Idea for new voting system...thoughts

Using technology to increase voting numbers, increase the speed, but also ensure that it is safe.

By utilizing security methods of blockchain, mixed with two form factor authentication, encryption, something you know method (password-phrase-pin), mixed with other methods.

Basically, my thought for making voting more secure is this:

Signing Up / What if locked out / forgot password:

  1. Voter registers with their local government for online voting.

    The staff then goes online to the federal and state approved election vendor to input the data.

  2. They receive a randomized nine digit snail-mailed PIN. (Like your bank card pin)

  3. Then they receive an email, with their username and initial password.

    Username will not be something to remember. More like randomized generated user ID
    Example: JR12345678 (First letter of their first name and last name with random eight digits behind it. Making it ten characters.
    Password will be something that much be changed every 90 days, or before an election.
    Must be 10 or more characters
    Must include at least one upper and one lower letter
    Must include at least two numbers
    Must include at least two special characters (!@#$%^&*)
    During password resets / changes, the voter will not be able to reuse past 12 passwords
    Lockout if tried more than five times incorrectly
    Five unique questions and answers to unlock.
    If you get locked out, you have to wait 15 minutes, then 60 minutes, then five hours, then have to request manual reset, by calling to verify your information.
    When performing password login, change, reset, or forgot password, you MUST have that nine digit pin that was snail-mailed to you.
    Enter two-form factor unique ID
    Google Authentication
    MicroSoft Authenticate
    or similar

Sounds like a lot, but it will ensure a few methods… Something you know, something you have, something you are, etc.

How to log in - to vote:

**Preferred method would to use a cell phone, with iris and/or fingerprint locking technology. **

  1. Log into the website or mobile app.
  2. Enter your randomized username.
  3. Enter your password.
  4. Enter your randomized snail-mailed pin.
  5. Enter your drivers license number.
  6. Verify via pictures captcha pictures.

Then just like any other online poll, you vote as you desire.

Then the information is actively saved after every function. In case of internet outage, phone call, power outage, etc.

The voters have the ability to return after their interruption at where they left off.

Once submitted, the results will be instantly updated at the national / state / local levels (pending the election purpose).

At the end of your voting, before you click Submit. You have two review steps…

  1. Review all your choices, without the hassle. Literally it will just show the voting topic, and your selection.

  2. After you approve that first review, you will get a second time to review once more, but have to verify your information by entering your PIN.

How the voting log in and results are submitted / verified:

By utilizing BlockChain methods and Ransomware encryption methods, each local, county, state, and federal voting precinct will be the authenticator that randomly checks/verified the data, automatically.

What about hackers?

Naturally, any system that is connected to the internet, is possible to be hacked. Even the current election system has potential for hackers to over turn results, etc. However, having all these checks and balances in the system, using 256bit encryption or greater, such as those famous Ransomware virus’s, mixed with BitCoin BlockChain methods, then combine that with randomized username, difficult passwords, authenticator, and snail mailed pin, the chances at breaking into the system are next to nothing. But nothing is 100%, except death and taxes. So, they say.

What if it is election day and I cant get into my account?

Naturally, there will be federal, state, and local election poll workers, to “man” the phones. As well as having the Department of Elections approved vendor support staff assisting the poll workers.

How do you make sure that you are indeed the voter and not someone else?
By using all these checks and balances, maybe add photo of voters drivers license and “selfie” to verify vote presence, during voting. Unless the previous systems are fair enough to please administrations.

What are your thoughts?

Shoot, this is in the wrong section. Please move over to the Cyber Security section. My apologizes.

The above is a solution looking for a problem !

Ok so I have a UK perspective, but, here you go to a polling station on a Thursday and vote using a pen and piece of paper, if you can’t make it, you can also register for a postal vote.

You have already been identified to the authorities who send you a “card” which you take when you vote, which demonstrates your eligibility to vote.

Seriously if you can’t get the above to work what hope is there !

Though obviously it will go to electronic voting in the future and I will be looked upon as a dinosaur :blush:

Have you been reading/seeing the news in the USA? Apparently (depending who you talk to) the walk in voting is terribly broken and we must fall back on “lack of custody chain” mail in voting for everyone. Some say this is fine and secure, some point out ways it is being manipulated. The truth is probably somewhere in the middle, but who knows anymore. This is bordering on politics, so as far as I will go, if I’ve stepped over a line, please delete.

As far as computer based voting, there have been problems in the USA with this as well. The only good method is to have some sort of computer read paper form. That way if there is an issue (and when isn’t there an issue), they have a stack of paper that can be checked by real humans. Kind of an imposing task on big elections where there are a lot of offices to fill and a lot of resolutions to pass, but still a back up that can be archived and reviewed. I guess that makes me old school.

Electronic voting not a good idea.

1 Like

Those guys are university lecturers in the UK, they’ve got good vids especially on encryption.