Under increasing scrutiny by regulators and with security problems plaguing its Play Store and Chrome web browser, Alphabet's (NASDAQ:GOOG) (NASDAQ:GOOGL) Google has announced a new bounty program aimed at helping clean things up.
It comes at a precarious time for the Internet search giant. Business is booming, with revenue jumping 19% in the second quarter compared with a year ago, but regulators are closing in. The Washington Post reported that a handful of state attorneys general plan to announce an investigation into potential antitrust behaviors at Google as soon as this week.
Google has little choice but to step up efforts to better police its Play Store for apps and harden its web browser. Its reputation is already under fire after high-profile cases of apps that installed malware on hundreds of thousands of users' devices, and security holes in Chrome that left PCs vulnerable to hackers.
In a blog post, Google said it will pay researchers $50,000 if they find incidences of abuse in which third-party apps steal or abuse users' data. The new bounty program is called the Developer Data Protection Reward Program, or DDPRP, and targets third-party apps that have access to Google APIs in the Play Store, Chrome apps, and Chrome extensions.
"The program aims to reward anyone who can provide verifiably and unambiguous evidence of data abuse," Google said in the blog post. It also announced that it's expanding its bounty program for its Play Store. Now any Android app that has more than 100 million user installs will be included.
The Play Store is known for malware-sending apps
Google's bounty program comes shortly after it temporarily kicked a popular scanning app, CamScanner, out of the Play Store for spreading malware that caused advertisements to pop up. The app was downloaded more than 100 million times since first appearing in the Play Store.
Google was forced to issue an emergency update for its Chrome web browser not long after. It was developed to fix a vulnerability that could enable hackers to remotely take control of PCs. The security hole didn't pertain to Android or iOS versions of Chrome. Google said medium and large businesses and government agencies are the most at risk.
Google is a prime target for fraud and misuse partly because of its billions of users. It sits on a trove of data and has adopted an open-source approach to developing apps for Android devices and extensions for its Chrome web browser. That isn't lost on criminals and other opportunistic people. Over the years, the Play Store has been riddled with fake apps and nefarious ones that infect users with malware.
Google can't afford to lose advertisers
Outside of the regulatory ramifications from playing fast and loose with consumers' data, if the Play Store continues to be plagued with problems it could raise more concerns from advertisers already leery of its practices. Last year there was a mini advertiser revolt after ads started showing up before questionable content on YouTube. It doesn't help that competition is fierce for advertisers' dollars. Google has to contend with deep-pocketed rivals Facebook (NASDAQ:FB) and Amazon.com, so protecting its reputation is a major focus.
Google isn't the only tech company to pay security researchers to find bugs. Facebook created a bounty program in the days after the Cambridge Analytica scandal broke in March 2018. That's when it disclosed that the now-defunct political consulting firm accessed the data on 87 million Facebook users without their consent. It recently expanded that bounty program to cover Instagram after one advertiser scraped user profiles and stored the information outside of Facebook's servers.
Alphabet's stock underperforms
With Google's new efforts to clean up the Play Store and its Chrome Web browser, it is hoping to avoid any of the reputation-bruising scandals that have befallen Facebook. But its efforts may not matter. Investors have already become cautious about it.
Compared with its peers and the broader market, the stock is underperforming. Shares of Google parent Alphabet are up 15% year to date compared with an 18% gain for the S&P 500. Facebook's shares are 38% higher in the same time frame, while Microsoft stock is 37% higher and Apple shares have appreciated 35%. Amazon is up 19% year to date.
As investors continue to worry about heightened regulatory scrutiny, the potential for an advertising slowdown, and competition from the likes of Amazon and Facebook, shares of Alphabet may continue to underperform, even if Google pays researchers to find malicious activity.