Pocketbook aims to keep its services safe for everyone, and security is of utmost priority. If you are a security researcher and have discovered a security vulnerability in our service, we appreciate your help in disclosing it to us in a responsible manner. A ‘responsible manner’ means within 5 days of initial discovery of the vulnerability following the instructions below.
Please contact us by sending an email to firstname.lastname@example.org if you have identified a potential security vulnerability with one of our services. After your incident report is received, the appropriate personnel will contact you to follow-up.
To ensure confidentiality, you should encrypt any sensitive information you send to us via e-mail. We are equipped to receive messages using PGP encryption. A copy of the certificate that can be used to send encrypted email can be downloaded below.
The email@example.com email address is intended ONLY for the purposes of reporting security vulnerabilities or security inquiries relating to the service. Should you have any general technical or customer support inquiries about the Service, please visit our Help Centre or email us at firstname.lastname@example.org.
The scope of this Responsible Disclosure Policy extends to any applications or website owned by Pocketbook, including but not limited to:
In order for your submission to be eligible:
All legitimate reports will be reviewed and assessed by Pocketbook to determine if it is eligible.
A monetary reward may be offered at our discretion.
If you have any questions or concerns – please get in touch with us at email@example.com and we’ll be happy to help.