Big structural challenges face e-voting in the U.S.
An Atlantic Council report explores the challenges of online and mobile device-based voting.
WHAT: "Online Voting: Rewards and Risks," a report by the Atlantic Council in collaboration with McAfee that explores the challenges associated with online and mobile device-based voting.
WHY: A trustworthy, secure online voting system could increase voter participation and reduce the cost of elections. For instance, Estonia introduced a computer-based voting system in 2005 that uses two-factor authentication linked to a secure identity card. But it's not easy to translate a system that works in a country of fewer than 1 million voters to the United States, where elections are conducted at the local level and the idea of a national ID card is unpopular.
Encryption and stringent user authentication can be used effectively for financial transactions, but voting presents special challenges because of the need to keep the ballots secret. That means the kind of audit trail that allows consumers to correct unauthorized financial transactions cannot help officials recover from a hacked vote.
"Once fraud has occurred in a vote, you can prosecute the perpetrator ... but you can't fix the ballots because you don't know how those votes actually occurred," said Kent Landfield, director of standards and technology policy at McAfee, during a panel discussion about the report. "That in and of itself can be a corrupting factor."
Jim Langevin (D-R.I.) said another problem is that the officials who would have to sign off on e-voting systems would likely lack the technical ability to understand key requirements, including end-to-end verifiability to "allow auditors to confirm ballots have been counted correctly without relying on the integrity of those doing the counting." Langevin said there is a "real risk that [policymakers] will come to view different e-voting systems as Coke versus Pepsi -- slightly different versions of the same thing -- when the security of the competitors may be wildly different."
VERBATIM: "For the digital generation, unsupervised polling via mobile devices may be the 'killer app' of e-voting. For that to become a reality, device security will still need to be strengthened. Biometrics (such as fingerprint scanning) and two-factor authentication (such as when a bank requires a customer to enter both a password and a code sent to his or her mobile phone) could help solve these issues."
FULL REPORT: Click here.