Direct-recording electronic (DRE) voting systems utilize touch-screen terminals to record votes. A DRE is essentially a computer. Voters view ballots on a screen and make choices using an input device such as a bank of buttons or a touchscreen. Some DRE systems also employ a card swipe or cartridge system that must be activated before a ballot can be cast. Votes are stored on a memory card, compact disc or other memory device. Election officials transport these memory devices to a centralized location for tabulation, just as they would with paper-based ballots. Some machines have the capability to broadcast results over a modem-to-modem line. OVERVIEWElectronic voting systems for electorates have been in use since the 1960s[3]whenpunched cardsystems debuted. Their first widespread use was in the USA where 7 counties switched to this method for the 1964 presidential election.[4]The neweroptical scan voting systemsallow a computer to count a voter's mark on a ballot.DRE voting machineswhich collect and tabulate votes in a single machine, are used by all voters in all elections inBrazilandIndia, and also on a large scale inVenezuelaand theUnited States. They have been used on a large scale in theNetherlandsbut have been decommissioned after public concerns.Internet voting systems have gained popularity and have been used for government elections and referendums in theUnited Kingdom,EstoniaandSwitzerlandas well as municipal elections inCanadaand party primary elections in the United States andFrance.[5]There are also hybrid systems that include an electronic ballot marking device (usually a touch screen system similar to a DRE) or otherassistive technologyto print avoter verified paper audit trail, then use a separate machine for electronic tabulation.

DIRECT-RECORDING ELECTRONIC (DRE) VOTING SYSTEMFurther information:DRE voting machine

A direct-recording electronic (DRE)voting machinerecords votes by means of aballotdisplay provided with mechanical or electro-optical components that can be activated by the voter (typically buttons or atouchscreen); that processes data with computer software; and that records voting data and ballot images inmemory components. After the election it produces a tabulation of the voting data stored in a removable memory component and as printed copy. The system may also provide a means for transmitting individual ballots or vote totals to a central location for consolidating and reporting results from precincts at the central location. These systems use a precinct count method that tabulates ballots at the polling place. They typically tabulate ballots as they are cast and print the results after the close of polling.[6]In 1996, after tests conducted on more than 50 municipalities, the Brazilian Electoral Justice has launched their "voting machine". Since 2000, all Brazilian voters are able to use the electronic ballot boxes to choose their candidates. In 2010 presidential election, which had more than 135 million voters, the result was defined 75 minutes after the end of voting. The electronic ballot box is made up of two micro-terminals (one located in the voting cabin and the other with the voting board representative) which are connected by a 5-meter cable. Externally, the micro-terminals have only a numerical keyboard, which does not accept any command executed by the simultaneous pressure of more than one key. In case of power failure, the internal battery provides the energy or it can be connected to an automotive battery. The Brazilian electronic ballot box serves today as a model for other countries.[7]In 2002, in the United States, theHelp America Vote Actmandated that one handicapped accessible voting system be provided per polling place, which most jurisdictions have chosen to satisfy with the use of DRE voting machines, some switching entirely over to DRE. In 2004, 28.9% of the registered voters in the United States used some type of direct recording electronic voting system,[8]up from 7.7% in 1996.[9]In 2004,Indiahad adoptedElectronic Voting Machines(EVM) for its elections to the Parliament with 380 million voters had cast their ballots using more than a million voting machines.[10]The Indian EVMs are designed and developed by two Government Owned Defense Equipment Manufacturing Units,Bharat Electronics Limited(BEL) andElectronics Corporation of India Limited(ECIL). Both systems are identical, and are developed to the specifications ofElection Commission of India. The System is a set of two devices running on 6V batteries. One device, the Voting Unit is used by the Voter, and another device called the Control Unit is operated by the Electoral Officer. Both units are connected by a 5 meter cable. The Voting unit has a Blue Button for every candidate, the unit can hold 16 candidates, but up to 4 units can be chained, to accommodate 64 candidates. The Control Units has Three buttons on the surface, namely, one button to release a single vote, one button to see the total number of vote cast till now, and one button to close the election process. The result button is hidden and sealed, It cannot be pressed unless the Close button is already pressed.

