London-based Stink Studios has designed Bug Hunters, a new Google-based platform for security researchers.
The programme – previously known as the Vulnerability Reward Program (VRP) – allows security researchers to report bugs in Google platforms for financial reward.
Since VRP’s creation ten years ago, over 11,000 bugs have been reported and almost $30,000 million (£21.5 million) has been handed out to around 2,000 researchers worldwide.
Stink Studios worked closely with the researchers themselves in the rebrand of the platform, according to the studio’s group managing director James Britton.
“Bug Hunters is so far removed from VRP in terms of it feeling a lot more fun and a bit more playful, so we wanted to check that they were comfortable with that,” Britton adds.
“The objective was to create something that would elevate more of the social aspects of what these guys do,” he adds. It also aims to give a visual representation of a field that is laiden with abstract concepts, according to Britton.
Features like community profiles and a leadership board aim to introduce a sense of community among the researchers, Britton explains.
While the team was keen to incorporate playful touches, the platform “still had to be credible”, he adds. “It is a very sophiticated thing that these guys do,” Britton adds. “We had to be sure we weren’t undermining the process in any way.”
Stink Studios has designed a generative system which visualises bugs once they have been caught. These range from cookies that keep working after logout to phishing by navigation browser tabs.
The visuals depend on a few criteria, such as the severity of the bug and which products it has been reported on. These have become “badges of honours” that users can attach to their profiles, Britton says.
From Google T-Rex to Hackers
Bug hunters report issues in Google products and services and then submit them into the Bug Hunters platform. This process has been streamlined for experienced researchers, explains Stink Studios design director Viv Greywoode.
Meanwhile, “clear signposting and subtle design elements” have been introduced to help new adopters get accustomed to the platform, he adds.
The platform’s icons have also been updated. These reference a mix of Google in-jokes and internet culture, Greywoode explains.
There is a T-Rex badge – awarded after researchers submit a vulnerability to the platform – based on the Dinosaur Game, a browser game that plays when Google Chrome is offline.
Other visual references include characters from 1995 crime film Hackers and the glider emblem, a proposed logo for the hacker community, according to Greywoode.
The redesigned logo (in the above animation) is inspired by the head-up display used by fighter pilots, the designer explains.
To ensure the platform was as secure as possible, Greywoode explains that the studio enlisted help from the research community to test and research the platform before its launch.