Online elections with POLYAS online voting systems CORE 2.2.3 and POLYAS CORE 3.0 are both secure and maintain ballot secrecy. By using various authentication procedures, voters can login and vote in all POLYAS systems - verifying their eligibility to vote whilst maintaining ballot secrecy.
POLYAS offers different options for secure voter authentication. As election organizer, you can choose the authentication method which best suits your electoral regulations and voters.
The default method of voter authentication at POLYAS occurs using a unique voter-ID and password. Voter-IDs can be, for example, a membership number, a birthdate or an email address. The password is an individual, one-time-valid string of characters which is automatically produced by POLYAS using complex security algorithms.
Authentication procedure in POLYAS CORE 2.2.3
The online voting system POLYAS 2.2.3 offers users various options for secure authentication. All procedures ensure eligible voters can participate in the election only once. To maintain ballot secrecy, a token (anonymous and untraceable back to individual voter identity) is generated for each voter when logging into the system.
Technical process of authentication in POLYAS CORE 2.2.3
When someone logs into the online voting system POLYAS CORE 2.2.3, the electoral roll registers the query and checks the user’s eligibility to vote. If the user is eligible to vote, the electoral roll requests a token from the validator. This token is generated by the system and isn't seen by voters. The token anonymizes the voter’s identity in order to maintain ballot secrecy.
Once successfully authenticated, the eligible voter is forwarded to the online ballot. Here the casting of votes only occurs through the token - any possible person-identifying data points are not forwarded to the online ballot. When completed ballots are submitted to the digital ballot box, the token is not saved. Once the final vote has been cast the validator deletes the token and the eligible voter is ticked off the list in the electoral roll to prevent them from submitting multiple votes. This is how ballot secrecy is maintained.
Authentication methods in overview
1. Login using voter-ID and password
Eligible voters log into the system using their voter-ID and one-time-valid password. Login data can be distributed to voters in different ways:
- sent via email*
- sent via post
- sent to the election organizer in generic table format (.xls, .csv) to be forwarded to voters
2. Use of SecureLink
Here, login to the POLYAS online voting system occurs through your intranet or the protected member area of your website. Eligible voters can log into the intranet with their usual access data and upon successful login simply be forwarded to the POLYAS online voting system with one more click. Using SecureLink as the authentication method, any personal voter data stays with the election organizer with POLYAS receiving only an anonymized electoral roll.
3. Use of a registration portal
This procedure is often used by universities that use a LDAP-address directory. Eligible voters can simply login with their usual access data from the intranet and don’t need any additional login details to access the online voting system. Just like with SecureLink, only an anonymized electoral roll is passed on to POLYAS when using a registration portal.
Authentication in POLYAS CORE 3.0
Authentication in POLYAS CORE 3.0 is presently achieved with a voter-ID and password. The passwords are generated by default by POLYAS. An Open Source Tool is used here so that you can check the password generation process ran appropriately. Moreover, this allows you to ensure that you - the election organizer - are in possession of all passwords in plaintext form.
The Open Source Tool produces two files: one file contains the passwords for eligible voters which you can receive by a method of your choice (via email or post). The second file contains hashed passwords and the public key for eligible voters, which is uploaded to the POLYAS online voting system. After the election, the public key can be used in combination with a verification tool to check the election results.
When an eligible voter logs into the POLYAS CORE 3.0 online voting system with a voter-ID and password, a private key and a hashed password are generated in their client from the password. The private key serves as a signature on the voters’ submitted ballot. The hashed password is used to authenticate eligible voters and check their voting rights. Eligible voters are only forward to the online ballot when the hashed password in the electoral roll and the hashed password generated at login correspond to one another. When a voter submits their vote, the ballot is encrypted and signed in the browser. This means that ballots are always transported and submitted to the POLYAS ballot box in encrypted form.
Protection against ballot stuffing
Because hashed passwords are only made available to POLYAS, only correctly authenticated eligible voters can cast votes in the POLYAS CORE 3.0 online voting system. Unauthorized parties are unable to generate properly signed ballots to be added to the ballot box. The ballot signature is also checked again by the election server before being saved in the digital ballot box. This is how we prevent ballot stuffing.
POLYAS-tip: POLYAS system security as well as ballot secrecy are protected at all times with every authentication procedure. Learn more about system security at POLYAS
Highest level of security for your online election
No matter which authentication method or POLYAS voting system you decide on using, the secrecy of the ballot and data protection are maintained at all times. Moreover, online elections with POLYAS only allow voters to cast their vote once. You can rest assured that your election will be run in accordance with the highest security and privacy standards, and comply with fundamental democratic principles, on both CORE 2.2.3 and CORE 3.0.
Deciding which authentication method is right for you depends on the provisions of your electoral regulations and the needs of your voters.
*your organization's electoral regulations or the laws governing your institution make provisions for the delivery of election login details. Thus, please check to make sure distribution by email is legally valid.