PUBLIC NETWORK DRE VOTING SYSTEMA public network DRE voting system is an election system that uses electronic ballots and transmits vote data from the polling place to another location over a public network. Vote data may be transmitted as individual ballots as they are cast, periodically as batches of ballots throughout the election day, or as one batch at the close of voting. This includes Internet voting as well as telephone voting.Public network DRE voting system can utilize either precinct count or central count method. The central count method tabulates ballots from multiple precincts at a central location.Internet voting can use remote locations (voting from any Internet capable computer) or can use traditional polling locations with voting booths consisting of Internet connected voting systems.Corporations and organizations routinely use Internet voting to elect officers and Board members and for other proxy elections. Internet voting systems have been used privately in many modern nations and publicly in theUnited States, theUK,SwitzerlandandEstonia. InSwitzerland, where it is already an established part of local referendums, voters get their passwords to access the ballot through the postal service. Most voters inEstoniacan cast their vote in local and parliamentary elections, if they want to, via the Internet, as most of those on the electoral roll have access to an e-voting system, the largest run by anyEuropean Unioncountry. It has been made possible because most Estonians carry a national identity card equipped with a computer-readable microchip and it is these cards which they use to get access to the online ballot. All a voter needs is a computer, an electronic card reader, their ID card and its PIN, and they can vote from anywhere in the world. Estonian e-votes can only be cast during the days ofadvance voting. On election day itself people have to go to polling stations and fill in a paper ballot.

E VOTING SYSTEM BY CELLPHONE/SMARTPHONEIn the twenty first century, public acceptance of e voting has been promoted by popular Television media shows such as Star Search (1980 to 1990s) and various other variety shows. Most recently, American idol has shown a large audience base. "There are multiple ways for you to vote for your next American Idol: (1) Toll-free Number Voting; (2) AT&T Text Voting (SMS); (3) Online Voting at www.AmericanIdol.com; and (4) the American Idol App Voting, as described below.".[11]The most interesting fact is that smartphone and wireless devices provides an economic solution to the expensive Paper ballot/mail in ballot system. In addition, most votes are translated into an electronic format with both government identification of identity, economic identification of identity and in addition geographical verification of location. However, it would require dialogue of qualified personnel who have political, technical and philosophical expertise.

ANALYSISElectronic voting systems may offer advantages compared to other voting techniques. An electronic voting system can be involved in any one of a number of steps in the setup, distributing, voting, collecting, and counting of ballots, and thus may or may not introduce advantages into any of these steps. Potential disadvantages exist as well including the potential for flaws or weakness in any electronic component.Charles Stewart of theMassachusetts Institute of Technologyestimates that 1 million more ballots were counted in the 2004 USA presidential election than in 2000 because electronic voting machines detected votes that paper-based machines would have missed.[12]In May 2004 the U.S.Government Accountability Officereleased a report titled "Electronic Voting Offers Opportunities and Presents Challenges",[13]analyzing both the benefits and concerns created by electronic voting. A second report was released in September 2005 detailing some of the concerns with electronic voting, and ongoing improvements, titled "Federal Efforts to Improve Security and Reliability of Electronic Voting Systems Are Under Way, but Key Activities Need to Be Completed".[14]It has been demonstrated that as voting systems become more complex and include software,different methods of election fraudbecome possible. Others also challenge the use of electronic voting from a theoretical point of view, arguing that humans are not equipped for verifying operations occurring within an electronic machine and that because people cannot verify these operations, the operations cannot be trusted. Furthermore, some computing experts have argued for the broader notion that people cannot trust any programming they did not author.[15]Critics of electronic voting, including security analystBruce Schneier, note that "computer security experts are unanimous on what to do (some voting experts disagree, but it is the computer security experts who need to be listened to; the problems here are with the computer, not with the fact that the computer is being used in a voting application)...DRE machines must have a voter-verifiable paper audit trails... Software used on DRE machines must be open to public scrutiny"[16]to ensure the accuracy of the voting system. Verifiable ballots are necessary because computers can and do malfunction, and because voting machines can be compromised.

