Bug Bounty Programm

Ready for more cybersecurity

We, Swisscom Ltd and our affiliated companies (hereinafter "Swisscom") aim to design and operate our products and services according to the highest security standards to keep our customers safe. To this end, we are continually improving our security on multiple levels. We are aware that, despite all efforts, absolute security is impossible, and we cannot completely rule out the existence of security bugs. The purpose of the Swisscom Vulnerability Disclosure Policy and Bug Bounty Programme is to support the reporting of potential vulnerabilities in our systems by external parties. Customers, users, researchers, partners and any other parties who interact with Swisscom's products and services are encouraged to report identified vulnerabilities to our security team under observance of our Responsible Disclosure Policy(opens in new tab). Moreover, we invite both private individuals and legal entities to participate in our Bug Bounty Programme(opens in new tab) in accordance with the Programme Rules(opens in new tab). Bounties may be awarded for reporting qualifying and in-scope vulnerabilities

"Special situations require special measures when it comes to security, protection and risk awareness.”

Marco Wyrsch
Head of Group Security

Participation in the Bug Bounty Programme

To take part in our Bug Bounty Programme, please register and submit your report directly on our portal(opens in new tab).

To report a security vulnerability to Swisscom or for any other enquiries regarding the Bug Bounty Programme, please contact us by e-mail:

Swisscom acknowledges the value of contributions from the security researcher community and highly appreciates the efforts made by the reporting party. We thank you in advance for your contribution!