Wednesday, September 14, 2011

Voting on the Internet

Secure and feasible voting on the Internet is still lagging in terms of security and viability.

Why This Matters To You
  • if you participate in online voting platforms which involve money
  • if you are holding a contest where the participants vote for the winner

Sometimes, with the prodding of marketing necessity or even political expediency and agenda, voting on the Internet has been downgraded to the status of a poll. In this regard, it can be considered to be less authoritative and one loosely conducted with a minimal consideration for accuracy.

Photo Credit: http://www.sxc.hu/photo/235200

Security
Though I'm not personally a network security expert, there are a lot of resources and news reports on the Internet concerning the matter of security in online voting. The existence of political interest groups which have the capability to subvert any network security system also compounds the matter.


Verification
Danny on Google+
Aside from the technical issues surrounding online voting systems, there's also the matter of padding and ghost voters in any type of platform. In my case, it's in the weekly contests that I hold for my own network of blogs. I tried to allow participants to vote on the winning entry but I found that the entries with the most votes tend to be not as good as the entries of verified contestants.

Moreover, I found one of the entrants voting for himself using another account.

In any system there's always the crucial element of verification to ensure fairness.

In democracies such as in the United States, the Philippines and others, this most often hinges on the voters' registration information.

In websites, this verification system hinges on different levels.

  • Anonymous - No verification
  • Account Verification - Usually email verification
  • Social Network Verification - Facebook, Twitter, LinkedIn, Google+
  • Mobile Phone Verification - Call ins, registration codes, verification codes
  • Official Documents - Bank Statement of Account, Driver's License, Social Security, Government issued identification, etc. (Most often applied in banking and mobile payment facilities)    
As far as I have experienced, it doesn't go beyond this. I suppose that the next level for this would be online biometric scanning. But that too could be compromised if the infrastructure for transmission is not secure. It is data just the same after all - even if it's biological in nature.

Why I Wrote This
My intentions in writing this was to clear my mind regarding the system of voting on the Internet. Having participated in online voting platforms, I can say that most websites voting systems are flawed - therefore providing inaccurate information. 

This is more dangerous if the voting involves financial interests.

No comments:

Post a Comment

EventId's in Nostr - from CGPT4

The mathematical operation used to derive the event.id in your getSignedEvent function is the SHA-256 hash function, applied to a string rep...