Facebook recently announced that it’s working with bug bounty platform HackerOne to launch a bug bounty program for its Libra Association. The social media giant is rewarding up to $10,000 to security researchers who discover potential flaws in Libra’s testnet.
Facebook announced its cryptocurrency LIBRA and digital wallet Calibra in June 2019. Libra Association is a pool of large enterprises and non-profits, including Visa, Spotify, Mastercard, Lyft, eBay, and Uber, which are responsible for processing the transactions of the crypto coin and blockchain. Despite the regulatory issues, Facebook is moving ahead with its Libra coin, which is expected to launch in 2020.
“The Libra Association launched its public bug bounty program on August 27, 2019. The Libra Bug Bounty program is intended to strengthen the security of the Blockchain. It enables developers to submit bugs and alert the association to security and privacy issues and vulnerabilities to help ensure a scalable, reliable, and secure launch,” Facebook said in an official statement.
“The program will encourage many more people with diverse skills and backgrounds to inspect and review the Blockchain design and implementation. The Libra Bug Bounty program is part of a larger ongoing effort to build an open and vibrant community of security and privacy developers around the globe,” the statement added.
Facebook is not the first company to offer bug bounties. Recently, search engine giant Google announced the increase in bug bounty rewards, making them more lucrative to security researchers. The search engine giant stated that it has raised the bounties for Chrome and Google Play bugs.
Google launched the vulnerability rewards program in 2010 and provides cash rewards to security researchers who report vulnerabilities in Google code. The company stated that they’ve received around 8,500 vulnerability reports and paid rewards over $5 million (£4 million).
Also, technology giant, Microsoft admitted that it paid $4.4 million to hackers as bug bounties in the past 12 months. The technology giant confirmed this at the Black Hat 2019 security event in Las Vegas.