Google has increased the reward money for detecting bugs in their software by nearly 300 percent, taking the usual reward for pointing out a weakness from the range of $500 – 5,000 to around $15,000.
Tim Wills of Chrome Security Team wrote about the reward enhancement in a blog post that Google understands that the cash reward amounts can be less than these alternatives, but the company offers the independent researchers with public acknowledgement of their skills and how awesome they are, a quick fix and an opportunity to openly blog/talk/present on their amazing work.
$15,000 is not the maximum reward either; some are paid higher if the discovery is all that important to Google. A recent bug submission is reported to have been paid as much as $30,000 by Google. For the records, Google has paid $1.5 million so far covering more than 700 submissions.
According to the reports, the reward money will potentially stop independent researchers from selling their findings in the black market.
A cash reward is not all to it either, more importantly the person’s name will be included in the Hall of Fame which is a public record of all submissions. It has also been notified that Google will back-pay all submission made since July 1 at the new rate.