Google has announced that it is offering a prize of $200,000 to a maximum of $1.5 million for anyone who will uncover security flaws in some of its Pixel smartphones.
According to Google, the new top prize of $1.5 million will be awarded to those who will discover bugs in the Titan M security chip of its Pixel smartphones, as well as meeting specific criteria.
Google claims that since 2015, it had paid out over $4 million to security researchers. However, security experts doubt that the company's reward will stop people from earning money from criminals.
Other companies have also been offering rewards for reporting security flaws, including Apple, Buzzfeed, Facebook and Samsung. These rewards are aimed at encouraging users to report flaws, so that they can be addressed, instead of selling the exploits to criminals.
Google's Titan M security chip is designed to protect the integrity of the smartphone's operating system and to store biometric data used for unlocking the phone. In order to qualify for the top reward, a researcher would have to find a method of compromising that chip on a device running specific developer preview editions of Android.
However, Katie Moussouris, chief executive of Luta Security, does not think that the increased reward would change people's behavior. Moussouris said: "Just like when Apple raised their bug bounty to $1m, Google's move won't compete with the 'black market' [of selling to criminals], which can raise prices any time."
"This price for external research raises questions for retention and recruitment of internal talent meant to prevent flaws," she added.
The BBC also offers a similar bounty to security researchers who report problems so that they can be fixed but since the broadcaster is funded by the public it offers a "unique BBC reward" rather than a cash prize.
Reporters of qualifying vulnerabilities will be included in its acknowledgments page.
