbuilt in all the chrome extensions and mobile apps we developed. Binaryfolks is a custom software development company with 8+ years of experience in developing chrome extensions, enterprise applications, and mobile apps.