Back to news
November 5, 2018 News

Crosskey, S-Bank and FIM to launch joint bug bounty program

Crosskey, S-Bank and FIM are in cooperation with HackerOne launching a bug bounty program. The bug bounty is organized in cooperation between Crosskey, S-Bank and FIM and based on the HackerOne platform. HackerOne is known bugbounty platform provider providing services to well-known international companies such as Twitter, Spotify, US Department of Defense, LähiTapiola and more. HackerOne provides a platform for bug hunting and reporting, and Crosskey, S-Bank and FIM pays bounties for finding security vulnerabilities.

“Crosskey provides financial services to our customers in the Nordic market. In order to ensure the security of our offerings, our customers and end-customers, we have together with our customer S-Bank launched a bug bounty program on the HackerOne platform with the aim to further secure our netbank services and data security”, says Kim Halavakoski, Chief Security Officer at Crosskey

Bounties for hackers are scaling from € 130 to € 1800 according to HackerOne’s recommendation. The idea behind bug bounties is that potential vulnerabilities are found and fixed in order not to be exploited in an undesirable way. Hackers approved for bug bounty are committed to reporting the bugs found to HackerOne and hence to Crosskey, S-Bank and FIM.

“Our banking products are the most modern and secure on the market and by collaborating with hackers to test our systems we ensure that our security programs are working, and that security is continuously and transparently improved”, Halavakoski continues.

Controlled bug bounty is a safe and effective way to test services with crowdfunded world-class hackers in order to find security bugs.

“Security is a very important and serious issue for us. We have many ways to ensure customer information security, such as various security audits, guidelines, and risk assessments. Bug bounty is therefore a new tool in addition to existing measures, ” Halavakoski says.

Hunting bugs by open bug bounty programs have previously been tested in Finland when organized by the Finnish Tax Administration and the insurance company LähiTapiola.

For additional information

Kim Halavakoski, Chief Security Officer

Share to Facebook Share to Twitter Share to Twitter