OnePlus announced on Thursday that it had set up a Security Response Centre that would offer a bug bounty to security experts, who discover and report on potential threats to the company’s systems.
Rewards for qualifying bugs reports will be in the $50 – $7,000 range, depending on the potential impact of the threat.
The global OnePlus Security Response Centre will engage academics and security professionals to discover, disclose and remediate issues that could affect the security of the company’s systems, and will help them counter potential external threats to user security.
Security professionals are invited to visit security.oneplus.com for the terms of the full program and a standardized form for reporting security issues.
The Chinese smartphone maker has also signed a new partnership with HackerOne, a known hacker-powered security platform, which will tap into their extensive network of security experts to point out the most relevant security vulnerabilities before they can be exploited by external actors.
The HackerOne collaboration will start as a pilot program, inviting select researchers to test OnePlus’ systems against potential threats. A public version of the program is slated to go live later in 2020.
All invited researchers will submit their reports through HackerOne.
“OnePlus values the privacy of all information our customers entrust to us. The two projects demonstrate OnePlus’ commitment to protect our users’ data through more secure systems and data lifecycles,” Pete Lau, CEO and Founder of OnePlus, said in a statement.