Google said Tuesday that it paid more than $6.5 million in a vulnerability bounty in 2019. Their Vulnerability Rewards Program offers bonuses to security researchers who discover and report errors in Google’s services. Of that total, $2.1 million came from Google, $1.9 million from Android, $1 million from Chrome and $800,000 from Google Play.
The biggest individual prize was $1,000, with 461 researchers receiving a generous bounty.
“Their findings help keep our users and the Internet as a whole safe,” Google said in a blog post. “We look forward to more cooperation in 2020 and beyond. “
The $6.5 million spend is almost double the $3.4 million awarded in 2018. By comparison, $2.9 million was paid in 2017, $3 million in 2016 and $2 million in 2015.
Google also donated $507,000 to charities in 2019.