Apple to pay up to $1 million to find system flaws

To encourage security experts to test the platform's privacy and security protections, Apple will now pay researchers who uncover serious vulnerabilities in Private Cloud Compute (PCC), the system which supports Apple Intelligence in handling complex tasks, up to $1 million.

How the program works

Apple is offering rewards based on the type of issue, the level of access achieved, and the quality of the research report. Submitting a clear, detailed report can help Apple address issues more quickly and may result in higher payouts, says the tech giant. The bounty program offers rewards across several categories, with payments varying by the severity of the vulnerability.

Device attacks via physical access: Finding a way to bypass the Lock Screen could earn between $5,000 and $100,000. A minor bypass allowing access to a few contacts might pay $5,000, while broader data access could be worth up to $100,000. Extracting data after a device's first unlock has payouts from $5,000 to $250,000, with the highest payout for accessing all data on a locked device.

Device attacks via user-installed apps: The category 'unauthorised data access' offers between $5,000 and $100,000 for gaining unauthorised access to data without user consent. Rewards of $5,000 to $150,000 are available if researchers can escalate privileges, like gaining kernel-level control from an app sandbox.

Network attacks with and without user interaction: For vulnerabilities requiring a single click, rewards range from $5,000 to $250,000. This includes accessing data or increasing privileges remotely. In a similar vein, payouts up to $500,000 are available for attacks that access data or code execution without any user interaction, such as intercepting calls or viewing photos.

Zero-click kernel code execution with persistence: Zero-click vulnerabilities that allow persistent kernel-level access can pay up to $1 million, particularly if they bypass Apple's Pointer Authentication Code (PAC) security feature on the latest hardware.

Bonus payouts: Apple will also offer extra rewards for unique findings. Vulnerabilities specific to new beta software features may yield a 50% bonus. Flaws bypassing Lockdown Mode protections receive a 100% bonus, doubling the reward amount.

Rules and ethics

Researchers must report vulnerabilities only to Apple and keep the details confidential until Apple releases a software fix.

Participants are also expected to follow Apple's rules, which prohibit testing on non-public systems, using phishing or social engineering techniques, and targeting third-party services.

Importantly, rewards are restricted for participants in US-sanctioned countries.