Security Bounty | BlueSnap

Who's conducting your payments? Learn more in The Sound of Seamless Payments: Global Payment Orchestration. Access the Whitepaper


Security Bounty

BlueSnap Security Bounty Program

BlueSnap works vigilantly to help keep our customers’ data secure. We recognize the important role that security researchers and our user community play towards that goal, and for that, we created a bounty program.

If you believe you have found a security vulnerability on BlueSnap, we encourage you to let us know right away via the email address below. We will investigate all legitimate reports and do our best to quickly mitigate the vulnerability.

E-mail us at

We determine bounty eligibility at our sole discretion based on a variety of factors, including (but not limited to) impact, risk, data exposure, ease of exploitation, and quality of the report. Our bounty awards vary by the classification of the issue. We typically pay:

  • No award for Low Severity issues
  • $100 for Medium
  • $250 for High
  • $500+ for Critical

In the event of duplicate reports, we award a bounty to the first person to submit an issue meeting the eligibility requirements. Note that vulnerabilities reported in 3rd party systems/services are not eligible under our bug bounty program although we encourage you to report them.


Rules For You:

  • Don’t maliciously attempt to leverage the reported vulnerability
  • Don’t perform any attack that could harm the reliability/integrity of our services or data
  • Don’t publicly disclose a security vulnerability before it has been fixed
  • You cannot be a BlueSnap employee or a contractor employed by BlueSnap

Rules for Us:

  • We will respond as quickly as possible to your submission
  • We will pay the eligible bounty upon validation of the vulnerability by our security team
  • We will keep you updated as we work to mitigate the vulnerability you submitted


The following sites and applications are in scope for the bounty program:

We reserve the right to modify or terminate this program and will publish notices to that effect on our website.


Interested in learning more?