Our solution is so secure, we’ll pay a bounty if you crack it

Keeping your emails secure is so important to us that we will pay you to report vulnerabilities.

We’re so sure of our product that we are offering up to $15,000 to anyone who can copy a Scailer database that contains email messages with attachments and read the contents on another PC.

No other email company would dare post such a bounty. But no other email company provides the safety, security and convenience of Scailer.

With encrypted email messages that remain on your PC -- not some server -- our application is engineered for high security and user convenience, whether for business or personal use. You won’t get that from Outlook, Apple Mail or most other email providers.

Among Scailer’s security concepts:

  • OAuth2 protocol for authorization (two factor-authentication and does not store passwords);
  • Highest level of encryption security, using SSL or the more modern TLS.
  • Local, encrypted email files and attachments (cannot be copied to another PC or opened by any Scailer iteration but yours); and
  • No third-party server connections.

Scailer’s modern code base overcomes security flaws that remain in some legacy email clients.

For example, a bug in MS Outlook allows supposedly S/MIME-encrypted emails to be read without the recipient’s private key. Read more

iPhones have an Apple Mail app vulnerability that allows hackers to install malware even if the user doesn’t open the message. Read more

Our bounty program

Scailer is designed in accordance with the latest security standards and practices. But technology changes and hacking becomes more sophisticated.

We need your help keeping Scailer at the vanguard of elite, secure email clients, so we want you to find vulnerabilities. And we’ll pay you $1,000 to $15,000 if we confirm your report.

  • $1,000 (up to) -- minor vulnerability
  • $10,000 (up to) -- critical vulnerability
  • $15,000 (up to) -- copy single database that contains email messages with attachments and read its content on another PC.

Note: The full clone of a hard drive or the cloning or hacking of operating system components are considered OS vulnerabilities and are not included in the bounty, because the OS vendor is responsible for those issues.

To apply for a reward, email support@scailer.com with the subject line “Detected vulnerability in Scailer.” Please outline exactly the steps we should use to reproduce the vulnerability. Our QA team will review and classify your report.