The French government’s digital identity application under Bug Bounty program on YesWeHack
June 13, 2022
Carried out by the French Ministries of the Interior, Justice, Transformation and Public Service and by the State Secretariat for Digital Affairs, the “France Identité” application offers an alternative to photocopies of identity documents, allowing people to send authentic and secure single-use digital identity documents.
In order to guarantee a maximum level of security, the France Identité application will be scrutinised by YesWeHack’s platform researchers. The Bug Bounty program will last throughout the life of the application, allowing a permanent audit of the code by the community. The objective is to improve the security and the level of trust of the infrastructures used by France Identité in the long term.
Continuous security check in three phases
The France Identité Bug Bounty program will take place in three phases:
- A first private phase starting in June 2022 will be held with about thirty ethical hackers selected by YesWeHack and France Identité.
- This private phase will be progressively strengthened with the invitation of new researchers to the program.
- Lastly, the app will move into a public Bug Bounty phase, where the whole community will be able to test the security of the app.
Always with the aim of ensuring transparency, France Identité will gradually open up its code and make it available to as many people as possible, with the same mission of identifying any potential vulnerabilities.
YesWeHack continues to guarantee the security of essential digital assets
YesWeHack is a long-standing partner of government organisations. The platform has notably collaborated with:
- The French Ministry of Defense – Click here to watch a video describing the partnership between the two organisations.
- The Direction interministérielle du numérique, France’s digital transformation agency – Click here to see their public Bug Bounty program.
- Cybermalveillance.gouv.fr, the French platform for prevention and assistance to victims of cyberattacks – Click here to see their public Bug Bounty program.
- The TousAntiCovid project team, for the security of the mobile contact tracing application implemented during the COVID-19 pandemic – Click here to see their public Bug Bounty program.
- The Quebec Ministry of Cyber Security and Digital Affairs – Click here to see their public Bug Bounty program.
Founded in 2015, YesWeHack is a global Bug Bounty & VDP Platform. YesWeHack offers companies an innovative approach to cybersecurity with bug bounty (pay-per-vulnerability discovered), connecting tens of thousands cybersecurity experts (ethical hackers) across 170 countries with organisations to secure their exposed scopes and reporting vulnerabilities in their websites, mobile apps, infrastructure and connected devices. YesWeHack runs private and public programs for hundreds of organisations worldwide in compliance with the strictest European regulations.
In addition to the Bug Bounty platform, YesWeHack also offers support in creating a Vulnerability Disclosure Policy (VDP), a learning platform for ethical hackers called Dojo and a training platform for educational institutions, YesWeHackEDU. For more information: www.yeswehack.com
Media Contact: firstname.lastname@example.org