FAQs about online voting

You'll receive your access data to the online voting system and the link to your online election via email. The email will be sent by POLYAS. When you log-in to our voting system you'll be guided through the voting procedure in five easy steps.

Watch this video about how online voting with POLYAS works!

You'll receive your access data via email before the election period starts. If you haven't yet received an email, check your spam folder - sometimes it can end up here. Remember to keep in mind that the email is from POLYAS - not the institution holding the election.

If you still can't find your access data, contact your election officer who can then send it to you again. 

You don't need special internet skills to voting online with POLYAS. This is because our system is created to be intuitive to use. The online voting system operates like a website, so if you know how to navigate a website, then you'll be more than comfortable voting online with POLYAS.

Once logged into our voting system with your access data, you'll be guided through the process of casting your vote in five easy steps.  

You don't need special software to cast your vote online. Access to the internet and an email account is all you need to vote online with POLYAS.

POLYAS voting software (version CORE 2.2.3) was the first online voting software to be certified under Common Criteria Standards by the German Federal Office for Information Security in March 2016. The protection profile for secure online voting products conforms to the highest security standards upheld in fair and free elections. You can therefore rest assured that elections with POLYAS safe and secure.

Read more about the certified online voting software POLYAS CORE 2.2.3.

Yes, the secrecy of the ballot is protected in online elections with POLYAS.

After logging into the online voting system, an anonymous token is generated by your access data. As you cast your vote using this token, your identifying access data won't be transferred with it to the digital ballot box. After casting your vote, your token will be deleted and the electoral roll will be notified that no new token can be generated for this access data.

That's how the electoral roll knows that you took part in the election without knowing how you voted. The digital ballot box knows that the ballot paper has been filled out but cannot know who filled it out. The only person who knows how you voted is you, ensuring the secrecy of the ballot is maintained.

After logging into the online voting system our server will want to place cookies on your computer. This “session cookie” doesn't include any personal data and won't be evaluated by us - it's only there to help you to cast your vote. The cookie enables us to guarantee that you can vote online with every operating system and browser. The second you close your browser, the cookie will be automatically deleted.

We ask that you allow cookies so that you can benefit from the highest level of security while voting online. The alternative to this would be using a session-ID which can be read by third parties. The use of cookies therefore helps us to ensure the secrecy of the ballot is maintained. 

Our experienced voting experts are happy to help you.

Please contact us Monday to Friday from 9 am to 5 pm (CET) on +1 (800) 601 9052 - or request an online offer. We're here to make online elections a reality for you!

No external software is required to use POLYAS. POLYAS works as a purely Internet-based application.

The voter only needs an Internet connection and an email account. Online voting works regardless of the operating system (Windows, MAC OS, Linux) and regardless of the browser (Firefox, Safari, etc.) or the device used (PC, tablet or smartphone): online voting is available to anyone, anywhere.

Furthermore, the election manager can easily set up an online election without additional software. You can create ballots, the electoral roll and additional information for the election within the space of 10 minutes. Click here to see how online voting works with POLYAS.

To conduct your first online election with POLYAS, all you need is a free account with us.

You'll then have the following options once in the POLYAS Configurator:

• Create your ballot online, with practical templates for various elections
• Select the number of available votes on the ballot, according to your electoral code
• Upload the electoral roll as an Excel-file
• Test your online election with up to five test voters
• Select the election period and decide when your voters should receive their polling cards
• Seal the election 
• During the election: view voter turnout in real time
• After the election: download the election results as a PDF-file

Test POLYAS for free now in your first online election!

The high level of user-friendliness of POLYAS' Onling Voting system makes it very easy for even inexperienced Internet users to vote online. Voting is carried out in five steps - at every step we have included easy-to-understand explanations and help texts to make the voting experience as simple as possible.

Read more about the features of POLYAS Online Voting.

Eligible voters receive an email containing their login details as well as the Internet address through which they can access the online voting system. The data is retrieved automatically on the election system's website and anonymized after voters have entered their login details.

The digital ballot paper is then displayed and the voter can cast his or her vote with the click of a mouse. The completed ballot will appear again for confirmation before the vote is officially cast.

Click here to see how online voting works from the perspective of the election organizer.

In POLYAS' online voting system, voters login to the election system using two credentials: a voter ID and a one-time password.

Whilst the voter ID is taken directly from the electoral roll, the password is created automatically through secure algorithms. When logging into the online voting system, a token is generated from the voter ID to create a one-time password which ensures that voters remain anonymous.

The electoral roll then recognizes that the person took part in the election, however because of the spatial and systemic separation of the electoral roll and the ballot box, how individual voters have voted is untraceable. This ensures that the secrecy of the ballot is maintained and democratic electoral principles are upheld.

Read more about secure authentication.

POLYAS authenticates voters based on multiple identification elements.

A frequently used method of identification utilizes a voter ID and a password: the voter is approved by combining a personal identification number, for example a membership or employee number, and a password generated by the system which is known only to the individual voter.

Click here for more information about the high standard of security at POLYAS.

The voter logs on with the ID and password combination.

The voter can log into the online voting system with the ID and password combination any number of times - but can only cast one valid vote. The vote requires that the voter has a token. Once the vote has been cast the token is deleted - thus preventing voters from casting unauthorized additional votes.

