Bug Bounties

Aktia

Powered by: 

Allows bounty splitting: 

Average time to first program response: 10

Average time to bounty awarded null: 

Average time to report resolved: 131

Handle aktia

Managed program: true

Name: Aktia

Offers bounties: false

Offers swag: false

Response efficiency percentage: 100

Submission state: open

Url: https://hackerone.com/aktia

Website: http://www.aktia.fi

In scope:

  • Asset identifier: *.aktia.fi
  • Asset type: URL
  • Availability requirement: high
  • Confidentiality requirement: high
  • Eligible for bounty: 
  • Eligible for submissions: true
  • Instruction: See scope/program info for more definitive information.
  • Integrity requirements: high
  • Max severity: critical



  • Asset identifier: app.aktia.fi
  • Asset type: URL
  • Availability requirement: 
  • Confidentiality requirement: 
  • Eligible for bounty: 
  • Eligible for submissions: true
  • Instruction: 
  • Integrity requirements: 
  • Max severity: critical



  • Asset identifier: auth.aktia.fi
  • Asset type: URL
  • Availability requirement: high
  • Confidentiality requirement: high
  • Eligible for bounty: 
  • Eligible for submissions: true
  • Instruction: Authentication service for netbank
  • Integrity requirements: high
  • Max severity: critical



  • Asset identifier: ebank.aktia.fi
  • Asset type: URL
  • Availability requirement: high
  • Confidentiality requirement: high
  • Eligible for bounty: 
  • Eligible for submissions: true
  • Instruction: Netbank environment. Authentication flow goes thru auth.aktia.fi
  • Integrity requirements: high
  • Max severity: critical



  • Asset identifier: ftn.aktia.fi
  • Asset type: URL
  • Availability requirement: 
  • Confidentiality requirement: 
  • Eligible for bounty: 
  • Eligible for submissions: true
  • Instruction: Finnish Trust Network endpoint. [Finnish Trust Network OIDC spec](https://www.kyberturvallisuuskeskus.fi/sites/default/files/media/regulation/ftn_oidc_profile_v1.0_ficora_rec_213_2018_s.pdf)
  • Integrity requirements: 
  • Max severity: critical



  • Asset identifier: impakti.fi
  • Asset type: URL
  • Availability requirement: 
  • Confidentiality requirement: 
  • Eligible for bounty: 
  • Eligible for submissions: true
  • Instruction: 
  • Integrity requirements: 
  • Max severity: critical



  • Asset identifier: mobile-auth.aktia.fi
  • Asset type: URL
  • Availability requirement: high
  • Confidentiality requirement: high
  • Eligible for bounty: 
  • Eligible for submissions: true
  • Instruction: Mobile applications authentication endpoint.
  • Integrity requirements: high
  • Max severity: critical



  • Asset identifier: mobile-gateway.aktia.fi
  • Asset type: URL
  • Availability requirement: high
  • Confidentiality requirement: high
  • Eligible for bounty: 
  • Eligible for submissions: true
  • Instruction: Mobile applications endpoint.
  • Integrity requirements: high
  • Max severity: critical



  • Asset identifier: varainhoito.aktia.fi
  • Asset type: URL
  • Availability requirement: 
  • Confidentiality requirement: 
  • Eligible for bounty: 
  • Eligible for submissions: true
  • Instruction: 
  • Integrity requirements: 
  • Max severity: critical



  • Asset identifier: wealth-api.aktia.fi
  • Asset type: URL
  • Availability requirement: 
  • Confidentiality requirement: 
  • Eligible for bounty: 
  • Eligible for submissions: true
  • Instruction: 
  • Integrity requirements: 
  • Max severity: critical



  • Asset identifier: www.aktia.com
  • Asset type: URL
  • Availability requirement: high
  • Confidentiality requirement: high
  • Eligible for bounty: 
  • Eligible for submissions: true
  • Instruction: 
  • Integrity requirements: high
  • Max severity: critical



  • Asset identifier: www.aktia.fi
  • Asset type: URL
  • Availability requirement: medium
  • Confidentiality requirement: high
  • Eligible for bounty: 
  • Eligible for submissions: true
  • Instruction: Public website
  • Integrity requirements: high
  • Max severity: critical