all-in-one privacy solution":["Proton Unlimited é uma solução única de privacidade"],"Black Friday":["Black Friday"],"No ads. Privacy by default.":["Sem anúncios. Privacidade por padrão."],"People before profits":["Pessoas acima do lucro"],"Security through transparency":["Segurança por meio da transparência"],"The best Proton Mail ${ BLACK_FRIDAY } deals":["As melhores ofertas de ${ BLACK_FRIDAY } do Proton Mail"],"The world’s only community- supported email service":["O único serviço de e-mail do mundo apoiado pela comunidade"]},"specialoffer:limited":{"${ hours } hour":["${ hours } hora","${ hours } horas"],"${ hoursLeft }, ${ minutesLeft } and ${ secondsLeft } left":["${ hoursLeft }, ${ minutesLeft }, e ${ secondsLeft } restantes"],"${ minutes } minute":["${ minutes } minuto","${ minutes } minutos"],"${ seconds } second":["${ seconds } segundo","${ seconds } segundos"],"Limited time offer":["Oferta por tempo limitado"]},"specialoffer:listitem":{"Create multiple addresses":["Crie vários endereços"],"Hide-my-email aliases":["Use aliases do hide-my-email"],"Quickly unsubscribe from newsletters":["Cancele a assinatura de newsletters rapidamente"],"Use your own domain name":["Use seu próprio nome de domínio"]},"specialoffer:logos":{"As featured in":["Destaques"]},"specialoffer:metadescription":{"Get an encrypted email that protects your privacy":["Obtenha um e-mail criptografado que proteja sua privacidade"]},"specialoffer:metatitle":{"Proton Mail Black Friday Sale - Up to 40% off":["Oferta de Black Friday do Proton Mail - Até 40% de desconto"]},"specialoffer:newmetadescription":{"Get up to 40% off Proton Mail subscriptions this Black Friday. Find great deals on our secure end-to-end encrypted email plans.":["Obtenha até 40% de desconto nas assinaturas do Proton Mail nesta Black Friday. Confira ótimas ofertas em nossos planos de e-mail seguro com criptografia de ponta a ponta."]},"specialoffer:newmetatitle":{"Proton Mail Black Friday sale | Up to 40% off secure email":["Oferta de Black Friday do Proton Mail - Até 40% de desconto no e-mail protegido"]},"specialoffer:note":{"* Billed at ${ TOTAL_SUM } for the first year":["* Com o preço de ${ TOTAL_SUM } no primeiro ano"],"*Billed at ${ TOTAL_SUM } for the first 2 years":["*Com o preço de ${ TOTAL_SUM } nos primeiros dois anos"],"30-day money-back guarantee":["Garantia de reembolso de 30 dias"],"Billed at ${ TOTAL_SUM } for the first 2 years":["Com o preço de ${ TOTAL_SUM } nos primeiros dois anos"],"Billed at ${ TOTAL_SUM } for the first year":["Com o preço de ${ TOTAL_SUM } no primeiro ano"],"You save ${ SAVE_SUM }":["Economize ${ SAVE_SUM }"]},"specialoffer:off":{"${ PERCENT_OFF } off":["-${ PERCENT_OFF }"]},"specialoffer:testimonial":{"I love my ProtonMail":["Adoro ProtonMail"],"My favorite email service":["Meu serviço favorito de e-mail"],"Thanks Proton for keeping us all safe in the complicated internet universe.":["Agradecemos ao Proton por nos manter a salvo no complicado universo da internet."],"You get what you pay for. In the case of big tech, if you pay nothing, you get used. I quit using Gmail and switched to @ProtonMail":["Você recebe pelo que paga. No caso das grandes tecnologias, você se acostuma quando não paga nada. Parei de usar o Gmail e troquei para o @ProtonMail"]},"specialoffer:time":{"Days":["Dias"],"Hours":["Horas"],"Min":["Min"]},"specialoffer:title":{"And much more":["E muito mais"],"Safe from trackers":["A salvo de rastreadores"],"Stay organized":["Mantenha tudo organizado"],"Black Friday email deals":["Ofertas de e-mail da Black Friday"],"Don’t just take our word for it":["Não confie apenas em nossa palavra"],"Make your inbox yours":["Deixe sua caixa de entrada do seu jeito"],"Our story":["Nossa história"],"Transfer your data from Google in one click":["Transfira seus dados do Google com um clique"]},"specialoffer:tooltip":{"Access blocked content and browse privately. Includes ${ TOTAL_VPN_SERVERS }+ servers in ${ TOTAL_VPN_COUNTRIES }+ countries, connect up to 10 devices, access worldwide streaming services, malware and ad-blocker, and more.":["Acesse conteúdo bloqueado e navegue com privacidade. Inclui mais