Netflix has launched a public bug bounty programme, which means you can now earn money for pointing out security flaws within the streaming service. Previously, Netflix had a responsible vulnerability disclosure programme since 2013, and then expanded to a private bug bounty option in late 2016. The highest payout so far has been $15,000 (about Rs. 9.75 lakhs), Netflix says, for identifying a "critical vulnerability". The company also unveiled a new custom type face.
To assess a proper reward amount, Netflix said it works "closely with researchers to evaluate the impact of a vulnerability and reward accordingly". Since the launch in 2013, Netflix has "received and remediated 190 valid issues", and a total of 145 valid submissions since the start of private bug bounty programme a year and a half ago.
Netflix's public bug bounty programme will be managed via bug bounty platform Bugcrowd, which also handles the likes of Tesla, Pinterest, 1Password, LastPass, Netgear, and MasterCard among others. Public bug bounty programmes are common among the biggest tech companies, including Google, Microsoft, Samsung, and Intel.
In other Netflix news, the streaming video giant has also unveiled a new custom font called Netflix Sans, developed in partnership with type foundry Dalton Maag. Until now, Netflix had been using Gotham, but licensing it for Netflix's worldwide marketing was getting quite expensive. Netflix Sans will help it save "millions of dollars a year", Netflix brand design lead Noah Nathan told It's Nice That in an interview.
With the launch of the new custom font, Netflix joins a growing list of technology companies who have chosen a similar path: Google has Roboto and Product Sans, Apple has San Francisco, and Samsung has SamsungOne.