Instagram wants hackers to test their skills on its latest shopping feature before it expands beyond the United States.
The photo-sharing app says it is inviting a group of security researchers to test the app for possible loopholes before extending its services outside the country.
The new shopping feature was launched in March. The tool allows user to purchase products directly on Instagram app and not from retailers who advertise their products on the platform. It partnered with popular brands like Zara, H&M and Nike. Users previously had to purchase the item(s) from the retailers’ websites via links available on the app.
This is not the first that that Instagram would invite security researchers to drill the app for any possible vulnerability to keep users secure. The phot-sharing app said after the launch, that payments on the checkout feature with PayPal was totally secure- it doesn’t share payment information with retailers and keeps financial information discreet.
The researchers, also called the hat hackers have the responsibility to find vulnerability to protect users from been hacked. Apparently, they have complete access to the feature and can earn some cash for submitting useful results that the company find valid.
Facebook in 2018 paid $1.1m in reward to researchers from over 100 countries to discovered and reported vulnerability and data abuse on the app. The company paid an average of $1500 to each hacker.
This practice is part of Facebook’s security check to keep its platforms free from vulnerabilities. The tech giant revealed that it appointed a group of researchers to test its new features after it revamped its mobile app and website. Philippe Harewood, one of the researchers who participated in the private program discovered a bug which he said could have let a third party change a user’s profile photo.
Facebook said it fixed the flaw before it rolled out the revamped edition around the world. Facebook is extending this bug bounty program to its subsidiary app, Instagram to fish out third party apps which are illegally accessing users’ data on its network.
The tech giant launched a program focused on data abuse after the Ambridge Analytica scandal that involved the data of 87 million users unlawfully harvested by the British political consulting firm. This new bounty program rewards people who report third part apps guilty of transferring users’ data, and now Instagram, to be sold or used for scam and other illegal activities.
The app says it will reward hackers up to $40,000 per case.