India has the largest share in the bug bounty program of Facebook as it has 155 million monthly active users and 77 million daily active users. This year Facebook paid a total of $611,741 to 149 researchers as the part of the bug bounty program. A bug refers to a defect or error in the hardware or software that causes the program to malfunction. It usually occurs due to various conflicts in the software when applications try to run in tandem. In March 2016, Facebook paid Rs. 4.84 crores to the Indian researchers as the part of the bug bounty program. Since the launch of this bug bounty program in 2011, Facebook has rewarded researchers for identifying vulnerabilities in Facebook’s services, for reporting security bugs or infrastructures which can create privacy or security risks. This bug bounty program has now completed five years and till now it has paid more than 5 million US dollar to over 900 researchers across the globe. The top three countries in the bug bounty program include the USA, India, and Mexico. Many computer engineers are now moving from traditional languages like Java and C++ to cyber security, big data, and analysis. So it is obvious and natural that these computer engineers will test their skills on highly popular websites like Facebook.
The more popular a software or website becomes, the more vulnerable it becomes. Facebook reported that it receives huge high impact bugs each year from India. Facebook recommends that researchers should focus on high impact areas and should submit quality reports for maximizing the value of their findings. Facebook looks at the potential impact of the bug and focuses what could possibly go wrong. Facebook generally looks at the difficult points of exploiting the vulnerability and focuses on what kinds of technical details and resources a successful attack would require. The social media company has refined the program over the years and now while issuing award notifications; Facebook includes information on how the bug bounty was determined. Facebook in February paid $10,000 to a boy from Finland who is just 10-year old as he discovered the API bug in the Instagram that Facebook bought in 2012 for $1B. Now this year company is celebrating its fifth anniversary of Big Bounty program.