Financial Security Institute "Up to 10 Million KRW Reward for Discovering Software Security Vulnerabilities"

2021 Financial Sector Bug Bounty Operation Procedures. Photo by Financial Security Agency

View original image

[Asia Economy Reporter Song Seung-seop] The Financial Security Institute announced on the 24th that it will conduct a 'bug bounty' program to receive and evaluate reports of security vulnerabilities in electronic financial software.

A bug bounty is a system that rewards individuals who voluntarily report new vulnerabilities in a company's services and products. Since 2019, the Financial Security Institute has held an annual bug bounty for the financial sector.

This bug bounty targets non-installation-based (Non-ActiveX) software provided by domestic financial companies to electronic financial consumers. If you find a new security vulnerability in the software, you can report it via the Financial Security Institute's email. However, violations of related laws such as the Information and Communications Network Act are prohibited.

The bug bounty will operate for three months starting from the 1st of next month. Anyone residing in Korea or abroad can participate.

Reports received will be directly verified by the Financial Security Institute. Vulnerabilities revealed through verification will be internally evaluated by an evaluation committee, and rewards of up to 10 million KRW will be given depending on the level.

The Financial Security Institute plans to quickly discover and supplement new security vulnerabilities through the financial sector bug bounty. It will also promptly share vulnerability information with software manufacturers to develop and apply security update programs.

It is expected to provide a safe electronic financial transaction environment for financial consumers and enhance the cyber threat prevention and response capabilities of financial companies. The number of vulnerabilities found and fixed through bug bounties has reached 13 to 16 cases annually.

Hot Picks Today

"Buy on Black Monday"... Japan's Nomura Forecasts 590,000 for Samsung, 4 Million for SK hynix

• "Plunged During the War, Now Surging Again"... The Real Reason Behind the 6% One-Day Silver Market Rally [Weekend Money]
• "Not Everyone Can Afford This: Inside the World of the True Top 0.1% [Luxury World]"
• "We're Now Earning 10 Million Won a Month"... Semiconductor Boom Drives Performance Bonuses at Major Electronic Component Firms
• Experts Are Already Watching Closely..."Target Stock Price 970,000 Won" Now Only the Uptrend Remains [Weekend Money]

Kim Young-gi, President of the Financial Security Institute, emphasized, "As IT development, operation, and outsourcing in the financial sector increase and non-face-to-face and online transactions become routine, software security is essential," adding, "We expect active participation so that the bug bounty can be practically utilized to secure the security of electronic financial-related software."

© The Asia Business Daily(www.asiae.co.kr). All rights reserved.