LINE messaging app bug bounty program migrates to HackerOne

Under the program, users have reported vulnerabilities through LINE's own bug report platform. However, starting now, reports will only be accepted through the HackerOne bug report platform...

LINE messaging app security bug bounty program migrates to HackerOne

LINE, the Japanese web services corporation and creators of the popular LINE messaging app, announced today that it has begun operating its public bug bounty reward program on leading hacker-powered bug bounty platform HackerOne.

HackerOne will help to expand the LINE Security Bug Bounty Program’s global outreach and engagement. As increasingly high-quality bug reports are received through HackerOne, LINE hopes to provide services that are even safer and more secure to its users.

LINE Security Ecosystem

At LINE, a dedicated security team engages in all stages of the service development lifecycle—from planning and designing to implementation and release—verifying the security and safety of its services to eliminate possible design defects and implementation vulnerabilities.

As an additional countermeasure to maintain service reliability, LINE uses internally developed data analysis systems that detect and deter possible account takeovers, spamming, and other service abuse. Furthermore, to ensure the safety of the messaging app, LINE’s security team performs periodic security checks as well as regular penetration tests in cooperation with external security companies.

In these ways, LINE makes extensive efforts to maximize the safety and security of its services for its users by implementing a variety of security countermeasures, even leveraging external security talents and knowledge in addition to its own.

One such effort is the LINE Security Bug Bounty Program, a public reward program that began operating on June 2, 2016, that rewards hackers for detecting and reporting vulnerabilities (known as bugs) in the LINE messaging app and its related services.

As of November 12, 2019, the program has granted a cumulative total of USD $313,500 in rewards to 200 reports since launch.