Google’s total payouts over the last 12 months have been around $1.5 million, with an average reward of $3,800 per finding. In 2019, the highest reward was $161,337. Google has been paying out some people who report security holes in the Chrome browser since 2010, upping its Chrome bug bounty to $30,000 in July this year.
The increase in the reward follows private companies increasing payouts for Android bugs to $2.5 million, as reported by CNET sister site ZDNet. This marked the first time iOS exploits were worth less than Android bugs on the private market.
Casey Ellis, founder and CTO of Bugcrowd, said Google’s bounty has risen because “the skills needed to find these types of vulnerabilities in Google devices are rare and often tied up in the offensive market.”
“By upping the incentive to hackers, Google is making bug hunting for them more attractive, especially to those that might teeter the line between whitehat and blackhat,” he added in an emailed statement.