Website Functions | Listen to user feedback and enhance website functionality
TECNO Security Response Center always focuses on the security of TECNO products, values the security experience of TECNO products, and strives to enhance the security strength of TECNO products. The TECNO Security Response Center hopes to work closely with all external reporters to work together for the security of TECNO products and make important contributions to improving the security of TECNO products. This is not only our original intention, but also our solemn commitment.
To improve the experience of security researchers when submitting reports and help improve communication efficiency, many convenient and interesting features have been added to the website this year.
💡【Personal Honor System】: Records every progress and breakthrough you make at the TECNO Security Response Center.
💡 【Personal Homepage Update】: Quickly access important information such as personal bonuses, reputation, security value, number of vulnerabilities, and platform ranking.
💡【Bonus Payment Process】: Add your personal payment account with one click to improve the efficiency of bonus payments for reports.
💡【Bonus Payment Process】: Add your personal payment account with one click to improve the efficiency of bonus payments for reports.
💡【Survey Function Launched】: Listen to researchers' voices, collect their suggestions, and help the platform do better.
💡【Security Swagshop Launched】: Rewards every security researcher for their contributions. Participate in platform activities to earn security points and redeem them for cash prizes.
In the future, we will continue to stay true to our original intention, actively listen to researchers' suggestions, strive to enrich website functions, and treat every report fairly. We look forward to good cooperation with more researchers.
Bug Bounty | Challenge three bug bounty programs and hone your security skills
Over the past three years, the TECNO Security Response Center has always focused on TECNO terminals, mobile applications, and web security, and launched vulnerability bounty programs covering these three areas. We continue to update and improve these vulnerability bounty programs to ensure that we can respond to the latest security threats. Hurry up lock in your targets and submit your discoveries!
For more information about the scope of acceptance, vulnerability rewards, rating rules, etc., please click the following link.
If you discover any vulnerabilities in the TECNO Mobile Devices, please feel free to submit them to us.
If you discover any vulnerabilities in the TECNO Mobile Applications, please feel free to submit them to us.
If you discover any vulnerabilities in the TECNO Web Business, please feel free to submit them to us.
Diverse Activities | Participate in security activities and earn extra rewards
Over the past three years, the TECNO Security Response Center has been constantly innovating and launching a variety of activities to stimulate the vitality of the platform. Whether you are a security researcher or a security enthusiast, the TECNO Security Response Center has prepared a variety of challenges for you.
Every vulnerability report and every activity will help improve the security of TECNO products and also bring you more gains and growth. TECNO Security Response Center, together with you, continues to radiate unlimited vitality!
Want to learn about ongoing activities? Please see below:
【TECNO Security 3rd Anniversary Bug Hunting Competition】
Vulnerability reports submitted during the 3rd anniversary will receive additional bonuses and credits, and the eight top security researchers will also win a grand prize. [2024.9.1- 2024.9.30]
【Your 2024 SRC Growth Checklist】
Here's a TECNO security task list. When you complete all the tasks, you'll receive a reward of 10,000 security credits! [2024.1.1 - 2024.12.31]
【TECNO Security Bug Bounty Rules Challenging Test】
This is a fun quiz to help you understand the TECNO Security Response Center bug bounty rules. By participating, you can gain a better understanding of the rules and earn security credits as a reward.
【TECNO Security Author Program】
Invite all platform users to share original security technology content and security vulnerability bounty practices. [Long-term]
VIP Clubhouse Upgrades to Wait for You
The VIP welfare program is specially launched for senior researchers, which offers privileges including extra rewards, event invitations, etc. [Long-term]
【Subsidies and Incentive Programs for ALL】
We set up the programs to thank you for your contribution, including First Blood Prize and Quarterly Personal Rewards. [Long-term]
【Phone Reimbursement Plan】
Security researchers who meet the requirements can apply for reimbursement of TECNO product costs to better test. [Long-term]
【High Quality Reports Reward】
We will provide special rewards and exclusive badges for high-quality vulnerability reports. [Long-term]
There will be more exciting activities in the future, all in TECNO Security Response Center...
Security Certification | Apply for a CVE ID to "validate" your security report
On March 19, 2024, the TECNO Security Response Center reached a major milestone by officially obtaining the CVE Program authorization and becoming a CVE Numbering Agency (CNA) in the global cybersecurity field. This achievement marks a solid step for TECNO in protecting global cybersecurity and joining hands with global CNAs to play the strongest voice of collaborative resonance.
As a member of the CVE Numbering Agency (CNA), TECNO has the qualification to issue CVE ID numbers for security vulnerabilities in TECNO products. Currently, we have assigned 6 CVE IDs, and we will continue to assign CVE IDs for outstanding reports!
If you want to obtain a CVE ID, you need to follow these steps:
➡️ ① Submit a security vulnerability report to the TECNO Security Response Center.
➡️ ② Once the report is confirmed as valid, you need to wait for the report to be fixed.
➡️ ③ After the report's fix status is updated, you can follow the CVE ID Application Instructions to apply CVE ID via email.
➡️ ④ Wait for the TECNO security team's response and the CVE ID assignment announcement.
Outstanding Representative | Meet outstanding researchers and continue to move forward together
Over the past three years, the TECNO Security Response Center has brought together over 4,000 registered users from more than 130 different countries. These users have various roles: seasoned security experts, novice security researchers, security enthusiasts, and more. They gather at the TECNO Security Response Center to work towards enhancing the security of TECNO products and services. Let's get to know the representatives of the TECNO Security Response Center's security researchers. Using their knowledge and skills, they join forces with other researchers to safeguard the security of TECNO products and services!