ELECTRONIC BALLOTSElectronic voting systems may useelectronic ballotsto store votes incomputer memory. Systems which use them exclusively are called DRE voting systems. When electronic ballots are used there is no risk of exhausting the supply of ballots. Additionally, these electronic ballots remove the need for printing of paper ballots, a significant cost.[17]When administering elections in which ballots are offered in multiple languages (in some areas of the United States, public elections are required by theNational Voting Rights Act of 1965), electronic ballots can be programmed to provide ballots in multiple languages for a single machine. The advantage with respect to ballots in different languages appears to be unique to electronic voting. For example,King County, Washington's demographics require them under U.S. federal election law to provide ballot access inChinese. With any type of paper ballot, the county has to decide how many Chinese-language ballots to print, how many to make available at each polling place, etc. Any strategy that can assure that Chinese-language ballots will be available at all polling places is certain, at the very least, to result in a significant number of wasted ballots.(The situation with lever machines would be even worse than with paper: the only apparent way to reliably meet the need would be to set up a Chinese-language lever machine at each polling place, few of which would be used at all.)Critics argue the need for extra ballots in any language can be mitigated by providing a process to print ballots at voting locations. They argue further, the cost of software validation, compiler trust validation, installation validation, delivery validation and validation of other steps related to electronic voting is complex and expensive, thus electronic ballots are not guaranteed to be less costly than printed ballots.

ACCESSIBILITYElectronic voting machines can be made fully accessible for persons with disabilities. Punched card and optical scan machines are not fully accessible for the blind or visually impaired, and lever machines can be difficult for voters with limited mobility and strength.[18] Electronic machines can use headphones, sip and puff, foot pedals, joy sticks and other adaptive technology to provide the necessary accessibility.Organizations such as theVerified Voting Foundationhave criticized the accessibility of electronic voting machines[19]and advocate alternatives. Some disabled voters (including the visually impaired) could use atactile ballot, a ballot system using physical markers to indicate where a mark should be made, to vote a secret paper ballot. These ballots can be designed identically to those used by other voters.[20]However, other disabled voters (including voters with dexterity disabilities) could be unable to use these ballots.

CRYPTOGRAPHIC VERIFICATIONThe concept of election verifiability through cryptographic solutions has emerged in the academic literature to introduce transparency and trust in electronic voting systems.[21][22]It allows voters and election observers to verify that votes have been recorded, tallied and declared correctly, in a manner independent from the hardware and software running the election. Three aspects of verifiability are considered:[23]individual, universal, and eligibility. Individual verifiability allows a voter to check that her own vote is included in the election outcome, universal verifiability allows voters or election observers to check that the election outcome corresponds to the votes cast, and eligibility verifiability allows voters and observers to check that each vote in the election outcome was cast by a uniquely registered voter.

VOTER INTENTElectronic voting machines are able to provide immediate feedback to the voter detecting such possible problems asundervotingandovervotingwhich may result in aspoiled ballot. This immediate feedback can be helpful in successfully determiningvoter intent.

TRANSPARENCYIt has been alleged by groups such as the UK-basedOpen Rights Group[24][25]that a lack of testing, inadequate audit procedures, and insufficient attention given to system or process design with electronic voting leaves "elections open to error andfraud".In 2009, theFederal Constitutional Court of Germanyfound that when using voting machines the "verification of the result must be possible by the citizen reliably and without any specialist knowledge of the subject." TheDRENedap-computers used till then did not fulfill that requirement. The decision did not ban electronic voting as such, but requires all essential steps in elections to be subject to public examinability.[26][27]

COERCION EVIDENCEIn 2013, researchers from Europe proposed that the electronic voting systems should be coercion evident.[28]There should be a public evidence of the amount of coercion that took place in a particular elections. An internet voting system called "Caveat Coercitor" shows how coercion evidence in voting systems can be achieved.[28]

AUDIT TRAILS AND AUDITINGFurther information:Voter Verified Paper Audit TrailandEnd-to-end auditable voting systemsA fundamental challenge with anyvoting machineis assuring the votes were recorded as cast and tabulated as recorded.Non-document ballot voting systemscan have a greater burden of proof. This is often solved with an independently auditable system, sometimes called an Independent Verification, that can also be used in recounts or audits. These systems can include the ability for voters to verify how their votes were cast or further to verify how their votes were tabulated.A discussion draft argued by researchers at theNational Institute of Standards and Technology(NIST) states, "Simply put, the DRE architectures inability to provide for independent audits of its electronic records makes it a poor choice for an environment in which detecting errors and fraud is important."[29]The report does not represent the official position of NIST, and misinterpretations of the report has led NIST to explain that "Some statements in the report have been misinterpreted. The draft report includes statements from election officials, voting system vendors, computer scientists and other experts in the field about what is potentially possible in terms of attacks on DREs. However, these statements are not report conclusions."[30]

