What you need to know
- Launched in 2017, the Google Play Security Program will no longer be functional after August 31.
- However, researchers can still submit security reports, which will be addressed until September 30.
- Google cites a “decrease in actionable vulnerabilities reported” as the reason for its discontinuation.
After seven successful years, Google’s Play Security Reward Program is coming to an end. The company recently let developers know about the decision via email.
Per the email shared by Mishaal Rahman, writing for Android Authority, the Google Play Security Reward Program will end on August 31.
Google is winding down its Play Security Reward Program, which paid developers who found and disclosed vulnerabilities in popular Android apps.More details on this program and why it’s being shut down can be found 👇https://t.co/5UsW6qgknrTip @TechmemeAugust 19, 2024
For the uninitiated, Google kicked off the program in 2017 to encourage developers and security researchers to find vulnerabilities in Google’s websites, apps, Chrome and Chrome OS, and Pixel devices. Researchers who spotted and reported issues were rewarded with cash from Google Play.
Though it did boost Android and Google Play security, the latest email to researchers suggests that’s no longer the case. It goes on to explain, “As a result of the overall increase in the Android OS security posture and feature hardening efforts, we’ve seen fewer actionable vulnerabilities reported by the research community. Due to this decrease in the number of reported actionable vulnerabilities, we are winding down the GPSRP program.”
As mentioned, the program will end on August 31; however, reports submitted before that period will be triaged by September 15, and final reward decisions are expected to be made before September 30. After that, the program will be “officially discontinued,” the Android security team notes in the email.
The GPSRP was an extra step to gather vulnerability data and create automated checks. These checks would be applied to all Android apps on the Play Store to check for similar vulnerabilities and make the app store safer, even though Google already has its own set of measures to keep the Play Store safe for those many apps. Either way, it is about to end—for better or worse.
