In April 2018, following the Cambridge Analytica scandal, Facebook announced the launch of a bug bounty program focusing on the misuse of private information. The social media giant has been offering between $500 and tens of thousands of dollars for reports of apps that collect and transfer personal data.
This program has now been expanded to include Instagram in an effort to encourage security researchers to report potential cases of abuse. Facebook says reports will be rewarded based on impact and quality.
As for the invite-only program for Checkout, Facebook has reached out to researchers who had previously sent in high quality reports to its bug bounty program.