Various technologies can be used to assure voters that their vote was cast correctly, detect possible fraud or malfunction, and to provide a means to audit the original machine. Some systems include technologies such as cryptography (visual or mathematical), paper (kept by the voter or only verified), audio verification, and dual recording or witness systems (other than with paper).Dr.Rebecca Mercuri, the creator of theVoter Verified Paper Audit Trail(VVPAT) concept (as described in her Ph.D. dissertation in October 2000 on the basic voter verifiable ballot system), proposes to answer the auditability question by having the voting machine print a paper ballot or other paper facsimile that can be visually verified by the voter before being entered into a secure location. Subsequently, this is sometimes referred to as the "Mercuri method." To be trulyvoter-verified, the record itself must be verified by the voter and able to be done without assistance, such as visually or audibly. If the voter must use a bar-code scanner or other electronic device to verify, then the record is not truly voter-verifiable, since it is actually the electronic device that is verifying the record for the voter. VVPAT is the form of Independent Verification most commonly found inelections in the United States.End-to-end auditable voting systemscan provide the voter with a receipt that can be taken home. This receipt does not allow voters to prove to others how they voted, but it does allow them to verify that their vote is included in the tally, all votes were cast by valid voters, and the results are tabulated correctly. End-to-end (E2E) systems includePunchscan,ThreeBallotandPrt Voter.Scantegrityis an add-on that extends current optical scan voting systems with an E2E layer. The city ofTakoma Park, MarylandusedScantegrity IIfor its November, 2009 election.[31][32]Systems that allow the voter to prove how they voted are never used in U.S. public elections, and are outlawed by most state constitutions. The primary concerns with this solution arevoter intimidationandvote selling.An audit system can be used in measured random recounts to detect possible malfunction or fraud. With the VVPAT method, the paper ballot is often treated as the official ballot of record. In this scenario, the ballot is primary and the electronic records are used only for an initial count. In any subsequent recounts or challenges, the paper, not the electronic ballot, would be used for tabulation. Whenever a paper record serves as the legal ballot, that system will be subject to the same benefits and concerns as any paper ballot system.To successfully audit any voting machine, a strictchain of custodyis required.The solution was first demonstrated (New York City, March 2001) and used (Sacramento, California 2002) by AVANTE International Technology, Inc.. In 2004 Nevada was the first state to successfully implement a DRE voting system that printed an electronic record. The $9.3 million voting system provided bySequoia Voting Systemsincluded more than 2,600AVC EDGEtouchscreen DREs equipped with theVeriVote VVPATcomponent.[33]The new systems, implemented under the direction of then Secretary of StateDean Hellerreplaced largely punched card voting systems and were chosen after feedback was solicited from the community through town hall meetings and input solicited from theNevada Gaming Control Board.[34]HARDWAREInadequately secured hardware can be subject to aphysical tampering. Some critics, such as the group "Wij vertrouwen stemcomputers niet" ("We do not trust voting machines"), charge that, for instance, foreign hardware could be inserted into the machine, or between the user and the central mechanism of the machine itself, using aman in the middle attacktechnique, and thus even sealing DRE machines may not be sufficient protection.[35]This claim is countered by the position that review and testing procedures can detect fraudulent code or hardware, if such things are present, and that a thorough, verifiablechain of custodywould prevent the insertion of such hardware or software.Security sealsare commonly employed in an attempt to detect tampering, but testing byArgonne National Laboratoryand others demonstrates that existing seals can usually be quickly defeated by a trained person using low-tech methods.[36]SOFTWARESecurity experts, such asBruce Schneier, have demanded that voting machinesource codeshould be publicly available for inspection.[37]Others have also suggested publishing voting machine software under afree software licenseas is done inAustralia.[38]Software such as Sammaty come underGNU GPL, which means their source code is publicly available and hence transparent.[39]TESTING AND CERTIFICATIONOne method to any error with voting machines isparallel testing, which are conducted on the Election Day with randomly picked machines. TheACMpublished a study showing that, to change the outcome of the 2000 U.S. Presidential election, only 2 votes in each precinct would have needed to been changed.[40]OTHERCriticisms can be mitigated by review and testing procedures to detect fraudulent code or hardware, if such things are present, and thorough a verifiablechain of custodyto prevent the insertion of such hardware or software.Benefits can include reduced tabulation times and an increase of participation (voter turnout), particularly through the use of Internet voting.Those in opposition suggest alternatevote counting systems, citingSwitzerland(as well as many other countries), which uses paper ballots exclusively, suggesting that electronic voting is not the only means to get a rapid count of votes. A country of a little over 7 million people, Switzerland publishes a definitive ballot count in about six hours. In villages, the ballots are even counted manually.Critics also note that it becomes difficult or impossible to verify the identity of a voter remotely, and that the introduction of public networks become more vulnerable and complex.It is not yet clear whether thetotal cost of ownershipwith electronic voting is lower than other systems.ASTRONAUTS IN ORBITTexas law has allowed American astronauts who cannot vote in person and are unable to vote via absentee ballot, such as those aboard theInternational Space StationandMirspace station, to cast their ballots infederal electionselectronically from orbit since 1997. Ballots are sent via secure email to theJohnson Spaceflight Centerand then passed on the astronauts' home counties in Texas.[41][42]

