Voatz Completes Mobile Voting Election in South Dakota

Summary: The Republican party of South Dakota offered mobile voting to all delegates in its virtual convention last weekend with 85% delegates voting through the Voatz app. 50% of those voters submitted ballots within the first 20 minutes of the voting window. 


Boston, June 25, 2020 — Following the momentum of successful virtual conventions in both Utah and Arizona, last weekend Voatz successfully completed its third virtual convention with no incidents, generating elevated participation numbers and record engagement. The convention brought together delegates from 31 counties and concluded on Saturday, June 20, 2020. 

Dan Lederman, Chairman of the South Dakota Republican Party, said “Our goal was to create a convention experience that energized the Republican party in South Dakota and replicated an in-person convention. An uncontested convention did not deter delegates from voting, because it was easy. It was a team effort – Voatz worked with us for four weeks ahead of the convention to credential delegates, ensure a smooth rollout, and provide a test vote to get delegates comfortable with the system. It was a successful day for the South Dakota Republican Party.” 

“Voatz is proud to partner with the South Dakota Republican Party to securely enable their delegates to vote in their convention while, most importantly, keeping them safe during this uncertain time,” says Voatz Co-Founder and CEO, Nimit Sawhney. “This was the first time voters in South Dakota were able to vote through a mobile app in an election, and we were glad to see the enthusiastic response. More than half of the voters using the app submitted their ballot within the first 20 minutes of the voting window opening.  Voatz is excited to replicate the successes we’ve seen in the Utah and Arizona Republican Party Conventions, where record numbers of delegates submitted their votes seamlessly.” 

The successful use of mobile voting in South Dakota is an excellent roadmap for election officials looking to expand voting options in states where mail-in voting and polling places are likely to be impacted by Coronavirus. A mobile voting solution would bring relief to anywhere the population skews more elderly

The South Dakota Republican Party chose Voatz as the mobile voting platform for its virtual convention after clear demonstrations that Voatz could handle the dynamic nature of the convention and the potential for runoff rounds of voting. The platform allowed delegates to vote securely, privately, and electronically through their mobile phones. Voatz helped make the voting process safe and verifiable for delegates and candidates.      


Voatz is an award-winning mobile elections platform that leverages cutting-edge technology (including biometrics and a blockchain-based infrastructure) to increase access and security in elections. Since 2016 Voatz has run more than 65 elections with cities, universities, towns, nonprofits, and both major state political parties for convention voting. Learn more here.

We Cannot Afford to Dismiss Online Voting

Below is a letter from Voatz CEO to the editor of The Economist in response to last month’s article, “Why voting online is not the way to hold an election in a pandemic“.


Dear Editor of The Economist,

Allow me to begin by saying that I hold immense respect for The Economist, its well-researched content, and data-driven conclusions. I was surprised, however, to see an almost categorical dismissal of online voting in your article last month, Why voting online is not the way to hold an election in a pandemic.

Whether we like it or not, technology has permeated our lives in undeniable ways, including our vote by mail system (like online absentee requests, voter registration, and electoral rolls). According to Pew Research, an outstanding 75% of adults across the world’s advanced economies own a smartphone, and most of us perform critical work through our mobile devices (including consuming this article).

Without our devices, we have no essential services—banking, telemedicine, news, video conferencing, online faith services, and social interactions—especially in the midst of a pandemic.

Computer science academics who argue that “no electronic system can be fully immune to cyber-attacks and technical issues” are missing the inclusion of key technological advances in their findings: fingerprint and facial authentication, the immutability of a digital signature, cryptography, and the decades-long work championed by Bill Gates and others in the field of trustworthy computing. Remarkably, these advances are all now embedded within our current-generation smartphones and can be leveraged to secure our ability to vote remotely. These arguments against online voting also overlook the very real imperfections of the current system, and its lack of resilience—during the U.S. 2018 midterm elections, for example, nearly half a million mail-in ballots were not counted, and many of those voters were not informed.

These arguments rob our critical infrastructure of the nuance demanded for consideration, and they keep our country locked in the past, actively shutting out citizens from participation. They also ignore the multiple, successful pilots that began in 2018 to enable deployed military, overseas citizens, and voters with disabilities to vote more easily and securely from the safety of their mobile devices. 

If we can agree that online voting is someday inevitable, how will we get there without the support of pilots and testing? 

This pandemic has revealed, in plain sight, the glaring flaws in our current voting systems. They are not resilient. There is no room for contingencies or disruptions. In a COVID-19 world, we must consider all methods to secure access to the vote—and this includes safe and auditable ways to conduct voting online. 