You can log on to the online voting system, search for the voter’s credentials in the electoral roll, and send them again via email. The login details of the voter are generated automatically according to certain security algorithms and cannot, for security reasons, be created manually later. Therefore, it's not possible to send voters a new password.

For security reasons, the components of POLYAS' online voting system are stored in various German data centers. We also make regular back-ups of the elections to ensure a permanent, safe and secure vote.

After you have created and configured your election, the election is "sealed" by the system. Once an election is sealed, all security parameters are activated and the data is distributed to the ballot box, the electoral roll, the validator and the election administrator. These sub-systems are each protected individually and only communicate through encryption.

Once an election is "sealed" it is backed up and can no longer be edited.

No, now only users who conduct their election with our support team can create more than one ballot for an election.

Yes, but only to individual voters. It's not possible to send all emails again. 

The ballot box gets a clear, unique checksum (64-figure hexadecimal number). If any changes are made to the file, the checksum changes. The checksum can be verified with a verification tool.

Learn more about verification at POLYAS!

Our experienced voting experts are happy to help you.

Please contact us Monday to Friday from 9 am to 5 pm (CET) on +1 (800) 601 9052 - or request an online offer. We're here to make online elections a reality for you!

The online voting software used by POLYAS was certified by the German Federal Office for Information Security (BSI) based on the “Common Criteria protection profile for basis security requirements of online voting products (BSI-CC-PP-0037 Version 1.0, April 18, 2008)". The publicly available document about security requirements includes measures which ensure a secure online election. 

We have established appropriate safety measures with our hosting partner, for example with regards to redundant hard disks, backups, fire safety, access control and interruption-free power supply.

More about POLYAS system architecture. 

The block checksum is used to avoid tampering with votes in the ballot box. Each 30 votes creates a block. The votes are arranged randomly so that the time when each vote was cast cannot be deduced. Through the block a SHA-256-checksum is created. The checksum will be entered into the electoral roll. Starting with the second block, the previous checksum will be included. If a vote is tampered with, the block checksum and all following checksums will not match.

Read more about verifying the election result!

The host checks every 30 minutes if more votes have been cast in an election. As soon as this is the case, a backup of the whole election system is created and copied to another data center. 

Yes, the electoral roll and votes already in the ballot box are on separate servers at POLYAS. This way we ensure that democratic electoral principles are upheld and the secrecy of the ballot is protected.

Read more about the secrecy of the ballot at POLYAS!

Yes. Voting is done through an encrypted connection (HTTPS). For this, POLYAS uses a SSL-server-certificate by D-Trust GmbH.

No. POLYAS works with reliable hosting partners like 1&1, Hetzner or myLoc. In addition, we plan to host our servers with the Bundesdruckerei/ D-Trust, which have the highest security level in Germany. However, all the servers used by us are operated in Germany. 

Yes. The web server, which makes the application available, is reached via internet and is placed behind a firewall in a DMZ (demilitarized zone = network with secured technical controlled access to the connected computers) and is therefore protected against attacks from the internet. 

Yes, but not in the voting system, but rather in the webserver situated off it which sends the sign-in-page to the browser of the voter. 

First of all, POLYAS stops so-called Brute-Force-attacks by limiting the number of tries per time unit and IP-address of the client.

Moreover, POLYAS' online voting system has a 24/7-monitoring and alert system, which contacts POLYAS employees via SMS. We identify security breaches in the system through regular hacker tests (penetration tests) and security audits - any breach results in the system shutting down. 

Our experienced voting experts are happy to help you.

Please contact us Monday to Friday from 9 am to 5 pm (CET) on +1 (800) 601 9052 - or request an online offer. We're here to make online elections a reality for you!

Address, name, email address, membership number or the login name, which is used by the voter in the intranet of the election organizer, is processed in an online election. 

When creating your election, you can choose to include authentication via SecureLink. No personal data is used to log on to the voting system. In addition, no personal data is saved in the electoral roll. It's also possible that the client runs the electoral roll themselves to avoid the risk of personal data being saved by third parties.

Learn more about secure authentication with SecureLink! 

No, by using the SecureLink authentication with anonymized user-IDs (e.g. a mapping-table on the website of the election organizer can be used), no personal data is used to log on to the online voting system. Furthermore, no personal data is saved in the electoral roll.

Learn how authentication using SecureLink works!

Get information about intranet-connection via SecureLink from our election experts!

Yes > if personal data of your voters is saved at POLYAS.

No > if you as the election organizer operate the electoral roll yourself or if a SecureLink authentication with an anonymized ID is used.

If you as our client wish to sign a data processing agreement then we are obliged to do so.

Let our voting experts advise you now! 

Yes, get in contact with out election experts to receive a sample data processing agreement.

Contact our election experts in Berlin now!

A claim can only arise if you as election organizer signed a data processing agreement with us. 

No, the data is given to the election organizer in the form of an “election archive” at the end of the election. 

Yes, because POLYAS works with personal data, we are obliged to have a data protection officer according to §38 BDSG-new (German Federal Data Protection Law - new) and §37 EU General Data Protection Regulation (GDPR).

POLYAS' data protection officer is:

Simone Rosenthal, ISiCO Datenschutz GmbH, Am Hamburger Bahnhof 4, 10557 Berlin, Germany

Our experienced voting experts are happy to help you.

Please contact us Monday to Friday from 9 am to 5 pm (CET) on +1 (800) 601 9052 - or request an online offer. We're here to make online elections a reality for you!