Direct-Recording Electronic Voting MachinesWith the microprocessor revolution of the 1970s, it was obvious that microcomputers could be used as voting machines, and starting in the 1980s, various companies began to build voting machines based on this idea. Officially, in the United States, these are called direct-recording electronic voting machines, abbreviated DRE machines. Today, most of these machines are based on touch-screen technology where the ballot is presented on a computer display screen, and votes are entered by touching the screen.These machines offer the possibility of paperless elections where the totals are instantly available when the polls close and where the vote totals are entirely objective, without any questionable human interpretation and without any possibility of clerical error. There are, however, some serious problems:In the first place, the use of computers does not guarantee that there will be no errors. In one notorious case from Florida in the 2000 general election, a computerized voting system recorded negative 16,022 votes for Al Gore in a district with only 585 voters (Volusia County precinct 216). This problem occured with an optical mark-sense ballot tabulator, so a recount of the paper ballots was possible, but there have been reports of similarly strange numbers from direct-recording electronic voting machines. In sum, computers can and do make occasional mistakes, and we must defend against this.Another problem is the simple matter of display size. It is easy to fit 36 names onto one column of an optical mark-sense ballot, but most computer displays with touch-screen data input cannot easily present this many candidates on the display at one time. Once a race is split across multiple columns on paper, or across multiple screens on a computer, the rate of voter confusion goes up significantly. This led to serious problems in the 2000 Florida election where several Florida counties made ballot design errors that resulted in the presidential race being split across two columns on mark-sense ballots. Of course, no sane political system will allow an election with so many candidates, but the recent California recall election had almost 150 candidates on the ballot.The initial cost of these systems is higher than for optical mark-sense systems because one machine is needed for each voting booth instead of one per polling place or one per regional election office, but they promise long-term savings because of the ballot printing costs that are avoided. These savings may be illusory, however, because of the high storage cost for direct-recording electronic voting systems. All voting systems require secure storage, and all electronic systems require at least some climate control. Long-term storage of systems that use rechargable batteries adds to the storage costs because of the special requirements of the batteries themselves.The most widely discussed problem with direct-recording electronic voting machines is that, like the mechanical lever voting machines of the past, they destroy the evidence of the individual voter's ballot. These machines do record an electronic record of the ballot, but the accuracy of this record depends on the correctness of the software inside the voting machine. In effect, we can only trust the direct-recording electronic voting machine if we trust the programmers who wrote the software for that machine.The electronic record of the election produced by many of these machines is stored in a PCMCIA card, an electronic storage device the size of a common playing card. While it is easy to say that the ballot box should be held jointly in the custody of two officials representing opposing parties, joint custody of a device this small is very difficult. Furthermore, many people are skilled at tricks with playing cards that can easily be applied to these small cards, and many common pocket computers can read and write PCMCIA cards!Much of the controversy surrounding these machines centers on the question of whether software can ever be trusted in such a setting. The situation is complicated because the companies that build these machines want their software to be proprietary, unavailable for inspection by the public. Therefore, in the United States, this software is subject to inspection byindependent testing authoritiescertified by the federal government, under a set of voluntary voting system standards promulgated by the Federal Election Commission in 1990 and revised in 2002. The testing is paid for by the company making the voting system, and the resulting detailed reports on the quality of the software are themselves confidential.The security of national elections is a matter of national security. If the software is produced by only one or two people and then tested by only one or two people, an attacker intent on taking control could do so at the price of only a few bribes. The danger of this situation is mitigated, to some extent by the fact that, in the United States, we have multiple vendors of direct recording electronic voting machines, but there are only four that are large: Diebold, Election Systems and Software, Sequoya and Hart InterCivic. It