In addition to that, Facebook is working with security researchers to stress-test Checkout on Instagram, the shopping feature that lets people buy products without leaving the app, before it launches outside the US. Facebook says it has given a select group early access to Checkout on Instagram and will reward them for eligible reports. “Putting people first is one of Instagram’s most important values, and keeping our service secure is an essential part of the work we do to serve our community,” said Nam Nguyen, Instagram’s head of engineering. “Expanding and building on the Facebook bug bounty program is a key development in our ongoing security efforts, and we are grateful to the wider security community for all they do to help keep our platforms safe.”
Just to give you an idea of how much Facebook has paid people for their help, the company awarded more than $1.1 million to security researchers from across the world in 2018. And last year alone, Facebook says, the average payout for bugs that could lead to account takeover was increased to $40,000. All told, in 2018, Facebook received about 17,800 reports, with the average reward amount being around $1,500. Now that its Data Bounty Program covers Instagram, Facebook’s hope is that with help from security researchers worldwide, it can keep the popular app safe from bad actors who could misuse people’s data.