Participate in Apple Security Bounty Program and get a chance to win monetary awards up to $2 Million
Apple Security Bounty Program is now open for all in which the company announces to pay users for exposing security threats in both products and services. Get to know the insights in details.
Apple devices have encryption features to safeguard user data and enable remote wipe in the case of device theft or loss. The Company is so sure about its security that it shall offer up to $2 Million to expose threats.
In order to ensure absolute safety and security for users Apple has announced the Security Bounty program in which the Company plans to pay people for exposing security threats in its product and services. The payments however are made at Apple’s sole discretion based on the type of issue.
The Company shall check the level of access or execution achieved, and the quality of the report. A high-quality research report is critical to help the Company confirm and address an issue quickly. The official website of the Company speaks about the rewards and says, “A high-quality research report is critical to help us confirm and address an issue quickly, and could help you receive an Apple Security Bounty reward.”
The Company has a complete list of categories that are representative of potential Apple Security Bounty payments. The Company has further added that, “while we’re unable to anticipate specific reward payments in advance, we consider every security issue that has a significant impact to users for an Apple Security Bounty reward, even if it doesn’t match a published category.”
Here is the list of security threats and the rewards:
- Device attack via physical access— Lock Screen bypass $5,000 – $100,000 and User data extraction $5,000 – $250,000
- Device attack via user-installed app— Unauthorized access to sensitive data $5,000 – $100,000 and Elevation of privilege $5,000 – $150,000
- Network attack with user interaction— One-click unauthorized access to sensitive data $5,000 – $150,000 and One-click with elevation of privilege $5,000 – $250,000
- Network attack without user interaction— Zero-click radio to kernel with physical proximity $5,000 – $500,000, Zero-click unauthorized access to sensitive data $5,000 – $500,000 and Zero-click kernel code execution with persistence and kernel PAC bypass $100,000 – $1,000,000
- Private Cloud Compute (PCC)— Attack on request data from a privileged network position $5,000 – $150,000 and Remote attack on request data $5,000 – $1,000,000
- Beta Software— Issues that are unique to newly added features or code in developer and public beta releases, including regressions 50% $1,500,000
- Lockdown Mode— Issues that bypass the specific protections of Lockdown Mode 100% $2,000,000
It is worth mentioning here that, in case one plans to claim the Apple Security Bounty, one has to submit a clear research report enumerating the steps along with clear instructions. One can then login to the official website and submit the claim and if Apple finds the claims valid, it will process the reward amount, it’s however at Apple’s sole discretion.