is fair to guess that, in states such as Maryland and Georgia that have elected to rely on a single direct-recording electronic voting system statewide, the security of the system probably depends on the honesty of fewer than ten people. Can we accept this risk?After researchers at Johns Hopkins University and Rice University released the results of an unofficial security audit of the software used in the Diebold AccuTouch direct-recording electronic voting system in late July of 2003, the states of Maryland and Ohio have each commissioned two independent studies of the security of the voting systems they used. The results of these four studies are not encouraging. The studies from Science Applications International Corporation and Compuware Corporation generally confirmed the results of the earlier unofficial study, and the Compuware study showed that the weaknesses of the Diebold system were only marginally worse than those of the systems made by three other vendors. The study by RABA Technologies demonstrated that some of the more technologically interesting weaknesses of the Diebold system could in fact be exploited, and it also found that the physical security of the Diebold system was remarkably weak. The studies by InfoSentry Services and Science Applications International both showed that state election procedures were seriously flawed.Version control has proven to be a particularly difficult problem with software used in voting systems. If we are to trust our computerized voting systems, we must eliminate the possibility that any software will be installed on them that has not passed through rigorous certification procedures. In the software industry today, however, there is a cultural bias toward the exact opposite, favoring the right of the programmer to update the software at any time. In the United States today, most states have laws imposing strict control over voting system software, but we have evidence from several states that these rules have been routinely violated. In California, for example, the Secretary of State ordered an audit of the software versions in use for voting systems in the state on November 12, 2003; by December 16, it was discovered that all 17 counties in California that used Diebold voting machines had installed unauthorized versions of the software.The Open Voting Consortium (www.openvotingconsortium.org) and several other groups have proposed variations on the idea of open-source voting systems, where all of the software in the voting system would be available for public inspection. Open source development does not solve all of these problems. Open source is only useful if someone actually takes the time to read the software. A single reader is unlikely to detect any particular error, unless that error is blatant, so we really need a large community of people reading the code. Furthermore, open-source software does nothing to address the issue of version control, although I have proposed some ways in which the Open Voting Consortium could address this issue through their open-source software license agreement.Systems with a Voter Verified Paper TrailAs the use of direct-recording electronic voting systems began to increase in the United States, a number of people, mostly academic computer scientists, began to object. Rebecca Mercuri was among the first to propose an alternative system in which computer technology would be used to avoid issues of ballot interpretation, using touch-screen or similar technology, but where the actual record of the vote is a machine-printed paper ballot. The key to the security of this idea is that the voting machine presents this ballot to the voter for verification before it is dropped in the ballot box for secure storage. If there is ever a question about the correctness of the tabulating software, these paper ballots can be hand counted.The Avante Vote-Trakker was the first commercially available voting system to incorporate any variant of this idea. This was certified under the voluntary Federal standards in 2002, and since then, several new companies have emerged with similar offerings and several vendors of direct-recording electronic voting systems have pledged to provide the option of adding a voter-verified paper ballot to their systems.The storage costs of these machines is quite similar to that of direct-recording electronic voting machines, with an added element, the cost of printer maintenance. Most direct-recording electronic voting machines do include printers for printing the totals at the end of the election, but the volume of paper these printers must handle is small, so the printers used in voter-verified paper ballot systems must be faster and more flexible. Reliable inexpensive printers of the type used to print receipts in many commercial settings are available, but opponents of voter-verified paper ballots frequently express doubts about their adequacy for this application.A smart card is a plastic card about the size of a credit card, with an embedded microchip that can be loaded with data, used for telephone calling, electronic cash payments, and other applications, and then periodically refreshed for additional use.