The time for piloting and testing is now. I will champion any initiative that works in tandem with local officials to ensure the security and integrity of each vote. With all due respect, however, shutting down the conversation is not the way to get ready for voting during this pandemic—or even the next. 

Sincerely,

Nimit Sawhney
Co-Founder and CEO, Voatz

State-of-the-Art Security Performs First-Rate Threat Mitigation in Largest Mobile Voting Exercise

A few weeks ago, nearly 7,000 votes were submitted using the Voatz mobile voting platform. During the election, our advanced security threat detection mechanisms were able to detect, mitigate and thwart a handful of smartphones that had malware, were operating on insecure networks, or had insecure applications installed. The ability to detect, log and mitigate these types of threats is unique to the Voatz mobile voting platform. To do this, we combine widely-used threat detection software with our own technology to safeguard the voting process. This ensures that only voters with secure smartphones are permitted to cast a ballot, and if the system detects any threats on the smartphone, a voter will not be able to vote. In short, if a voter has a compromised device—whether they know about it or not—they’ll receive an error and will not be able to vote.

Threat Mitigation

In the election, a handful of voters had compromised devices and were prevented from voting until their device threats were mitigated. In some instances, voters were asked to remove malware on their devices. In others, some voters were asked to delete certain applications or functions they had installed which made their smartphones insecure. These voters were unable to vote until they did so. These cases reveal important, cutting-edge data that indicates the system is capable and successful in both detecting threats at a very granular level, and mostly, ensuring a secure vote. Below includes compelling statistics around the types of malware or applications detected, along with the device type. First, what’s interesting to note is that despite far more voters voting from an iPhone, far more threats were detected at the Android level:

Mitigated Threat: Network Security Threats

A network security threat means that a device is operating on a WiFi network that isn’t safe. Voatz doesn’t allow voters to vote from an unsafe WiFi network because it could lead to a “Man-in-the-Middle” attack, or a malicious attacker hijacking traffic, stealing credentials, or delivering malware to the device. If a voter tries to vote on an unsafe WiFi network, they receive error messages and are asked to switch to a different network in order to vote.
# of iOS devices detected with a network threat, over time
# of Android devices detected with a network threat, over time
Threat detected: Voatz detected (18) iOS devices and (17) Android devices to be operating on insecure WiFi networks. These voters were unable to submit their ballots as a result. Mitigation: These voters were asked to switch to a more stable cellular or WiFi network, reboot their device, and then they were able to submit their ballots.
1 Android device threat detected with ARP poisoning
Threat detected: Voatz detected (1) Android device to be susceptible to ARP Poisoning (meaning the device was operating in an insecure network environment, perhaps with an appliance that was interfering with the network traffic). Mitigation: After this cause was discovered, the voter was asked to remove the offending network appliance from the network and then was able to proceed.

Mitigated Threat: Device Pin Not Set

If a smartphone doesn’t have a device PIN set, that means that the person who owns the smartphone hasn’t yet setup their smartphone’s PIN or activated their biometrics to keep the phone secure (i.e. when they go into the phone, as a safety measure they have to enter the device PIN or use their biometrics to get inside).  Voatz doesn’t allow voters to vote from a device that doesn’t have a PIN set, because it leaves the device susceptible to easier access if an outside bad actor were to obtain physical access to the device. If a voter tries to sign up with Voatz and doesn’t have their device PIN set, the voter will receive an error until they set their device PIN or enable biometrics.
# of iOS devices detected with PIN not set, over time
# of Android devices detected with PIN not set, over time
Threat detected: Voatz detected (3) iOS devices and (89) Android devices that had not yet set their device pin. Mitigation: They were requested to activate their device pin or biometrics and after, were able to proceed with voting.

Mitigated Threat: Sideloaded Apps

Sideloaded apps are applications that have been installed on a device, typically by bypassing the device’s security protocols. Voatz detects any time a device has a sideloaded app installed, because some sideloaded apps can contain malware. Even if the the sideloaded app is benign, as an extra precaution Voatz detects this and then analyzes whether or not it is benign. If it is deemed benign, then the voter is able to proceed. If the sideloaded app contains malware, the voter is requested to remove the application from their device before they are able to proceed and vote.
# of iOS sideloaded apps detected, over time
# of Android sideloaded apps detected, over time
Threat detected: Voatz detected (15) iOS devices and (173) Android devices with sideloaded apps (apps that could potentially introduce a security threat on the device). Mitigation: After investigation, the apps were deemed to be benign and the voters were able to proceed.