de ${ TOTAL_VPN_SERVERS } servidores em mais de ${ TOTAL_VPN_COUNTRIES } países, conexão com até 10 dispositivos, acesso a serviços de streaming do mundo todo, um bloqueador de anúncios e malware e muito mais."],"Easily share your calendar with your family, friends or colleagues, and view external calendars.":["Compartilhe facilmente seus calendários com amigos, familiares ou colegas e visualize calendários externos."],"Includes support for 1 custom email domain, 10 email addresses, 10 hide-my-email aliases, calendar sharing, and more.":["Inclui suporte para 1 domínio de e-mail personalizado, 10 endereços de e-mail, 10 aliases do hide-my-email, compartilhamento de calendário e muito mais."],"Includes support for 3 custom email domains, 15 email addresses, unlimited hide-my-email aliases, calendar sharing, and more.":["Inclui suporte para 3 domínios de e-mail personalizados, 15 endereços de e-mail, aliases ilimitados do hide-my-email, compartilhamento de calendário e muito mais."],"Manage up to 25 calendars, mobile apps, secured with end-to-end encryption, 1-click calendar import from Google, and more.":["Gerencie até 25 calendários, apps para dispositivos móveis, protegidos com criptografia de ponta a ponta, importação de calendário com 1 clique do Google e muito mais."]},"Status Banner":{"At the moment we are experiencing issues with the Proton VPN service":["No momento estamos enfrentando problemas com o serviço Proton VPN"]},"Status banner":{"Learn more":["Saiba mais"],"Please note that at the moment we are experiencing issues with the ${ issues[0] } service.":["No momento, estamos com problemas no serviço ${ issues[0] }."],"We are experiencing issues with one or more services at the moment.":["No momento, estamos com problemas em um ou mais serviços."]},"steps":{"Step":["Etapa"]},"suggestions":{"Suggestions":["Sugestões"]},"Support":{"Sub category":["Subcategoria","Subcategorias"]},"Support article":{"${ readingTime } min":["${ readingTime } min","${ readingTime } min"],"Category":["Categoria","Categorias"],"Didn’t find what you were looking for?":["Não encontrou o que procura?"],"General contact":["Contato geral"],"Get help":["Obter ajuda"],"Legal contact":["Contato jurídico"],"Media contact":["Contato de mídia"],"Partnerships contact":["Contato de parcerias"],"Reading":["Leitura"]},"Support Form Platform option":{"VPN for Android TV":["VPN para Android TV"],"VPN for Apple TV":["VPN para Apple TV"],"VPN for Chromebook":["VPN para Chromebook"]},"Support troubleshooting":{"App version":["Versão do aplicativo"],"Browser":["Navegador"],"Check if this helps":["Confira se isso ajuda"],"Choose a product":["Selecione um produto"],"Did this solve your issue?":["Isso resolveu seu problema?"],"Faster assistance is just a few clicks away":["Assistência mais rápida a apenas alguns cliques de distância"],"How can we help?":["Como podemos ajudar?"],"No, contact support":["Não, entrar em contato com o suporte"],"Please fill out one field after another":["Preencha os campos em sequência"],"Please make your selections":["Faça suas seleções"],"Proton account":["Conta Proton"],"Proton for Business":["Proton for Business"],"Thank you for your feedback":["Agradecemos pelo feedback"],"What can we help with?":["Com o que podemos ajudar?"],"Yes":["Sim"]},"support_modal_search_query":{"Search query":["Consulta de pesquisa"]},"support_search_button":{"Search":["Pesquisar"]},"support_search_i_am_looking_for":{"I'm looking for":["Estou procurando"]},"SupportForm":{"For a faster resolution, please report the issue from the Bridge app: Help > Report a problem.":["Para uma resolução mais rápida, informe o problema no aplicativo Bridge: Ajuda > Comunicar um problema."],"Information":["Informações"]},"SupportForm:option":{"Account Security":["Segurança da conta"],"Contacts":["Contatos"],"Custom email domain":["Domínio de e-mail personalizado"],"Email delivery and Spam":["Entrega de e-mail e spam"],"Encryption":["Criptografia"],"Login and password":["Início de sessão e senha"],"Merge aliases and accounts":["Combinar alias e contas"],"Migrate to Proton":["Migrar para a Proton"],"Notifications":["Notificações"],"Other":["Outros"],"Plans