If you manage to find a security flaw in any of PayPal’s products, you may be entitled to a cash reward. And now, that reward is bigger than ever. The alternative payment processor has followed in the footsteps of companies like Mozilla and Google, both of which offer similar “bounty” programs and have also recently increased the money they pay to honest hackers.
“It’s clearly an effective way to increase researchers attention on Internet-based services and therefore find more potential issues,” wrote PayPal chief information security officer Michael Barrett in a blog post. PayPal, however, does not publicly announce minimum or maximum bounty payments. Gooel, though offers up to $20,000 for anyone who finds a highly critical bug, and Mozilla pays a generous $3,000 for every bug that it deems important.
It is surely no coincidence that the increased bug bounty payoff comes as PayPal has wildly expanded its product and service offerings. In just the first half of this year, PayPal has added the ability to pay for purchases in store, it launched a mobile credit card reader, and it added functionality for near field communication (NFC) contactless mobile money transferring.