Skip to content
This repository has been archived by the owner on Nov 16, 2022. It is now read-only.

start prepaying HackerOne #671

Closed
chadwhitacre opened this issue Jun 15, 2016 · 4 comments
Closed

start prepaying HackerOne #671

chadwhitacre opened this issue Jun 15, 2016 · 4 comments
Labels
Accounting Security

Comments

@chadwhitacre
Copy link
Contributor

HackerOne has changed their terms of service (#665 (comment)). Now that they offer per-bounty card charges (#653 (comment)), they are requiring prepayment otherwise. From their new terms announcement:

HackerOne has added the bounty prepayment requirement (unless paying with a credit card on a recurring basis).
@chadwhitacre
Copy link
Contributor Author

I don't see an obvious way to do this in their UI. I'm going to let this sit for now and deal with it next time we have a bounty to pay out.

@chadwhitacre
Copy link
Contributor Author

https://gratipay.freshdesk.com/helpdesk/tickets/5241

HackerOne Billing Update - Action Requested

Hi Gratipay,

We are streamlining our bounty payment process to help you reward hackers even faster!

This means starting Monday, August 1, 2016, security teams will need to have a credit card on file with HackerOne OR make a bounty prepayment to be able to award bounties. We see the highest output from hackers when they are rewarded quickly -- this change will get your rewards out even faster. If you do not have a credit card on file or have not made a bounty prepayment, please update your account no later than August 1, 2016 to ensure we can continue to process the bounties you award.

Please take a few moments to update your account, with a bounty prepayment or credit card, by following the below steps if you have not done so already.

Two Ways to Pay Bounties:

1. Pay Bounties with a Credit Card

You can now pay your bounties with a credit card on file with HackerOne. Your credit card will be charged each time you award a bounty for an amount equal to bounty award plus the HackerOne fee, eliminating the monthly invoice process and monthly manual payments. You can view the detailed transactions at Settings > Billing. As long as the credit card is on file, it will be the default way for HackerOne to charge for bounties.

Setting Up Credit Card Payments

  1. Enter your credit card information in HackerOne under Settings > Credit Card.
  2. HackerOne automatically charges the card each time you award a bounty for an amount equal to the bounty award plus HackerOne’s standard processing fee. Once the charge is successful, your award is processed for payment. Your credit card statement will reflect the charge as “HackerOne bnty #xxxx” (where xxxx is the report ID)
  3. If for any reason your credit card payment is not successfully processed, an automated email will be sent to your admin user and you will receive a notification on the platform.
  4. Credit card bounty payments will only be processed for reports that are rewarded after you enter your billing information. Customers who choose to switch to use a credit card will receive one last invoice to cover any bounties awarded before your credit card information was received.

You can always update your credit card on file with HackerOne under Settings > Credit Card.

2. Pay Bounties with Prepayments

Fund your bounty account on HackerOne with a prepayment equivalent to 2-3 months’ worth of projected bounty spending. Easily monitor your bounty account balance with weekly emails from HackerOne. In case you close your program before the prepayment funds are used up, we will return the balance within 30 days.

Setting up bounty prepayments

  1. To get started, email [email protected] with your program name and the amount you would like to add to your bounty account. An invoice will be sent out within 2 business days to your team’s Accounts Payable contact on file and you will be copied.
  2. Once payment is received, the balance will be reflected at Settings > Billings.
  3. The balance will be debited each time you award a bounty for an amount equal to the bounty award plus HackerOne’s standard processing fee.
  4. The balance will be credited each time we receive a payment from you.
  5. Add to your account balance as needed to avoid program interruptions.

Teams will not be able to award bounties once your bounty account balance reaches zero, or the remaining balance is less than the bounty you want to award. Need to award a bounty and the bounty account balance is less than the bounty amount you want to award? You can always enter a credit card in Settings > Credit Card to resume immediate awarding of bounties.

Thank you for your help streamlining bounty payments for hackers. For any questions or feedback, please reply back to this email.

Thank you,
Finance team at HackerOne

This was referenced Jul 6, 2016
Closed
Closed
@gratipay-bot gratipay-bot mentioned this issue Jul 17, 2016
Closed
@chadwhitacre
Copy link
Contributor Author

This is a reminder that starting Monday, August 1, 2016, security teams will need to have a credit card on file with HackerOne OR make a bounty prepayment to be able to award bounties. Your team will not be able to award bounties if a credit card or bounty prepayment is not received by August 1, 2016. Please read on for details.

https://gratipay.freshdesk.com/helpdesk/tickets/5328

@gratipay-bot gratipay-bot mentioned this issue Jul 24, 2016
Closed
@gratipay-bot gratipay-bot mentioned this issue Jul 31, 2016
Closed
@chadwhitacre
Copy link
Contributor Author

I went ahead and put our credit card on file at HackerOne. Yes, the amounts are low, but they seem to be absorbing the per-transaction costs.

This was referenced Aug 7, 2016
Closed
Closed
@gratipay-bot gratipay-bot mentioned this issue Aug 21, 2016
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
Accounting Security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@chadwhitacre