If you discover some security vulnerabilities we will be very glad, if you first send us a description on bug+qiwi@sendtips.ru.

Currently, we don't provide a bounty program, but if that program will be established in the future we will provide some reward for pre-program reports too.