This Google video – The Story of Send – explains it all:
We’ve already seen why it pays to test products in-the-wild, but it also pays being one of those in-the-wild testers. Sure, working on an internal QA team draws a salary – but don’t think that just because you aren’t in a testing lab you can’t be raking in the dough. Take a look at these big companies making some major payouts to everyday testers.
Facebook created its own, sleek credit card for its “White Hat Bug Bounty Program.” The program allows Facebook to reward people outside the company for finding major security bugs. From CNet:
Facebook launched its bug bounty program in July, following in the steps of Mozilla and Google. The minimum a researcher can make for reporting a bug that is eventually confirmed is $500, and there is no maximum. Researchers have to follow Facebook’s Responsible Disclosure Policy and not go public with the vulnerability information until the hole has been fixed.
The most Facebook has paid out for one bug report is $5,000, and it has done that several times, according to McGeehan. Payments have been made to 81 researchers, he said.