You are using an outdated browser. Please upgrade your browser to improve your experience. X

Report a Security or Privacy Vulnerability

TFX's Bug Bounty Policy applies to security vulnerabilities found within TFX's public-facing online environment.


The purpose of the Policy is to establish the rules for review, evaluation, application, and verification of system updates to mitigate vulnerabilities in the IT environment and the risks associated with them. If you believe you have discovered a security or privacy vulnerability in TFX, please report it to us.

Disabling Cookies

You can prevent the setting of cookies by adjusting the settings on your browser (see your browser Help for how to do this). Be aware that disabling cookies will affect the functionality of this and many other websites that you visit. Disabling cookies will usually result in also disabling certain functionality and features of the this site. Therefore it is recommended that you do not disable cookies.

Bounty Eligibility

Any security researcher is required not to take any destructive action that could result in user data being compromised.
If you suspect that such a vulnerability exists, please submit the form below.

Program Rules

Fees are paid for original reports only. In case of a duplicate, we will inform you when the first report was registered.

Ineligible Reports:

  • Everything that is not under our control (third-party services)
  • Everything that requires physical access to device or network
  • Everything that requires outdated versions of software or hardware
  • Social engineering, phishing etc.
  • Recommendations and best practices, as long as there is no specific exploit

How to Report Security or Privacy Vulnerabilities?