The pandemic taught us that much of what we thought had to happen in person could be done online just as well, if not better. But there’s one important task that many people still aren’t comfortable completing from a computer: voting.
It’s not hard to understand why. The technology used in digital voting is still relatively young and hasn’t yet earned voters’ trust. And if attackers figured out a way to hack an election, the effects could be devastating and far-reaching.
As the U.S. ramps up for another presidential election, let’s look at the various voting methods in use today to examine which are the most—and least—secure.
In any democracy, the ideal voting method needs to hit three key targets:
The challenge? Beefing up security usually decreases usability. Just think about what it's like to add multi-factor authentication (MFA) to your online accounts—you know it provides an extra layer of security, but you have to jump a few hurdles to access your accounts.
The same is true for elections, where adding extra security means extra steps (and bigger financial investments). That's one of the main reasons voting methods have been slow to evolve.
The United States doesn’t have a single federally mandated voting method. Instead, it’s up to each of the 50 states (plus Washington D.C., Puerto Rico, and the U.S. territories) to decide how to run their elections.
The result is a patchwork of different voting systems across the country, governed by the people in charge of more than 10,000 different jurisdictions.
A perk of this lack of standardization is that it leaves some room for experimentation. But it also means there’s no one-size-fits-all solution for voting. Here’s a look at the pros and cons of the most common methods used in the U.S.
Some election security experts still consider paper ballots the gold standard of voting methods because paper is hard to hack.
But there are downsides. Paper ballots are more difficult to tally, and they’re not always accessible to everyone—especially people with disabilities. A visually impaired person, for example, can’t use a paper ballot without assistance, which can compromise the security and privacy of that vote.
And even though casting votes by hand may be the only real “unhackable” method of voting, paper ballots are still vulnerable if voter data and election infrastructure aren’t properly secured.
Voting machines are a popular choice in the U.S., especially when paired with a paper audit system. But they’re not immune to flaws. White hat hackers have demonstrated that voting machines can be manipulated, and not all states require a paper trail to verify their election results.
In one sobering University of Michigan study, researchers were able to alter votes on ballot-marking devices, and the vast majority of voters didn't even notice. Less than half reviewed their ballots, with only 7% of voters alerting a worker that something was wrong.
What this study illustrated is how easily a close election could be swayed by the manipulation of just a handful of votes.
Less than a quarter of voters cast their ballots for the 2016 presidential election by mail. That number climbed to 43% for the 2020 election, thanks in large part to COVID-19 concerns, which led the majority of states to modify their mail-in and absentee voting processes to support social distancing.
Despite issues like the mishandling of 84,000 absentee ballots in the 2020 New York Democratic primary election, experts have found low rates of voter fraud in states with widespread vote-by-mail policies. To secure vote-by-mail, officials typically have to verify signatures on every ballot against the registered voter’s record.
But the task of verifying and authenticating varies from state to state, and critics question the reliability of manually comparing signatures. The verification process also requires officials to access voter registration data, which increases the need for data encryption, as well as two-factor authentication for employees. Just like voting machines or paper ballots, mail-in voting is only secure with the proper verification and authentication methods in place.
The future of secure voting in the U.S. may well involve a hybrid approach that leverages the strengths of both digital and traditional methods. The digital possibilities are evolving rapidly, with technologies like artificial intelligence (AI) bringing both new threats and novel solutions to the election landscape.
Technology has the power to provide a transparent, tamper-proof way to cast and count votes. AI could enhance voter authentication, improve fraud detection, and continuously monitor networks for potential security breaches. Advancements in biometric authentication have the potential to enhance privacy and fraud prevention without sacrificing usability.
As technology evolves, election security will need to evolve right alongside it to ensure anyone taking elective office arrives there fairly. But the most vital advancements will come from increasing public trust in digital voting systems. And we can get there with transparent security measures and ongoing education about the different types of voting and their susceptibility to fraud.
Despite the vulnerabilities we’ve touched on, voter fraud in the U.S. is extremely rare. Whatever the future of voting holds, there's one thing we know for sure: Not voting is the only surefire way to guarantee your voice goes unheard.
Want to learn more about topics like election security, artificial intelligence, and authentication? Subscribe to the DigiCert blog to ensure you never miss a story.