Instagram recently announced a new security program aimed at finding third-party apps. The program which was first introduced to Facebook has now been applied to Instagram. The company is looking to find third-party apps that are misusing its data.

This comes just as reports surfaced that a third party company, HYP3R, claimed to be one of Instagram’s marketing partners. The company reportedly stole location data and some other information from many Instagram users. It immediately removed the app  for violating the social network’s terms of service.

Instagram seems to realise that its data can be misused after this incident. This would be nothing new to Facebook as they had to deal with data breach during the Cambridge Analytica scandal. It is surprising that it took them this long to take proactive steps for Instagram. HYP3R even managed to successfully mimic Instagram’s analytics services to hijack high-profile accounts.

Data Thief?

Instagram’s security engineer, Dan Gurfinkel said,

“Our goal is to help protect the information people share on Instagram and encourage security researchers to report potential abuse to us so we can quickly take action.”

Even though it made no announcement of the new bug bounty money , there are speculations that it could be similar to Facebook’s. The bug bounty program has a payout of an average of $1,500 (approximately ₦543,000) for most flaws. However, serious vulnerabilities could earn the researcher as much as $40,000 (approximately ₦14.5 million).

Instagram is also starting a new program called Checkout. The invite-only bug bounty program will test the company’s upcoming shopping features. This is so that researchers can find any vulnerability in the feature even before its release. The shopping feature will let users shop from brands on the app.

Plat4om reported that the Instagram checkout feature rolled out the beta version in the US. However, Instagram is yet to reveal when the full feature will become available to all users.