Identify a security vulnerability within FYERS trading platform or Fyers App and report it to us. Read Terms & Conditions properly before reporting.
The FYERS Bug Bounty Program is open to individuals over the age of 18. Participants must not be residents of countries on India's export control list or countries with which India has trade sanctions. Employees, contractors, and their immediate families of FYERS are not eligible to participate.
This program covers vulnerabilities in the FYERS online trading platform’s website and mobile applications.
Submissions must be done through the Bug Bounty form link at the bottom of this page, including clear steps to reproduce the vulnerability. Vulnerabilities should be new and not previously reported.Participants must not disclose the vulnerability publicly until it is resolved.
Rewards are based on the severity of the vulnerability, determined at the sole discretion of the company.
The below classification will be considered for the same.
Upto ₹1,00,000
Upto ₹50,000
Upto ₹20,000
Upto ₹10,000
Payment will be made in Indian Rupees (INR) to Indian Bank accounts only within 60 days of verification.Participants are responsible for any taxes or fees associated with receiving the reward.Tax deductions as applicable by law would be made at the time of payout. Necessary KYC and Bank details as required would have to be provided. Payouts, once approved will be to the appropriate Bank accounts only. No payouts will be done in cash or kind.
Participants agree to keep the vulnerability confidential until it has been fixed. Any public disclosure of the vulnerability will result in disqualification from the program and potential legal action.The individual(s) shall not name FYERS in any public postings, social media sites, blogs or any other document without the explicit consent of FYERS. FYERS can only be represented as a "Fintech Company". References if required, may be provided by FYERS post mutual discussions only and are not obligatory.
Identity of the Participants shall kept confidential.
Participants must comply with all local, state, and national laws while participating in the program.Unauthorized access to accounts, data theft, or any other illegal activity is strictly prohibited.Any sensitive information, if discovered during this activity, would be fully returned to FYERS and completely erased by the individual(s) from all their devices and may not be shared with anyone else.
The company is not liable for any damages, direct or indirect, that result from participation in this program. By participating, the Participants agree to indemnify and hold the company harmless from any claims or damages arising from their participation in the program.
The company reserves the right to terminate or modify the Bug Bounty Program at any time without notice.Any decision made by the company regarding the eligibility, rewards, or termination is final.
These terms and conditions are governed by the laws of India and Courts of Bengaluru Urban shall have sole jurisdiction over the same.
For any queries or to report vulnerabilities, please contact us at [email protected]
FYERS team reserve the right to refuse any submission for any reason, including but not limited to: the bug being previously reported, not meeting the eligibility criteria, being deemed low-impact or insignificant, Not able to replicate the submission by FYERS team under provided conditions, or if the submission does not comply with the terms and conditions of this bug bounty program. Decisions regarding the validity and rewards of submissions are made at our sole discretion and are final.