Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Edge Articles

10/28/2019
04:20 PM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

Is Voting by Mobile App a Better Security Option or Just 'A Bad Idea'?

Security experts say voting by app adds another level of risk, as mobile-voting pilots expand for overseas military and voters with disabilities.

{CONTINUED FROM PAGE 1}

How the Voatz App's Security Works
But supporters of mobile voting say at least some of the vendors have been building in security. The Voatz app, for example, scans for vulnerabilities and signs of compromise or vulnerability up front: If the Voatz app discovers that the smartphone has been compromised, it won't allow the user to vote, the company says. If the app passes the security tests via Voatz and third-party tools provided via the app, it then authenticates the voter on their phone using either a fingerprint or facial recognition.

Next, the voter scans their government ID – typically a driver's license or passport – and takes a video selfie for further authentication. He or she then touches the fingerprint reader on the phone to verify the smartphone is in the hands of the voter. The Voatz app matches the selfie with the picture on the voter's ID and confirms whether they are eligible to vote by checking registration information.

Voters can use their own additional factor of authentication, such as their Apple Watch, Google Authenticator, and Yubikey. But most users still rely on SMS or email as the additional authentication factor, according to Voatz co-founder and CEO Nimit Sawhney.

Voatz uses a 32-node blockchain infrastructure across Amazon AWS and Microsoft Azure, each hosting 16 of the nodes across the US. Cloudflare is among several companies that provides distributed denial-of-service defense services, and Voatz says the system employs certificate pinning, end-to-end encryption, and multifactor authentication for the infrastructure nodes. Encryption of the voting information in transit is TLS 1.2 and AES-256-GCM, and sensitive data stored on backend systems and nodes also gets encrypted. 

Each ballot cast also generates a paper ballot as backup. "It's marked and put in a digital lockbox protected by blockchain, and [election officials] unlock it on election day, print it out on ballot paper, and scan it into a tabulator," explains Sawhney.

At least two officials have encryption keys to the voting information via Voatz's admin portal, from where they also download the PDF with all ballots marked, and voters get a digital "receipt" of their vote. Election officials can use the paper ballots with the digital ones to perform post-election audits, he says.

More Work to Do
But Sawhney, as well as security experts who have studied mobile-voting technology, consider mobile-voting security still a work in progress. "We're excited more jurisdictions are willing to take a leap of faith and try out our system," Sawhney says.

So far, Voatz has been used for some 53 elections, including non-governmental ones in universities and nonprofits. The app also has undergone some third-party scrutiny: ShiftState recently delivered to Tusk its recommendations for how to run future mobile-voting programs securely, after evaluating the Voatz app and process as well as some other mobile-voting vendors, including Democracy Live and SmartMatic. (Voatz was the first voting app Tusk has worked with.) ShiftState's Truppi says his team will help Tusk create software requirements, possibly some type of open audit process, to scrutinize the technologies, including blockchain, and to determine where and how to include open source technology for voting.

"It's not about whether existing technologies are good enough: [It's] how is the future of elections actually going to be able to run [securely]?" he says.

Truppi's team found areas of the mobile-voting app and platform security that could be improved as well, which he would not reveal publicly. Tusk has chosen a third-party code auditing firm, which will perform an assessment of the software. Voatz, meanwhile, also recently added a bug bounty program via HackerOne.

Truppi says he's a realist in that he knows all software has vulnerabilities. He applauds the level of authentication and verification in Voatz.

"Your bank is not doing nearly the [same] level of authentication and verification of users" in its mobile apps, he says. Some of those use only two-factor authentication or just username and password, while Voatz uses various layers — driver's license, username/password, token, and facial recognition. "With all of those [factors], I think their authentication is very solid," he says.

Denial-of-service (DoS) attacks are a legitimate risk with mobile voting, he notes. "Tusk and our team have been looking at backup methods" for an infrastructure failure in the event of a DoS attack on the mobile-voting system, Truppi says. 

As for the blockchain piece of the process, he says that's less of a worry, security-wise. It's just one component of the voting process, he notes, which also includes the identity, verification, and validation security steps. "Blockchain in this case is for the particular app it was built for: to distribute the database so it's harder to attack remotely ... and it also has cryptographic proof of auditing every transaction."

The main security risk, Truppi notes, is at the interface with the election jurisdiction, he says, where the ballot gets printed, with a hash or encrypted key on top, and then gets stored there and ultimately scanned into ES&S ballot scanning systems. Then the process is out of Voatz's hands.

{STORY CONTINUES ON PAGE 3}

Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Previous
2 of 3
Next
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
   OVER THE EDGE
Building Cybersecurity Strategies in Sub-Saharan Africa

Filmed for Dark Reading News Desk at Black Hat Virtual.

LAURA TICH: We have that imbalance, where the big organizations are more protected, where the smaller ones -- which are the most common businesses in the region -- they are least protected... Sometimes they do get the tools, they do get the funding to buy some critical tools, but there's a lack of skills to handle or people who understand how to work those tools. So there are a lot of factors that contribute to our growth -- or lack thereof -- in the cybersecurity industry.

 

Name That Toon: Tough Times, Tough Measures
Latest Comment: Wear a mask, please!
Flash Poll