The figure, up from the $6.5 million the company paid in 2019, is the company's largest prize pool paid to security researchers to date. Most of last year's bug prizes were awarded in the Chrome VRP (Vulnerabilities Rewards Program), which handed out more than $2.1 million to security researchers for 300 bugs identified in Google's flagship browser. Another major VRP was the company's Android programs. Google said it gave out $1.74 million for bugs discovered in the Android OS code and another $270,000 in the Google Play VRP for bugs found in the Play Store's most popular and widely used Android apps. Among the Android VRP's main highlights last year, Google listed the following: