Swiss Post, maker of an e-voting system used by several municipalities in Switzerland, is launching a public penetration test against its product. They are encouraging people to find and exploit vulnerabilities in their systems, and they will pay successful hackers cash rewards for finding various problems. They have also released their system’s source code for everyone to examine.
Swiss Post’s campaign is an example of a bug bounty program. Bug bounty programs usually offer prizes to participants who identify bugs in public-facing data systems. Numerous bug bounty programs are currently active around the globe. They can help an organization find security vulnerabilities safely before malevolent hackers find the same problems and exploit them.
Cash prizes for Swiss Post’s program range from 100 Swiss francs (CHF) for identifying ways to make the site more efficient to 50,000 CHF for manipulating votes without detection. Rather than restrict testing to their own developers, Swiss Post has wisely chosen to open the vulnerability testing to the worldwide community. Moreover, it has even given the community complete access to the system’s source code so outside investigators can probe for problems having full knowledge of how the system is supposed to work, just as if they were on Swiss Post’s development team.
The stakes associated with the security of e-voting systems are incredibly high. Compromises against such systems, even if only alleged, threaten people’s faith in democratic institutions. Consider, for example, the continued anxiety over the extent of Russian election meddling in the 2016 US presidential election. Twelve Russians have been charged with hacking into the email system of the Democratic National Committee, stealing voting records, and planning to break into voter software. The debate over the legitimacy of that election’s outcome continues unfettered today, deepening rifts in an already hyper-divided public. As more countries integrate electronic voting systems into their election processes, it becomes increasingly important that reliable and thoroughly tested safeguards be created to protect them, lest the same controversies imperil democracies elsewhere.
Estonia, which has allowed its citizens to vote from home since 2005, is the leader in electronic voting systems. Estonians vote by installing the national voting software and then inserting their voter id card into their computer. They then select their preferred candidates by clicking a mouse. They may vote as many times as they would like until election day, with only their final vote counting. Today, thirty percent of all votes cast in Estonian elections are done online. Interestingly, almost half of the e-votes are cast by those 45 and older.
To protect the vote, the Estonian system offers voters the chance to verify that their vote was recorded correctly. At any time, voters can log into the verification system through their smart phone and see how the system recorded their vote. The systems they use to vote and to verify their vote are physically separate. Furthermore, the verification system is encrypted, and no one but the individual can see how he or she voted. These kinds of assurances can help citizens feel confident about the outcome of elections and about their ability to participate in them.
With over a decade of experience with e-voting systems, Estonia has had the time to address the technical and cultural challenges associated with online voting. There are many lessons the world can learn from its experience, several of which are discussed in detail in a comprehensive online report. Other countries are currently attempting to emulate Estonia’s success, and that includes securing and building public faith in the underlying technology. Clearly, Swiss Post’s new bug-bounty campaign aims to do just that.