In the following article we want to provide you with a comprehensive overview over the measures that are put in place to guard your voting security and the integrity of your ballot within NemoVote. Should you have any specific security related questions, do not hesitate to contact us at firstname.lastname@example.org.
Guaranteeing election security, ballot integrity and voter privacy is at the core of what we do at NemoVote and is ensured by a multi-step process.
All network traffic of the NemoVote application is encrypted via HTTPS (TLS).
Hosting and Cloud architecture
Each organisation/event gets a dedicated, enclosed instance of NemoVote. There is no shared data to other instances or customers as each are stored independently.
We take the privacy of our customers and our voters very seriously. NemoVote is fully compliant with the General Data Protection Regulation (GDPR) of the European Union and its German implementation (Datenschutz-Grundverordnung DSGVO).
The application is hosted on servers in the European Union You can read our privacy statement here
A secure permanent connection is maintained with the voting server and the end user through a digital token. Authentication is implemented with the highest security standards for web applications in mind. This user authentication is in place for both the administrator (election manager) and the voter.
Vote Secrecy Anonymity Options
A variety of vote options, such as secret/public vote, secret or public results. All voting data is securely stored, and the voting results and data remain secret and the integrity of the ballot is kept. Voter ID and Vote Choice are stored independently and not possible to be linked post factum in the database which ensures voter anonymity.
Our advanced voting right management is dynamic for each vote; once a vote is live, a digital snapshot of the eligible votes is created, that cannot be altered. Vote data is encrypted before leaving the voter’s device, ensuring that it remains secret all the way throughout transmission and until the ballot counting in the voting server.
The secure NemoVote voting server ensures that each voter can only vote as many times as dedicated via the voter lists. For transparency reasons, administrator users are not able to participate in votes, only voters have voting rights.
Voting and Audit Functionality
Voters make their selection and can verify it in a second step before the vote is sent encrypted to the Voting server. This allows verifying that votes are not cast accidentally. Voters can verify that their vote was recorded immediately after each vote.
NemoVote has an in-app automatic roll call for quorum: It is immediately verifiable for the administrator which voters are logged in to the app and “present” enabling direct comprehension if statutory quorum for a vote is reached.
Furthermore, there is a live voting roll call during votes for administrators available (this function can be disabled). Optional public display of results immediately after each voting (for every authenticated NemoVote user), also later accessible and comprehensible by the user in App.
Comprehensive server-side activity logs for audit purposes.