What you need to know
- The Google Play Safety Program, introduced in 2017, will no longer be functional after August 31.
- However, researchers can still submit safety reports, which will be processed until September 30.
- Google cites a “decrease in reported security vulnerabilities requiring action” as the reason for the discontinuation.
After seven successful years, Google’s Play Security Reward Program is coming to an end. The company recently informed developers of the decision via email.
According to the email shared by Mishaal Rahman for Android Authority, the Google Play Security Reward Program will end on August 31.
Google is ending its Play Security Reward Program, which rewarded developers for finding and disclosing vulnerabilities in popular Android apps. For more details about the program and the reasons for its discontinuation, see 👇https://t.co/5UsW6qgknrTip @Techmeme19 August 2024
For the uninitiated, Google launched the program in 2017 to encourage developers and security researchers to find vulnerabilities in Google’s websites, apps, Chrome and Chrome OS, and Pixel devices. Researchers who discovered and reported issues were rewarded with cash from Google Play.
Although it has improved Android and Google Play security, the latest email to researchers suggests that this is no longer the case, adding: “Due to the overall improvement in the security posture of the Android operating system and feature hardening efforts, we have seen fewer actionable vulnerabilities reported by the research community. Due to this decrease in the number of actionable vulnerabilities reported, we are ending the GPSRP program.”
As mentioned, the program ends on August 31st, but reports submitted before that period will be reviewed until September 15th, and final decisions on rewards are expected to be made before September 30th. After that, the program will be “officially discontinued,” the Android security team notes in the email.
The GPSRP was an additional step to collect vulnerability data and create automated checks. These checks would be applied to all Android apps on the Play Store to look for similar vulnerabilities and make the app store more secure, although Google already has its own measures in place to keep the Play Store safe for these many apps. Either way, it’s almost over – for better or for worse.