TrueLayer/TrueLayer/Detail
Detail Updates Leaderboard
sort by
Last published
Bonuses for valid API findings throughout January 2025!
1/2/2025, 2:18:00 PM (2 months ago)

Happy New Year from the TrueLayer security team!

Starting from 2nd January 2025 14:00:00 GMT to 31st January 2025 23:59:59 GMT we will be awarding bonuses for the following:

  1. The first person to report a valid finding on api.truelayer-sandbox.com will get an extra 50% bonus on top of the bounty amount
  2. The second person to report a valid finding on api.truelayer-sandbox.com will get an extra 30% bonus on top of the bounty amount
  3. Everyone else who reports a valid finding on api.truelayer-sandbox.com will get an extra 20% bonus on top of the bounty amount

Note that you must use our sandbox API for testing purposes, which allows you to test making payments using fake money so no bank accounts are required. The sandbox environment closely matches our production environment, but we will review submissions to make sure they are reproducible in our production environment. In the unlikely event that the issue only affects sandbox we will still consider your report to be valid but the severity of the issue may be limited.

For help getting started with using our API, please see our quickstart guides. We have Insomnia and Postman collections available to make testing easier. These tools can be configured to proxy requests through Burp Suite to make it easy to manipulate API requests. You may also wish to look at our various client libraries (we have .NET, Java, PHP and more) to see how we expect our customers to integrate with our APIs.

Happy hunting! 🤑

Kind regards,
The TrueLayer security team

Bounty increase!
3/19/2024, 2:45:37 PM (12 months ago)

Hi hackers

We bring you good news - we've once again increased the amount we pay out for bounties!

This is the second major increase since our program launched, and it represents an increase of ~44% of the average bounty amount. The increase applies to assets in all tiers. We now pay up to €6000, the maximum applicable to an exceptional issue affecting a tier 1 asset.

Please check out our program scope as it may have changed since you last looked at it. We're looking forward to your submissions :)

Kind regards,
The TrueLayer security team