Addressing some frequently asked questions (FAQs) about our pilot programs
Can mobile voting eliminate the current election system’s vulnerabilities?
Current election systems are vulnerable and we have the technology solutions to make it more secure.
It has been well established by the Federal government, state governments, and the private sector cybersecurity community that the technology used in current elections is outdated and insecure. Our existing systems are easy to hack and rely on outdated voting machines to properly record and store ballot selections. It is necessary to invest in new technology that makes voting more convenient, more secure, and less complicated - mobile voting accomplishes all of these goals, while providing an auditable paper trail to radically improve the auditability and transparency of our voting system. Our election system needs to be overhauled, and we have the technology solutions to make it happen.
How do we know mobile voting is safe?
Pilots have shown that mobile voting works and is safe.
Security is an iterative process with multiple checks and balances to ensure integrity and risk reduction.
Tusk Philanthropies has piloted mobile voting using the Voatz app in the statewide Primary and General elections in West Virginia and Denver’s Municipal and Run-off elections. All the pilots targeted service members serving overseas who were unable to cast ballots in person.
In West Virginia’s 2018 General Election, 144 voters registered in 24 countries voted using their smartphones. Denver’s May 2019 municipal election saw 120 voters from 36 countries vote using the mobile app. Post-election audits from both elections showed that no votes were intercepted or changed and that no voter data was compromised. West Virginia intends to continue offering mobile voting to overseas military voters in future elections, and Denver’s voter turnout doubled -- compared to 2015 -- due to the availability of a mobile voting option.
Beyond the audits conducted by the West Virginia Secretary of State’s office and Denver Elections Division, independent security organizations have evaluated the security of mobile voting using Voatz. After a comprehensive assessment of the app, one outside examiner told the New Yorker, “Voatz demonstrated having well-designed security architecture.” The National Cybersecurity Center (NCC), which conducted a public, independent, third-party audit of the Denver municipal and run-off elections, concluded that the pilot was a success as no auditors reported issues with the tabulation or recording of ballots.
How do we guarantee that only eligible individuals cast a ballot?
Only eligible voters can cast a ballot.
The Voatz app, which was used in the West Virginia and Denver pilots, includes a three-step authentication process. The authentication process verifies the voter is who they say they are through identification, confirms with jurisdiction that they are eligible to vote using the state’s voter registration database, and then binds their identity to the smartphone, leveraging biometric information for identity confirmation.
First, the voter scans their driver’s license or passport into the system. Next, they take a facial liveliness video (a “selfie” video) and then, use their smartphone’s fingerprint reader or Face ID to bind their phone to their individual voting profile. After the voter goes through these steps, the Voatz app matches the “selfie” to the picture on the voter’s passport or driver’s license and confirms their eligibility to vote against the state’s voter registration database. A prospective voter whose photos and selfies do not match or who is not registered to vote will be unable to cast a ballot on the app.
What happens if the voter’s smartphone is hacked?
Our piloted interface protects votes against smartphone vulnerabilities.
Only smartphones that support the necessary security requirements can download and run the Voatz mobile voting app. Someone whose phone does not support biometric authentication or is not running the latest version of the device’s operating system will not be able to use the mobile voting platform. For smartphones that meet the security requirements, there are detection procedures in place. If an operating system has been tampered with, “jailbroken,” or compromised in any other way, the Voatz app will not run. These steps ensure that smartphones cannot be hacked and that the votes cast on those phones cannot be changed or tampered with. Additionally, anti-malware technologies are embedded in the application to identify any malicious processes running on a voter’s smartphone.
Are voters at-risk to having their anonymity compromised by using mobile voting?
Mobile voting helps voters preserve their anonymity.
Mobile voting is a fix to the lack of privacy already seen in the current absentee voting process. Current absentee voting practices allow for a voter’s identity to be easily discerned by election officials. Furthermore, overseas voters, such as active-duty military personnel, often submit their ballots via unsecured and unencrypted email channels. Mobile voting adds extra security features to the process and protects the anonymity of voters.
In the cases of West Virginia and Denver, the vendor, Voatz, encrypted the necessary information, tied the voter to their phone via their fingerprint, and then deleted all identifying information (photo and license or passport image) from the device and servers. This process ensures that no identifying information is stored, while making it simple for voters to log back in to the app.
Are blockchain apps the only way to make mobile voting a reality?
Blockchain apps might not be the long-term future of mobile voting.
While blockchain has been an important component of platforms used in our pilots, Tusk Philanthropies is exploring other technologies that meet or exceed the security, accuracy, auditability, and transparency of the blockchain. Our ultimate goal is to provide the best available option(s) for voters to securely, anonymously, and easily receive and transmit their ballots using their smartphones.
Why should we trust mobile voting apps like Voatz?
Partnerships ensure the integrity of mobile voting apps.
Critics of mobile voting suggest that using smartphone apps to cast a ballot gives too much responsibility to the developers of those apps as opposed to the election officials, who are tasked with running the elections. Partnerships between app companies and those in charge of elections ensure digital ballots show up correctly on people’s phones, votes are properly counted, and potential hacks are protected against. In our pilots, testing the app beforehand and auditing the results after elections has led to no votes being compromised or intercepted.
How is double voting prevented? Could someone mail-in a ballot or go vote in person but also use a mobile voting app to submit another ballot?
Because mobile voting is one of many voting channels that a voter can use to submit a ballot, jurisdictions will control ballot submissions in the same manner as other channels such as mail-in ballots.
Was the West Virginia mobile voting pilot hacked?
No, the West Virginia mobile voting pilot was not hacked. There was an alleged attempt by University of Michigan students to break into the Voatz app during the 2018 mobile voting pilot, but the Voatz system worked as designed and the attempt was immediately detected, thwarted and reported to the authorities. The FBI is currently investigating.