Our riders trust us to transport both them and their data safely. Spin’s Security Team is constantly working to improve the security of our applications, infrastructure, and processes. We happily collaborate with the greater security community to achieve this goal.
Spin openly invites researchers to assess the security of our applications and services. We welcome reports through our bug bounty program and responsible disclosure form. Please review our guidelines below prior to conducting any research.
If these guidelines prevent you from fully testing an issue, or you need clarification on what is allowed, please email firstname.lastname@example.org.
Spin operates a private bug bounty program on Bugcrowd. We aim to open the program to more researchers over time, and eventually to make it public. Bugcrowd automatically invites active researchers to our program, so you can join by participating in other public programs and building a positive reputation on the platform.
If you are not part of our bug bounty program, you may report an issue using the form below. These reports are not eligible for reward. We may invite you to re-submit a report to our bug bounty program for reward if the issue is of high severity, or if you have demonstrated expertise in one of our focus areas: internet of things (IoT) security, vehicle security, wireless security, and similar. We do not accept requests to join our bug bounty program.