and billing":["Planos e faturamento"],"Proton for Business":["Proton for Business"],"Sign up":["Criar conta"],"Storage":["Armazenamento"],"Users, addresses, and identities":["Usuários, endereços e identidades"]},"SupportForm:optionIntro":{"Select a topic":["Selecione um tópico"]},"Testimonial":{"Awards":["Prêmios"],"Customers":["Clientes"],"Featured":["Em destaque"],"Go to testimonial source":["Ir para a página inicial de depoimentos"],"Open source of award":["Abrir origem do prêmio"],"Open source of quote":["Abrir origem da citação"],"Reviews":["Avaliações"],"Videos":["Vídeos"],"Watch on TikTok":["Assistir no TikTok"],"Watch on YouTube":["Assistir no Youtube"]},"TestimonialCategory":{"Awards":["Prêmios"],"Customers":["Clientes"],"Featured":["Em destaque"],"Media":["Mídia"],"Reviews":["Avaliações"],"Videos":["Vídeos"]},"Text":{"If you need help, check out our ${ supportLink }.":["Se precisar de ajuda, confira nossa ${ supportLink }."],"The page you’re looking for might have been removed, or it could be an\nold link.":["É possível que a página que você está procurando tenha sido removida ou seja um\nlink antigo."],"Your question may already have an answer in our knowledge base:":["Talvez sua pergunta já tenha sido respondida em nossa base de conhecimento:"]},"tooltip_vpn":{"Access blocked content and browse privately. Includes ${ TOTAL_VPN_SERVERS }+ servers in ${ TOTAL_VPN_COUNTRIES }+ countries, highest VPN speed, ${ TOTAL_VPN_CONNECTIONS } VPN connections, worldwide streaming services, malware and ad-blocker, and more.":["Acesse conteúdo bloqueado e navegue com privacidade. Inclui mais de ${ TOTAL_VPN_SERVERS } servidores em mais de ${ TOTAL_VPN_COUNTRIES } países, a maior velocidade de VPN, ${ TOTAL_VPN_CONNECTIONS } conexões VPN, serviços de streaming do mundo todo, bloqueador de anúncios e malware e muito mais."]},"vpn_servers":{"Get Proton VPN Plus":["Obter Proton VPN Plus"]},"wallet_signup_2024:Action":{"Get Proton Wallet":["Obtenha o Proton Wallet"]},"wallet_signup_2024:Homepage hero product link title":{"Wallet":["Wallet"]},"wallet_signup_2024:Homepage product navigation bar":{"Wallet":["Wallet"]},"wallet_signup_2024:menu item":{"Bitcoin guide":["Guia sobre bitcoins"],"Proton Wallet news":["Novidades do Proton Wallet"],"Proton Wallet support":["Suporte do Proton Wallet"]},"wallet_signup_2024:Pricing":{"Includes everything in Proton Unlimited and":["Inclui todos os recursos do Proton Unlimited e"],"Limited availability":["Disponibilidade limitada"],"The easiest way to securely own, send, and receive Bitcoin":["A maneira mais fácil de guardar, enviar e receber bitcoins com segurança"]},"wallet_signup_2024:ProductRange":{"Discover Proton Wallet":["Conheça o Proton Wallet"],"Store and transact Bitcoin privately with an encrypted self-custody wallet.":["Guarde e negocie bitcoins de modo privado usando uma carteira com autocustódia criptografada."]},"wallet_signup_2024:wallet bitcoin":{"Learn about Bitcoin, the Internet's value network.":["Saiba mais sobre bitcoins, a rede de valor da internet."]},"wallet_signup_2024:wallet overview":{"Ensure you're always in control of your Bitcoin.":["Tenha certeza de ter sempre o controle das suas bitcoins."]},"wallet_signup_2024:wallet security":{"The encrypted, open-source wallet that puts you in control.":["A carteira criptografada e de código aberto que coloca você no controle."]}}},"base":"","cdn":{"url":"https://pmecdn.protonweb.com/","enabledForAssets":false,"enabledForImages":true},"unleashApi":"https://account.proton.me/api"};
window.frameworkContext = frameworkContext;
const context = frameworkContext.base === '' ? '' : `${frameworkContext.base}/`;
window.__toAssetUrl = (filename) => {
if (frameworkContext.cdn !== undefined && frameworkContext.cdn.enabledForAssets === true) {
return `${frameworkContext.cdn.url}${context}${filename}`;
} else {
return `/${context}${filename}`;
}
};
})();
The Proton community trusts our services to keep their information safe. We take that trust seriously, which is why we’re dedicated to working with the security research community to identify, verify, and resolve potential vulnerabilities.
