Google has established an AI Vulnerability Reward Program to compensate researchers for finding critical security flaws in its Gemini AI. The program offers financial rewards for discovering exploits that present a tangible danger to users or the platform.
This dedicated initiative is designed to compensate security researchers who uncover specific categories of high-risk AI bugs. The program targets vulnerabilities that could allow an attacker to interfere with a user’s Google account or exploits that enable the extraction of information about the internal architecture and workings of Gemini itself. To be eligible for a reward, a discovered vulnerability must have a significant impact that goes beyond simply causing the AI to generate embarrassing, nonsensical, or factually incorrect answers. Bypassing content restrictions to produce unconventional responses is not considered a qualifying security flaw under this program, which prioritizes demonstrable security risks.
For researchers who manage to uncover and document such impactful exploits, the potential compensation is substantial. The most severe vulnerabilities, particularly those affecting flagship AI products like Google Search and the Gemini application, can command rewards of up to $20,000. An example of a high-impact exploit that would meet the program’s criteria is a technique that tricks Gemini into embedding a phishing link into one of its responses within the Search AI Mode. This type of vulnerability is considered critical due to its direct potential to compromise user security.
The overarching goal of the new reward program is to encourage ethical security researchers to actively identify and report serious exploits. By providing a formal channel and financial incentives, Google aims to ensure that these critical vulnerabilities are discovered and addressed by internal teams before they can be found and utilized by malicious actors. This proactive security measure is intended to protect the stability of the Gemini platform and maintain its reputation among users.