Security researchers can now analyze the digital presence of 20 minutes. If they find errors and weak points, they receive money for them. So 20 Minuten should become the safest news platform in Switzerland.
The TX Group is launching a public bug bounty program.
Anyone who finds safety-relevant errors receives money for them.
The reward is up to 2500 dollars, around 2300 francs.
The new appearance of 20 Minuten has been online for almost a year. With the launch of the platform, new security elements were built in to ensure the security of the readers’ data at all times and to increase the availability of the content.
Cybersecurity is important for 20 minutes: 850 hackers and security researchers have specifically searched for security gaps since the new website was launched. If one of these is found, the discoverer receives a bonus – a bounty, so to speak. In technical jargon, this is called a bug bounty program.
Reward of up to CHF 2,500
So far, only selected security researchers have been able to participate in the program. Now the TX Group is making this bug bounty program publicly available to everyone for the first time. «The aim is to build the most secure news platform in Switzerland. We walkn in order to hierzulande eA pioneering role for cybersecurity», sagt Andreas Schneider, Chief Information Security Officer der TX Group.
In the first year, the security researchers discovered a total of 36 vulnerabilities in 20 minutes. During the period, $ 26,750 were paid out in bounties, i.e. bonuses. Anyone who discovers a loophole will receive up to $ 2500 (around CHF 2300). This amount was paid out six times in the first year. The TX Group relies on a partnership with Bugcrowd, one of the largest providers of bug bounty programs worldwide.
“Train like boxers”
As the news portal with the greatest reach in Switzerland, 20 Minuten has high demands on the security and stability of the platform, erklärt Marco Di Bernardo, Chief Technology Officer of 20 minutes. That is why the bug bounty program is one of the cornerstones of the strategy: «Similar to a boxer, we train every day with the best savingsrpartners in the world. They relentlessly expose our weaknesses and show where we need to improve. “
It cannot be taken for granted that such programs exist. Hacking platforms is usually a criminal offense. The situation is different with bug bounty programs, since security researchers have to deliberately penetrate the systems and adhere to previously defined rules. «Such programs not only improve our cybersecurity, but create trust and transparency, ”explains Schneider. But 20 minutes is just the beginning. «More bug bounty programs will open to the public later this year made and thus further increase our digital trustworthiness. “
If you subscribe to the digital push, you will be informed about news and rumors from the world of Whatsapp, Snapchat, Instagram, Samsung, Apple and Co. You will also be the first to receive warnings about viruses, Trojans, phishing attacks and ransomware. There are also tricks to get more out of your digital devices.
This is how it works: Install the latest version of the 20-minute app. At the bottom right, tap on «Cockpit», then «Settings» and finally on «Push notifications». Under “Topics”, tap “Digital” – et voilà!