A new study shows that Apple spends 5 times more bounties than Samsung on its bug bounty program. Still, Apple has faced complaints from researchers, some of who say Apple doesn’t credit them with reported zero-day vulnerabilities.
JOIN US ON TELEGRAM
Research conducted by Atlas shows that Apple pays $100,000 to $1 million in bounties to researchers who find vulnerabilities in its services, while Samsung’s bug bounty program rewards researchers $2 million to $200,000 for qualified bugs.
Moreover, the study found that Huawei also paid bonuses similar to Samsung’s, ranging between $200 and $224,000. Other Android smartphone makers such as Xiaomi, OnePlus, and OPPO are also paid relatively less. Xiaomi’s bonuses range from $800 to $13,000, while OnePlus and OPPO get $7,000.
However, it seems that the higher compensation did not satisfy the developers. Apple has been the object of criticism from researchers. They allege that Apple paid bounties less than promised, sometimes not at all, even when zero-day vulnerabilities were discovered. Those complaints have been around since 2017, and they didn’t stop when Apple hired a new head of its bug bounty program in 2021.