Insecure technology is regularly cited as barrier to the use of online voting systems, in particular when casting your vote through your mobile phone, rather than putting your cross on a piece of paper and putting in a box at the polling station or mail box. At the same time those detractors trust the same mobile technology to place stock trades, initiate high value payments and more recently accessing their health records.
In February 2011, NIST identified three key barriers to the use of remote electronic voting technology – security of personal devices, remote authentication of voters and auditability of electronic voting systems. Over the last few months, Consult Hyperion has analysed how mobile phone technology has changed since NIST published their report, with a view to assessing how today’s mobile phone technology can deliver against NIST’s requirements.
The project stimulated a lot of debate both internally and with external interviewees many of whom are responsible for the operation of state and federal voting systems. Personally, the debates reminded me of the hours spent discussing mobile banking and payments with the payment brands, large banks, and mobile phone companies around 15 years ago.
For this reason, I am excited that Lishoy and Steve have agreed to publish their findings in the attached whitepaper. We believe that the advancements in mobile and ledger technology over the last 10 years, combined with effective risk management and secure development best practices, means that it is now possible to build mobile voting systems that satisfy the security and privacy requirements of such systems, reducing risk to an acceptable level whilst providing convenient and accessible access to voting, for those that today are often left out.
Just perhaps the current detractors are really concerned that the change in voting technology will impact their ability to be re-elected.