We are thrilled our efforts to make mobile voting a reality are sparking an engaged conversation around the nation’s first mobile voting pilot in a federal election.
In our three years as a company, more than 75,000 votes have been cast on our platform, and we’ve administered more than 30 pilot elections. With each election we’ve learned something new, and we will continue to take the time necessary to ensure that the voting process is secure for voters.
As with the implementation of all new election technologies, the implementation of mobile voting will be a process. It is not something that can, nor that we want to, happen overnight.
We applaud the State of West Virginia for leading the charge in making voting more convenient for military personnel, their families, and for citizens living overseas. We are proud to be their partner. The initial pilot, conducted earlier this year, was met with enthusiasm and gratitude by those serving abroad. We are excited to continue learning and growing the platform to enable more overseas citizens to vote with greater convenience.
Given the engaged conversation, we wanted to address a number of technical questions that we’ve been asked, which are outlined below:
What specific blockchain technology does Voatz use?
The Voatz ‘permissioned’ blockchain is built using the HyperLedger blockchain framework first created by IBM, now supported by the Linux foundation. This type of blockchain is distinctly different than permissionless blockchain frameworks, like Bitcoin. In order to participate in the permissioned blockchain, a voter or auditor must first be verified. In the general election pilot, eight verified validating nodes will be used, split evenly between AWS and Microsoft Azure, each of which are geographically distributed. We believe that the initial rollout of a blockchain based election technology benefits greatly from using such a permissioned approach as it can more accurately emulate how elections are administered presently in the US.
Has this been vetted by independent 3rd party auditors?
Yes. Following the first West Virginia pilot, multiple independent technology firms were engaged to vet the Voatz system. A reputable pen-testing company was engaged to conduct penetration testing on the system. Security Innovation was engaged to inspect the source code of the Voatz smartphone application for both iOS and Android. A public HackerOne program has been engaged to continuously analyze and test the implementation of the blockchain network and the mobile applications.
Additionally, tools provided by Comodo/HackerGuardian and Qualys SSL labs were used to conduct vulnerability scans and SSL testing.
Has Voatz run pilots before? Have they all been successful?
Yes. To date, Voatz has conducted more than 30 successful pilots that range from state party conventions to student government elections. In the largest election, more than 15,000 votes were cast. The purpose of all the Voatz pilots is to learn, to improve and to deliver on stakeholder expectations. We experienced an instance of an on-premise election in Utah where we were unsuccessful in meeting the needs of the client. We were unable to support the large numbers of voters who simultaneously attempted to download the app and become verified within a short 30-minute period before voting started. While the Voatz team was disappointed with the outcome of the Utah pilot, it was a valuable learning experience that we have used to make changes and improvements to our system, which have been integrated into subsequent pilots.
How is privacy preserved in a blockchain infrastructure?
Blockchain technology, when used for financial transactions like Bitcoin, cannot be totally anonymous, rendering the term “pseudonymous”. However, when used in voting with the Voatz application, the identity of the voter is doubly anonymized: first by the smartphone, and second by the blockchain server network.
If a user’s phone or mobile network is compromised, is their vote compromised as well?
The Voatz platform goes to significant lengths to prevent a vote from being submitted if a device is compromised. Only certain classes of smartphones that are equipped with the latest security features are allowed to be used. Detecting a compromised mobile network is particularly challenging for a mobile application, which is why ensuring end-to-end vote encryption and vetting the certificates represented by unique IDs stored on the smartphone, are two of the approaches we use to mitigate a compromised mobile network.
How can votes stored on the blockchain be audited?
In the West Virginia pilot, a paper ballot is printed for each mobile ballot submitted on the blockchain, then tabulated like a normal absentee ballot. This ballot contains information that can be used in an audit to ensure that every vote cast from a smartphone was counted exactly once, and counted correctly. For the general election, a real-time voter-verified paper trail will be generated, which will allow the state to conduct a post-election audit.
Did Voatz hire a Russian operative?
No. In 2015 a Harvard student of Russian origin was brought on as a summer intern to work on a project involving financial APIs for potential financial use cases. The intern’s engagement ended immediately thereafter and has had no further involvement in the development of the platform.
It was reported that Github/Mongo DB credentials were posted online and easy to find. Is this true?
No. The information being referenced is sample test code (based on an open source example) and has nothing to do with our currently deployed system.