Samsung Electronics has expanded its Mobile Security Rewards Program, increasing the maximum reward amount for vulnerability reports from the external security community to $1 million. While Samsung is taking this new step as part of its efforts to increase transparency and collaboration in the field of mobile security, additional classification factors are included in the relevant program’s criteria. Mobile Security Risk Classification can be accessed from the document.
Samsung also released its first “Annual Rewards Program Report” focusing on security. While the report includes important developments since the beginning of the project, the importance of the role played by the participants in the program is emphasized. The Mobile Security Reward Program, which has expanded its scope to complement the seven-year security update commitment Samsung currently offers to users, reveals how much Samsung cares about security on mobile devices.
“With cybersecurity attacks becoming increasingly smarter and harder to detect, we actively encourage the participation of everyone working in security in detecting these threats,” said Justin Choi, Corporate Vice President and Head of Mobile Experience Security Team at Samsung Electronics. Their support helps us ensure that our products are constantly monitored for possible vulnerabilities, allowing us to continually improve our mechanisms to protect our customers. It is critical to ensure this protection and secure user data and information; That’s why we prioritize security in all our products and services.”
Launched in 2017, the program is an expression of Samsung’s commitment to openness and its collective commitment to improving mobile security. By collaborating with experts in different fields from around the world, including cybersecurity researchers, ethical hackers and independent security experts, the program follows a strategic, systematic and proactive strategy aimed at identifying vulnerabilities and proposing solutions, ultimately improving users’ mobile experiences. aims to strengthen security.
The reward of up to $1 million is being offered as part of the newly introduced Significant Scenario Vulnerability Program. Interference, execution of arbitrary code on highly privileged targets; unlocking the device and extracting all user data; It focuses on the most serious attack scenarios and vulnerabilities, such as arbitrary application installations and circumvention of device protection solutions. This collaboration with the security community reinforces Samsung’s commitment to a transparent and collaborative compliance framework against potential risks, while accelerating the detection and remediation of potential critical threats.
Rewards Program criteria are now more transparent
Samsung Mobile Security Risk Classification now classifies vulnerabilities in more detail and offers a system that is accessible to everyone. It also includes new areas such as reduction factors that allow the threat to be downgraded and “do not include” for threats determined to be of minimal security concern. The system assigns severity based on security risk and impact in five different categories: Critical, High, Medium, Low, and Not Significant or Less than Low Security Impact. This comprehensive approach provides a systematic framework for vulnerability reporting, providing clear guidance for both participants and the security community at large. It also outlines the conditions affecting the nature and amount of the reward.
Currently, all Samsung mobile devices that receive monthly, quarterly and bi-annual security updates are included in the program. The program will also reward eligible vulnerability reports regarding potential vulnerabilities in the latest Samsung Galaxy services such as Bixby, Samsung Account and Samsung Wallet.
Samsung’s Opening Program Report has been published
In August 2024, Samsung also published its first security-focused Annual Rewards Program Report, which includes the most significant developments since the project’s launch in 2017. The awarding of more than $800,000 to 113 researchers in 2023 alone and the fact that Samsung has awarded more than $4 million in total to security experts around the world to date are among these prominent developments and reveal how important a role the participants play in the program.
The Mobile Security Rewards Program is currently actively accepting submissions. For more information, including participation conditions Samsung Mobile Security Rewards Program address can be visited.
Source: www.technopat.net