Uber is giving its “bug bounty” program two shots in the arm.
The ride-sharing company announced a new program that will pay hackers a whopping $10,000 for each critical problem they find with the app’s code. They will also give $5,000 to hackers who flag significant issues, and $3,000 for “medium” issues.
Many tech companies offer similar programs to hackers who help find cybersecurity vulnerabilities in their systems. But Uber’s new offer is particularly lucrative. ATT bounties range from $100 to $5,000 bug bounty, while Google pays from $100 to $20,000.
Uber also said it is creating a loyalty reward program for hackers to help Uber deal with “subtle bugs.”
Here’s how it works: Beginning on May 1, hackers will have a 90-day window to find four issues that Uber accepts as genuine.
Uber will then issue an additional payout if the hacker finds a fifth bug within those 90 days — a payment that’s equal to 10% of the average payouts for all other issues found during the time frame.1