Mohammad Kaif(mkahmad):
A legend who won No.1 in the HOF three times
Mohammad Kaif(mkahmad) from India is a "senior" researcher at the TECNO Security Response Center, having joined us since its inception. Over the past three years, he has made significant contributions to TECNO mobile security and web security. As of now, he has amassed 1,457 basic reputations, ranking first on the hero leaderboard by a wide margin! He contributes to vulnerability discovery and shares his security knowledge and practical experience through interviews, helping novice researchers grow quickly. His blessing for the third anniversary of the TECNO Security Response Center is:
"Wishing you a very happy third anniversary! It’s been three amazing years since I joined the journey with you, and working with the TECNO Security team has always been a great experience. From report triage to addressing queries, it’s been an incredibly rewarding experience. All the credit goes to the exceptional members of the TECNO Security team! Looking ahead, my hope for the TECNO Security Response Center is to expand the program’s scope and introduce more activities centered around new assets. :) "
🏆Recent honors:
➡️2023 · Ranked 1st in the TECNO Security Bug Bounty Program
➡️Got Hall Of Fame in Apple Bug Bounty Program in July 2023
Rashedul:
The security researcher with the most badges
Rashedul from Bangladesh is an old friend of the TECNO Security Response Center. He joined us during the 1st anniversary of TECNO Security Response Center and has now become the second overall on the Hall of Fame. Not only is he a master at discovering vulnerabilities, but he is also an active participant in TECNO security activities. His positivity, hard work, and excellence have earned him 9 security badges, making him one of the most decorated researchers at the TECNO Security Response Center. For the 3rd anniversary of the TECNO Security Response Center, he has some blessings to share with us:
"Hope TECNOSRC will gain more occasional as well as professional security researchers this year, mostly because of their attractive, lucrative campaigns and fun activities. We expect more expert triggers who understand the targets more than external hackers."
🏆Recent honors:
➡️2023 · Ranked 2nd in the TECNO Security Bug Bounty Program
➡️2023 · Ranked 13th in the Worldwide Security Researcher for the Linkedin.com
Dzmitry Lukyanenka:
Guardian of TECNO Device security
Dzmitry Lukyanenka from Belarus is an experienced security researcher with 9 years of bug-hunting experience. Two years ago, he joined the TECNO Security Response Center with great enthusiasm and is currently ranked 9th in the Hall of Fame. He focuses on finding vulnerabilities in Android mobile applications and systems, significantly contributing to the security of TECNO apps and devices. He frequently attends various security summits and has won awards in numerous security competitions, making him a well-rounded researcher. His blessings and expectations for the TECNO Security Response Center are:
"I wish you to have good quality reports with well-written POCs )). I hope you keep improving your program and announce some more interesting challenges and bonuses)). Maybe sometime you will organize the offline event and invite your researchers as Google/Meta does."
🏆Recent honors:
➡️2023 · Ranked 4th in the TECNO Bug Bounty Program
➡️2024 · Ranked 4th in the Meta Bug Bounty Program
➡️Overall Ranking: Ranked 15th in Google Bug Bounty Program
Baskar Mariyappan:
An active and experienced bounty hunter
Baskar Mariyappan from India is a highly active security researcher who has been with the TECNO Security Response Center for just over a year. He specializes in uncovering web vulnerabilities, and his reports have significantly contributed to TECNO's security. He actively offers suggestions for the development of the TECNO Security Response Center and participates in various security conferences and activities, making him a collaborative and expressive security researcher. His wishes and expectations for the TECNO Security Response Center are:
"Congratulations on the 3rd anniversary of the TECNO Security Response Center! The TECNO security team has set a high standard for enhancing security, and I'm honored to be part of this program. I hope TECNO continues to grow as an industry leader, fostering innovation and security, and I look forward to more collaborative opportunities and significant achievements in the future."
🏆Recent honors:
➡️2024 · Ranked 7th in the TECNO Security Bug Bounty Program
➡️2024 · Winner in ISACA 2024 CTF
➡️2023 · Ranked 6th in the OnePlus Bug Bounty Program
Ye Yint Htet:
Diligent Web Security Researcher
Ye Yint Htet from Myanmar is a dedicated security researcher who joined the TECNO Security Response Center in July 2023. In just five months, he earned the honor of being ranked second in the 2023 annual leaderboard. He excels in identifying web security vulnerabilities and has submitted numerous insightful security reports. He is a diligent and committed researcher! For the 3rd anniversary of the TECNO Security Response Center, he said:
"On this remarkable milestone of your 3rd anniversary, may the TECNO Security Response Center continue to thrive and innovate, protecting millions with unwavering dedication. Wishing the TECNO SRC team continued success, strength, and wisdom as you safeguard the digital world. May your efforts always be fruitful, ensuring a more secure future for all."
🏆Recent honors:
➡️2023 · Ranked 9th in the TECNO Security Bug Bounty Program
Leonidas D. Ace:
A Pioneering Security Researcher
Leonidas D. Ace from Bangladesh is an adept security researcher who joined the TECNO Security Response Center in 2022. He has discovered numerous security vulnerabilities in our web services. With strong learning abilities, he actively contributed to the 2024 Security Writers Program, helping other security researchers grow. On the 3rd anniversary of the TECNO Security Response Center, he said:
"As a security platform, the TECNO Security Response Center has good communication. We look forward to seeing a live hacking event organized by the TECNO Security Response Center next year, and it would be great to have some cool swag too."
🏆Recent honors:
➡️Overall Ranking: Ranked 12th in the TECNO Security Bug Bounty Program
➡️2024 Q1 · Ranked 2nd in the Yogosha Bug Bounty Program
