Google has extended its bounty payouts to researchers who spot security issues in some of its web applications, following a number of successes with its Chromium rewards programme.
The company said that the initiative hopes to mirror the reports Google has been receiving from external security researchers.
"We've seen a sustained increase in the number of high-quality reports from researchers, and their combined efforts are contributing to a more secure Chromium browser for millions of users," said the Google Security Team in a blog post.
"Today, we are announcing an experimental new vulnerability reward programme that applies to Google web properties.
"As well as enabling us to thank regular contributors in a new way, we hope it will attract new researchers and the types of reports that help make our users safer."
Researchers are asked to provide information on security problems in Google search pages, YouTube, Blogger and Orkut.
This means that some applications, most notably Android, Picasa and Google Desktop, will not be included. Google said that it may expand the programme in the future.
Google explained that it is difficult to provide a list of vulnerability discoveries that will be rewarded, but that "any serious bug which directly affects the confidentiality or integrity of user data" will meet its criteria.
"We anticipate that most rewards will be in bug categories such as XSS, XSRF/CSRF, XSSI, bypassing authorisation controls (e.g. User A can access User B's private data) and server-side code execution or command injection," the firm said.
However, Google has a definite list of vulnerability discoveries that will not be rewarded, including attacks against its own infrastructure, social engineering and physical attacks, denial-of-service, SEO black hat techniques or bugs in technology the company has only recently acquired.
Google also warned researchers against testing on accounts that were not their own or had been set up specifically for testing.
Rewards start at $500 (£310) but can go as high as $3,133 (£1,960). Benevolent researchers can anonymously donate to charity, and Google will match any such donations.
BT wants to make the public switched telephone network history within eight years
Personal data being purloined by third parties via Facebook Login API
MacOS and iOS are better off apart, says CEO Tim Cook
Or they'll no longer be entitled to updates and bug patches