PayPal Inc announces 2 new Bug Bounty Program Domains

PayPal Inc - New Scope & Program Guidelines

It was a bit silent around the independent paypal inc bug bounty program within the last year, because the developers were silently programming and designing new stable updates. Today in the morning the paypal inc company announced several new updates regarding the guidelines and scopes. The company decided, to expand the program conditions to followup with the program after years of successful public integration.

The new scope in the program impact 2 new services of the paypal company. The first company in scope is "Xoom". Xoom is a paypal service and a digital money transfer or remittance provider that allows consumers to send money, pay bills and reload mobile phones from the United States to 52 countries, including China, India, Guyana, Pakistan, Mexico and the Philippines. The second company in scope of the bug bounty program is "Braintree". Braintree is a company based in chicago that specializes in mobile and web payment systems for ecommerce companies. The actual program counts about 8 domains and some subdomains.

New Domains in Scope:

https://www.xoom.com

https://www.braintreepayments.com

Next to the new program scope there are aswell portal updates. Bug Bounty Hunters can now register in the portal by reporting a vulnerability. After submitting a successful bug report, a link is delivered with access to the service portal of paypal to followup. The new service portal is integrated to the regular webpage and accessable by the following link.

Feel free to participate with us in one of the best bug bounty programs world-wide and enjoy to test the 2 new web-services.

Reference(s):

https://www.paypal.com/bugbounty/

https://www.paypal.com/us/webapps/mpp/security-tools/wall-of-fame

https://www.paypal.com/webapps/mpp/security-tools/reporting-security-issues#bug-submission