Facebook Introduces Bug Bounty Program For Third-Party Apps
The company will accept reports discovered from passive viewing only.
You might occasionally use your Facebook account to log into another site. It's quick and convenient but results in a sharing a lot of your data with third-party services—and it does carry some security risks.
These risks are exactly why Facebook is introducing its latest bug bounty. The company announced its decision in a blog post Monday.
The social network will pay for reports of flaws in third-party apps that inappropriately expose the important user information that Facebook relies on to identify users.
The minimum reward is $500 and Facebook will only permit reports discovered via passive viewing. The company said it did not want anyone to manipulate any requests or interfere with how the apps function. Facebook has also not said how many third-party apps are run on its site, CNET reports.
"We want researchers to have a clear channel to report these important issues, and we want to do our part to protect people's information, even if the source of a bug is not in our direct control," said Dan Gurfinkel, security engineering manager at Facebook.
The social network has a current bug bounty program designed to catch flaws on the main Facebook site. This program is part of an effort for the company to redeem itself following the Cambridge Analytica scandal, which revealed to Facebook users that the company had played fast and loose with user data.
NEXT STORY: State Department Confirms Email Data Breach