Blackphone and Silent Circle have launched bug bounty programmes to reward security researchers for finding flaws in either the phone or Silent Cicle's network services and cloud infrastructure.
The programme aimed at Blackphone will focus on bugs in PrivatOS as well as update servers, and associated web portals.
The Silent Circle programme encompasses vulnerabilities in Silent Circle endpoint applications on supported OSes, Silent Circle network services and cloud infrastructure, and associated websites and web services.
Both programs offer a minimum reward of $128 per qualifying vulnerability; however, that reward could vary depending on the severity and type of bug.
"Ensuring the privacy of its users is at the core of what do, making security of the utmost importance," said Toby Weir-Jones, CEO of Blackphone.
"By launching our Bugcrowd bug bounty program, both companies are assuring their customers that their smartphone and communication software is subjected to the latest testing and assessment techniques, while providing a form of compensation for successful contributors."
Daniel Ford, CSO of Blackphone and Silent Circle, said the firm had high expectations for security and privacy. "In order to deliver on our expectations we must continually build a strong relationship with the security research community," he added.
Blackphone started shipping back in June after its launch at the MWC in February.
The phone's OS is based on Android KitKat 4.4 and features Silent Circle's secure phone, text, and contacts suite of apps. The phone is a joint venture between Swiis-based Silent Circle and Spanish smartphone make Geeksphone.
The phone is designed to protect users from government surveillance programmes with encrypted text, calls and cloud storage. It is positioned in the market to be a competitor to Blackberry.
The Blackphone and Silent Circle bug bounty program comes as Microsoft launches its own programme to find flaws in its cloud offerings, offering a minimum payment of $500.
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
Capita tells pension provider to 'assume' nearly 500,000 customers' data stolenCapita told the pension provider to “work on the assumption” that data had been stolen
-
Gumtree site code made personal data of users and sellers publicly accessibleNews Anyone could scan the website's HTML code to reveal personal information belonging to users of the popular second-hand classified adverts website
-
Pizza chain exposed 100,000 employees' Social Security numbersNews Former and current staff at California Pizza Kitchen potentially burned by hackers
-
83% of critical infrastructure companies have experienced breaches in the last three yearsNews Survey finds security practices are weak if not non-existent in critical firms
-
Identity Automation launches credential breach monitoring serviceNews New monitoring solution adds to the firm’s flagship RapidIdentity platform
-
Neiman Marcus data breach hits 4.6 million customersNews The breach took place last year, but details have only now come to light
-
Indiana notifies 750,000 after COVID-19 tracing data accessedNews The state is following up to ensure no information was transferred to bad actors
-
Pearson fined $1 million for downplaying severity of 2018 breachNews The SEC found the London-based firm made “misleading statements and omissions” about the intrusion
