Nintendo offering cash reward to help find and report 3DS security holes

Nintendo has announced a vulnerability reward program on the site HackerOne. It’s offering cash, up to $20,000 for the finding and reporting on security holes on the Nintendo 3DS.

It hopes with this program to secure the console against piracy, game dumping, online cheating and the ‘dissemination of inappropriate content to children’.

“Nintendo is dedicated to providing video game fans worldwide premium entertainment in a welcoming and secure environment. To that end, Nintendo invites highly skilled researchers to find and address vulnerabilities on the Nintendo 3DS handheld system that could jeopardize that environment. Nintendo is committed to creating a better game-play experience for all through those actions.”

Rewards for people who are able to find these vulnerabilities, report them and then not tell anyone buy Nintendo range from $100USD to $20,000USD depending on the severity.

Only one reward per qualifying piece of vulnerability information will be awarded. Nintendo will determine at its discretion whether the vulnerability information qualifies for a reward as well as the amount of any such reward. Nintendo does not disclose how the reward amount is calculated. Vulnerability information that is already known to Nintendo or the public, for example, does not qualify for a reward. Rewards will not be issued to individuals who are on sanction lists, or who are in countries on sanction lists.

This is the first time we’ve seen Nintendo reach out to the community, officially anyway in an attempt to curb piracy and hacking. With the Nintendo 3DS reaching the end of its life and with it fully wide open almost it’s weird to see Nintendo address this now. Perhaps a preamble to the same program for the Switch?

Source: HackerOne