Westend61 GmbH / Alamy

United Airline’s new program offers free miles to those who can find security glitches on the brand’s apps and websites.

May 18, 2015

United Airlines is giving MileagePlus members the chance to live out their hacker dreams by offering a reward for finding security lapses. The airline’s new Bug Bounty Program invites independent researchers to dig into their websites and apps to find glitches that might cause a poor customer experience—or worse, personal information theft. What’s in it for you? Up to 1 million free miles.

Unfortunately, this doesn’t mean you can turn in your slow in-flight Wi-Fi complaints for these miles. United has a few specific situations they’re looking to identify (mapped out here).

The number of miles you receive depends on the severity of the security lapse. Achieve remote code execution—accessing and making changes to someone else’s device from a different geographic location—and you’ll take home 1 million miles. Other miles-worthy glitches include cross-site scripting (50,000 miles) and authentication bypasses (250,000 miles).

Read the fine print before celebrating your bug find—rewards will only be given to the first person to find each specific glitch. For more information and a full list of the rules, head on over to United’s website.

Erika Owen is the Audience Engagement Editor at Travel + Leisure. Follow her on Twitter and Instagram at @erikaraeowen.

You May Like