OnePlus started a new bug bounty program(OneSRC) and partnered with HackerOne to protect all users from potential cyber threats.
In November 2019, Chinese Smartphone Company OnePlus has been victim to a data breach by an unauthorized party, which exposed customer’s names, email addresses and personal addresses publically. But all accounts, passwords, and payment information are safe. After the second data breach in two years, OnePlus inspected its website to find other security flaws and also promised its users that it would launch a bug bounty program to secure its phones and data.
As per promise, OnePlus launched its bug bounty program effective from 12 December 2019 to secure their phones and prevent them from future potential breaches. If you are a Security professional and interested to find & report vulnerabilities in OnePlus Systems, then visit OnePlus Security Response Center (OneSRC). Read OneSRC Submission Policy before you submit a report to their site. It looks like OneSRC will update Hall Of Fame leaderboard and also display the top 3 contributors for a month on the homepage.
Who Can participate?
Security researchers, academic scholars and independent experts around the globe can uncover potential threats to their system and report through the new bug bounty program. OnePlus offers bug bounty to security experts who expose and report a vulnerability. According to OneSRC Submission Policy, Rewards for vulnerability will range between USD $50 to $7000. It is depending upon its severity and business impact. OneSRC’s reward tiers mentioned below:
|Low||$50 – $100|
|Medium||$100 – $250|
|High||$100 – $250|
|Critical||$750 – $1,500|
|Special||up to $7,000|
OnePlus also partnered with renowned Security Platform HackerOne to reinforce security and explore & resolve security vulnerabilities in their system before it exposed by unauthorized parties or intruders. For Now, This collaboration will invite selected researchers to test OnePlus’s systems. A Public version for this will go live later in 2020.
Reference : OnePlus