Facebook will allow its Data Abuse Bounty program to apply to Instagram, paying money for reporting third-party apps exploiting user information…
Social network Facebook will begin paying security researchers for reporting third-party apps engaging in data abuse. This represents an expansion of the Facebook Data Abuse Bounty program, which the company introduced in April 2018.
Facebook Data Abuse Bounty Program Expands to Subsidiary Instagram
The expanded Facebook Data Abuse Bounty program on Instagram will accept reports about third-party apps improperly accessing and storing users’ data, including ones which offer fake likes, bogus comments, and fictitious followers.
Also, Facebook will work with security researchers to stress-test a new program called “Checkout on Instagram.” This is a coming shopping feature which allows users to buy products right through Instagram without having to leave the app to complete the transactions.
Nam Nguyen, Instagram’s head of engineering, explains:
“Putting people first is one of Instagram’s most important values, and keeping our service secure is an essential part of the work we do to serve our community. Expanding and building on the Facebook bug bounty program is a key development in our ongoing security efforts, and we are grateful to the wider security community for all they do to help keep our platforms safe.”
Last year, Facebook paid out over $1.1 million in bounties, with the amount increased to $40,000 for finding bugs which led to account takeovers. The average reward was approximately $1,500.