Google has expanded its Android Security Rewards Program by adding a new category where it plans to offer up to a $250,000 reward for a full exploit of a Pixel device running on Android Enterprise.
The company announced the addition in a blog post highlighting several enterprise-focused security upgrades introduced with Android 12, such as “improving password complexity controls to make it easier to protect company data, and disabling USB signalling on company-owned devices to limit USB-based attacks,” among other feature updates.
Security enhancements included with the latest Android version range from toggling off USB signaling on enterprise devices to block USB-based attacks to improved password complexity controls that provide extra protection for company data.
“And since we believe scrutiny and transparency are key to improving security, we’ve launched our first Android Enterprise Vulnerability Rewards Program,” said Rajeev Pathak, Senior Product Manager at Google.
“We’re offering a reward of up to $250,000 for a full exploit on a Pixel device running Android Enterprise.”
Google is working with industry leaders (e.g., Okta, Ping, and Forgerock) to move to Custom Tabs for authentication. The company considers this to be the best way to integrate authentication into Android Enterprise apps.
The company is also introducing the Android Management API, which would provide the fastest delivery for enterprise features, with Android Enterprise Recommended requirements set by default.