Google paid $5.9 million in bug bounties in 2019

Google paid out more than 5.9 million euros in bug bounties in 2019. They went to security researchers who discovered vulnerabilities in software. The highest amount for one leak was 182,000 euros.

That writes the internet company in a blog post. The company also looks back on what happened in 2019 in the Vulnerability Reward Program. A total of 6.5 million dollars was distributed, converted slightly more than 5.9 million euros. That is more than the year before, when Google handed out 3.1 million euros. Most of the bug bounties went to leaks in Google products themselves. This involved 1.9 million euros. That makes sense, because most Google services fall under this group.

The company also awarded rewards to the bug bounty program for Android, Chrome and Play. This concerned 1.73 million, 900,000 and 726,000 euros respectively. The latter program allows researchers to search for bugs not only in Google Play services, but also in external apps. That has been possible since August last year. A total of 461 security researchers received a reward. The highest amount paid out in 2019 was $201,000 or 182,000 euros.

Since the start of the bug bounty program in 2010, Google has said it has paid out $21 million or $19 million. In November, the company increased the maximum amount for its Android program to 1.5 million euros. That reward goes to researchers who discover a persistent full-chain takeover of the Titan M chip on the Pixel phones. Such a leak is rare and has never been reported to Google.