Mitigated Threat: Sideloaded Apps with Malware

Malware detected on Android devices
Threat detected: Voatz detected (2) Android devices with sideloaded apps that contained malware. Mitigation: Voters were asked to delete the offending apps and reboot their phones, or to use a different device in order to proceed.

Mitigated Threat: USB Debugging Enabled

USB debugging enablement is a threat only associated with Android devices. It lets the device communicate with a computer, and allows access to specialized areas of the phone otherwise inaccessible. Voatz detects if a device has USB debugging enabled and whether or not that device is connected to a computer. If the device is connected to a computer, the Voatz system will not let a vote be submitted and the voter will receive an error.
# of Android devices detected with USB debugging enabled, over time
Threat detected: Voatz detected (11) Android devices with USB debugging enabled (which allows a smartphone to communicate with a computer). Mitigation: Because the mobile device was not connected to a computer at the time of voting, voters were able to proceed.
[Data provided by Voatz Security Operations]

First Female MA State Treasurer Speaks on Power, Voting & Changes Across Time

Below is the transcription of an interview conducted by David Cohen, Co-Founder and Managing Director of Techstars, the global platform for investment and innovation that connects entrepreneurs, investors, and corporations. 

David interviewed Shannon O’Brien on voting, elections, and changes throughout time.

Shannon O’Brien was the first woman state treasurer of the state of Massachusetts, and former Democratic nominee for governor.

(view full interview here)

David Cohen: You were elected to office for the first time in 1986, 30 years later, what has changed in how we vote?

Shannon O’Brien: Well, back in 1986, it was incredibly labor intensive. Everything was done on paper, getting phone numbers so that you could reach out to voters was an incredibly labor intensive process, getting absentee ballots, again took time and had a lot of rules and regulations about how you actually got those absentee ballots into the town clerk’s office. And so back then it took a lot of human beings to make this happen.

So a lot has changed over the years. But now, as we’re seeing that as technology and different issues are coming to the forefront, we have a lot of people thinking that it’s an important time to go back to those days where it’s just all paper. I think it’s sort of fascinating that you see a lot of people now calling for harking back to paper ballots, and I sort of shudder when I think about what that was like back in 1986.

I think it’s sort of fascinating that you see a lot of people now calling for harking back to paper ballots, and I sort of shudder when I think about what that was like back in 1986.

Shannon O’Brien, Former Massachusetts State Treasurer

David Cohen: In 2000 we were introduced to hanging chads. Today we’re back to talking about paper ballots. Kevin Roose from the New York Times says that he has decided that Americans should vote by etching our preferred candidates name into a stone tablet with a hammer and chisel. I think he’s kidding. What do you think about the evolution, and thought, and the perception? Why is it that people feel this way?

Shannon O’Brien: Well, obviously everyone is concerned about the possibility for compromise or hacking. I mean, I was working on the campaign back with the hanging chads. And we had something similar in the congressional district, where I live something similar in terms of how the paper ballots and the punch system did not work during a very heavily attended congressional race. So what we’ve seen over the course of the last number of years, we’ve seen the Equifax hack. We saw in 2016, that the Russians had attempted to, at least in 21 states, attempt to hack the voting machines in different jurisdictions there. So I think that there’s a heightened concern about technology whether or not it can be fully secure, and especially whether or not it can be fully secure for such an important right as placing your vote and expressing your opinion as to who should be leading the state or the country.

David Cohen: Most people like myself these days we do online banking, I just did my census online. As an investor, I transfer a lot of money around online, but today we’re hearing people say that mail-in ballots are really the only option. It seems crazy to me, but what do you think are their barriers to mail in ballots that people generally miss? Are states willing to bear the cost? When we need money in other places, are we justified in investing our resources here?

Most people like myself these days do online banking, I just did my census online. As an investor, I transfer a lot of money around online, but today we’re hearing people say that mail-in ballots are really the only option.

David Cohen, Co-Founder and Managing Director, TechStars

Shannon O’Brien: Paper ballots are not hackable, but they are not infallible. We’ve seen I think in this country in the last election, the last presidential election. Over 400,000 absentee ballots, either didn’t make it to get counted, were rejected because the signature on the ballot did not match a signature within the clerk’s office. So paper ballots, while the putting pen or pencil to paper and getting that done is not hackable, the process between getting that vote from your home or your office, or wherever you’re going to be, actually filling out the ballot and getting it in, and actually having it counted, there are many potential pitfalls that can happen, and we saw this just this past week in Wisconsin, where there were so many people who needed to send in absentee ballots because workers concerned about the Coronavirus did not want to show up and man the polls. And so I think they had something like 1/10th the number of in-person balloting locations, so people had to wait hours and hours. Those ballots that, you know, did not get in on time, they will not be counted.

