2023-11-29 06:58:10
The government promises a reward of 20,000 euros to people who detect critical security flaws on the French Connect and AgentConnect platforms.
Twenty thousand euros. This is the tidy sum promised by the interministerial digital department (Dinum) to anyone who spots critical security flaws in French Connect and AgentConnect
The first is an authentication system that allows French citizens to connect to many public online services (impot.gouv.fr, Ameli…). The second is the identification and authentication system for agents who work within the State civil service.
The event, organized by the website Yeswehack.com, is organized as part of a “bug bounty”, an operation which allows software publishers to correct flaws in their programs by rewarding users who report bugs.
Login with a fake identity
In this context, Dinum intends to rely on these “volunteers” to detect vulnerabilities linked to data exfiltration, identity theft or even the redirection of users to malicious websites.
To carry out this mission, participants will be equipped with tools provided by the agency as well as instructions for testing the potential vulnerabilities of the two government platforms. But to pocket the reward, you will also have to be able to connect to FranceConnect using a false identity.
This is not the first time that the government has called on “ethical hackers” to test the resistance of its online platforms. On May 15, the Ministry of the Interior called on them to test the security of the site MaProcuration.gouv.fr which allows you to pre-fill an electoral proxy request.
Top Articles
1701241676
#hacking #French #Connect #earn #big