14 DAY TRIAL // The developer of Ark: Survival Evolved, a game that places the player in a Jurassic World kind of setting, decided to reduce the risks of cyber attacks on its online servers by offering monetary rewards for security flaws affecting the machines.
The servers cater for the multiplayer part (single-player mode is also available) of the game and any failure on their part has a direct impact on the online gaming experience.
Single-player bugs are not eligible
Bounties are offered for any type of hacks affecting the infrastructure supporting the online activity of the clients, more specifically, the stability of the online servers.
Submissions will be assessed and rewards will be paid even if the reported issue “falls outside the scope of ‘hacks,’ but still qualifies as an extremely critical bug (such as wide-scale easy duping, or methods of crashing the server, etc.),” a Studio Wildcard developer announced on the game’s Steam forum on Wednesday.
The developer, signing as “TheRightHand,” informs that not every email from bug reporters will be replied but assures that all of them would be checked. Initially, the reward was set to $100 / €90, but it was later doubled up.
He stressed that the object of the vulnerability reward program is to solve only online, multiplayer problems that can touch on the official servers. As such, cheats like aimbots, speed hacks, or trainers for single-player mode will be disregarded as they fall under the incidence of Valve Anti-Cheat system.
Studio Wildcard handles the reports itself
Bug bounties are not a new thing, companies like Google, Facebook and Mozilla having them for years, with more and more organizations adopting the system. They are considered an investment in the security of the products, creating an incentive for outside researchers to report new holes.
For the moment, Studio Wildcard manages the vulnerability submission flow on its own (messages can be sent to [email protected]), which could prove to be inefficient in the long run, if a large number of reports come in.
Most of the times, companies choose dedicated platforms for handling the submissions, organizing and prioritizing them so that they are attended with maximum efficiency.