If you’re a security researcher, you can help make Proton services safer, get recognized as a security contributor, and potentially earn a reward. And you’ll be a part of building a better internet where privacy is the default.
Bug bounty program scope and rules
Before you submit a vulnerability to the Proton Bug Bounty Program, you should read the following documents:
Our vulnerability disclosure policy describes the program’s accepted testing methods.
Our safe harbor policy explains what tests and actions are protected from liability when you report vulnerabilities to the Proton Bug Bounty Program
We explain which vulnerabilities qualify for our bug bounty program and how they are judged in greater detail below.
You can submit vulnerability reports by email at security@proton.me. You can submit reports using plaintext, rich text, or HTML.
If you don’t use Proton Mail, we encourage you to encrypt your submissions using our PGP public key.
Judging
Our bug bounty adjudication panel consists of Proton Security and Engineering team members. This panel makes all final decisions regarding bounty awards, and participants must agree to respect the final decision made by the judges. The judges take into consideration the following factors:
The severity of the submission and how it may impact the scope, confidentiality, integrity, or availability of our services.
Whether human interaction or device privileges are required.
The quality of the submission: We prefer proof of concepts that include code or pseudocode that clearly demonstrate the vulnerability being reported.
The likelihood of the scenario reported being used in an exploit.
Whether the scenario was previously reported or publicly known. Only the first submission of a vulnerability will be considered for a bounty award.
Software security industry standards and best practices.
Qualifying vulnerabilities
Any design or implementation issue that substantially affects the confidentiality or integrity of user data will likely be considered within our bug bounty program’s scope. This includes, but is not limited to:
Web applications
Cross-site scripting
Cross-site request forgery
Mixed-content scripts
Authentication or authorization flaws
Server-side code execution bugs
REST API vulnerabilities
Server
SMTP exploits (open relays, etc.)
Unauthorized shell access
Unauthorized API access
Privilege escalation
Mobile
Authentication or authorization flaws
Server-side code execution bugs
Mobile local data security breach (without rooting)
Qualifying improvements
Sometimes we award bounties for suggestions that don’t fall into any of the listed categories. This is determined on a case-by-case basis and is completely at the discretion of our bug bounty adjudication panel. These improvements can include:
Mail or web server configuration improvements
Firewall configurations
Improved DoS and DDoS safeguards
Path and information disclosures
Proton Mail blog or support page issues (such as unpatched WordPress or plugin vulnerabilities)
Non-qualifying vulnerabilities
Flaws impacting out-of-date browsers
Security issues outside the scope of Proton Mail’s mission
Phishing or social engineering attacks
Bugs requiring exceedingly unlikely user interactions
WordPress bugs (but please report those to WordPress)
Out of date software (for a variety of reasons, we do not always run the most recent software versions, but we do run software that is fully patched)
Reward amounts
We reward security research that stays within the guidelines of the program. The size of the bounty we pay is determined on a case-by-case basis by our bug bounty adjudication panel. The amount they award is largely guided by the severity of the issue reported.
Maximum bounty: $10,000
Minor server and web app vulnerabilities that do not compromise user data: $50
Low severity vulnerabilities that leak Personal information such as IP address: $50
Moderate severity vulnerabilities that may result in disclosure of personal secrets $200
Vulnerabilities that can lead to data corruption: $200
Vulnerabilities that can lead to the disclosure of encrypted user data: $1,000+
Questions?
Questions regarding this policy may be sent to security@proton.me. Proton encourages security researchers to contact us for clarification on any element of this policy.
Please contact us if you are unsure if a specific test method is inconsistent with or unaddressed by this policy before you begin testing. We also invite security researchers to contact us with suggestions for improving this policy.