Mastercard Public Bug Bounty

Mastercard operates the world’s fastest payments processing network, connecting consumers, financial institutions, merchants, governments and businesses in more than 210 countries and territories.

  • $50 – $5,000 per vulnerability
  • Partial safe harbor
Submit report

New Targets added

We hope your testing is going well. Here is an update that should make things a bit more interesting!

There have been some recent changes/updates to Public Targets (In-scope) on the Mastercard Public Bug Bounty program. We highly recommend you take a look at this additional attack surface – which hopefully means more vulnerabilities! Here is what’s new:

Name Description Change
Finicity Connect API Testing Added
Finicity- Data Services API Testing Added
Finicity Decisioning API Testing Added

As always, please see the program brief for the full details around testing.

Get out there and lay claim to those bugs!

Konrad-Bugcrowd
Konrad-Bugcrowd