Cab hailing service Ola has now launched a Bug Bounty program for making its platform more secure. This is the first full-fledged bug bounty program launched by an Indian startup till date. Ola has acknowledged that many critical vulnerabilities are resolved due to efforts taken by security researchers, and hence it has opened its bug bounty program to all the security researchers around the world.
If you are not aware, Bug Bounty programs are essentially initiated by many websites and portals by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to exploits and vulnerabilities
This year we saw how Ola wallet got hacked and how some hackers claimed to have access to Ola users database and their credit card information. Luckily, as it seems that these two hacks didn’t do any big damage to the company but have instead made the company work more on the security of its platform. Ola bug bounty program is the result of that, where everyone can participate and share critical bugs and security vulnerabilities about Ola platform with the company for cool rewards and gadgets.
Full Details Of The Bug Bounty Program
Ola has revealed the entire procedure including the disclosure policy, bug reporting guidelines, target platforms, eligibility, terms and conditions, rewards , etc. on its Whitehat page. The page also contains the rewarding schemes and everything that you need to know for participating in the program.
What’s Being Offered For Finding Bugs?
Ola’s Bug Bounty Program is designed to encourage security research for its platform for keeping its user data secure and private from unauthorized parties. Ola has also mentioned that only those who find bugs related to user data and privacy, and unauthorized access are eligible for the reward.
Only one bounty will be rewarded for one unique security vulnerability. The program is currently open only to individual security researchers. The security testers are also advised to act sensibly and give the company some time to patch the bug before going public.
Coming to the rewards, the minimum reward amount is Rs. 1,000 while there is no cap on the maximum bounty. Testers can also win smartwatches, tablets, headphones, t-shirts, and other cool stuff for reporting awesome vulnerabilities.
So, before you begin finding bugs in the Ola platform (olacabs.com, and its mobile apps) we would advise you to go through the company’s whitehat page for more information about the Bug Bounty Program.
Now that Ola has become very serious about fixing security bugs on its platform, we hope other startups in the country also get serious about security and user privacy and do the same. After all, the user data is the most important thing that any company must take care of for maintaining its reputation and keeping user’s trust.