But those people in Wisconsin, those 400,000 people whose absentee ballots didn’t count in the last cycle, their vote doesn’t get diluted, their vote gets stolen. And so for me, accessibility, if I have to determine between security and voter fraud and accessibility, I’m going to tip the scales in terms of accessibility, but I still think there is a way that you can do both. I believe that there is a way that you can balance many of the concerns that different people have right now, and do it in a way that’s reasonable that protects both the ability to access and have an opportunity to vote, but also promotes security and reduces voter fraud.

I believe that there is a way that you can balance many of the concerns that different people have right now, and do it in a way that’s reasonable that protects both the ability to access the opportunity to vote, but also promotes security and reduces voter fraud.

Shannon O’Brien, Former Massachusetts State Treasurer

David Cohen: I’m certain that with Coronavirus changing how we do business, you know some government services maybe licenses and IDs will move online, but what are the practical barriers to elections moving online?

Shannon O’Brien: The real issue is, I think right now, going to be cost. We saw that in the stimulus package approximately 400 million was put into that bill to help make sure that people can get to the polls during this Coronavirus crisis. So it’s going to cost money, but it’s also going to require a meeting of the minds between the left and the right, the Republicans and the Democrats, that they agree that making sure that voter access, especially during this just unusual pandemic crisis we’re having right now, is important, and I think that the most important thing toward making voting more accessible is to understand that making voting more accessible is an important civil and constitutional right, that we all have.

David Cohen: Sounds reasonable to me. You’ve sort of answered this one but I’m going to ask it again in case you have anything else to add, what are the political challenges associated with modernizing the voting process?

Shannon O’Brien: The political challenges are that right now you don’t have everyone in agreement about what the best process is for both securing the vote and making voting accessible, and I think that the most important thing that can happen is to take some very measured and rational steps towards testing some new technologies. But the fact is, you had people who weren’t trained, you had new rules that were brought to bear during those Iowa caucuses. So there were many things beyond the technology that made the Iowa caucuses a failure. And so understanding that any new technology, even going to mail-in ballots, there will be issues and problems that have to be dealt with. And so it’s making sure that we understand that whatever we do, this is not going to be a quick fix, and has to be part of a longer process, moving us forward where we can both use technology and maybe old fashioned technology to increase both accessibility and security, but do it in a rational well thought out, and hopefully, bipartisan way.

I think that the most important thing that can happen is to take some very measured and rational steps towards testing some new technologies.

Shannon O’Brien, Former Massachusetts State Treasurer

David Cohen: What needs to be done to make the changes necessary to improve access? What would you do if you could wave your magic wand?

Shannon O’Brien: I am a believer in taking a look at mobile voting platforms, looking at ways that we can enhance both the accessibility, but also the auditability. Because there are many voting machines out there that count the paper ballots that we cannot subject them to simple audit. So making sure that we understand that we can use technology to make these improvements. And so I think it’s just understanding that we’re going to be able to use technology, that we need to do it in a number of different facets that can help us as a state, as a nation, and so moving in that direction I think is going to be very, very important for all of us as citizens.

I am a believer in taking a look at mobile voting platforms, looking at ways that we can enhance both the accessibility, but also the auditability.

Shannon O’Brien, Former Massachusetts State Treasurer

David Cohen: Shannon, I hear you have a personal story about voting that is relevant to all this.

Shannon O’Brien: In 1976, my dad ran for the United States Congress in the post-Watergate era. And it was a year that many people thought that a democrat might win the seat. And my father ran against a very well qualified candidate Ed McColgan, and the primary, he won by something like 12 votes. And then during the recount process, there were votes that went back and forth, and he ended up losing by four votes. I think it was the closest congressional vote in the history of the state. I think it still remains.

But the real issue was, and this is the problem with paper ballots is that you can’t change paper ballots because they need to be printed, they need to be sent out. And so the problem that my father faced is that he actually thought he might be able to go to court and successfully challenge the outcome of that recount, but he couldn’t go to court because even if he won the court case, there would not have been enough time to print his name on the ballot. So he gracefully stepped back, and you know a lot of people thought that my dad actually won that primary. So it was one of those things that you understand the inflexibility of a paper ballot. Someone goes and they vote for Pete Buttigieg, he drops out or Bernie Sanders, he drops out. They’re not on the ballot anymore. And if you’ve already voted, you don’t get an opportunity to quickly or easily change your vote.