OnePlus today announced the OnePlus Security Response Center in which it will offer bug bounty to security experts for discovering and reporting threats to its systems.
The bug bounty program is open to security researchers worldwide and rewards for bugs vary from $50 to $7,000 depending on its impact and severity. Most of the critical vulnerabilities will get security researchers anywhere between $750-$1,500, with the $7,000 reward only applicable in special cases.
Security researchers can report all discovered threats on the official OnePlus website, the community forums, or their app. The security response center will also have a monthly hall of fame to highlight the work of the top 3 security researchers.
The bug bounty program from OnePlus comes after a security breach last month that exposed the phone number, address, and email address of its customers. The company had reported a security breach in early 2018 as well that affected 40,000 of its customers and leaked their credit card information.
Additionally, the company also announced that it is partnering with the renowned hacker-powered security platform HackerOne. The partnership will allow OnePlus to use HackerOne"s extensive network of security researchers to find potential security threats in its system before they can be exploited.
This will initially be a pilot program that will see OnePlus invite select researchers from HackerOne to test its systems and report potential threats. A public version of the program will go live in 2020.