Security Issues
In electronic processes, the implementation of security is essential, so the voting public may use the system with confidence.
After all, the main goal of the Electronic Voting System is to raise the total of valid votes, by the offer of alternative ways to vote, encouraging voters that for any reason would not participate of the elections, to do it, strengthening this way, the election process as a whole.
For the Electronic Voting System, the following security aspects were considered:
- Secure SSL certificate with full authentication, issued by Thawte Consultings Limited;
- Implementation of encrypted electronic pages;
- Database access and processing of each vote through login, password and custom parameters validation, only known by the system.
In addition to the above aspects, the source codes of the Electronic Voting System are property of RZC Internet & Services ltd., and the use by the contractor company is authorized by Multilinks for the requested schedule. The encrypted pages are hosted in our servers in a protected and access controlled environment. Attempting to access the source code configures infringiment of copyright laws, and the infractor is liable to prosecution.
It is noteworthy that several of the processes implemented by Multilinks have been audited by leading companies, specialized in auditing processes and systems, among which we highlight:
- BDO Directa Auditores
- BDO Trevisan
- Cipher - Segurança da Informação
- Directa Auditores
- Ernst & Young Brazil
- KPMG Auditores Independentes
- Modulo Security Solutions SA
- Trevisan - The Global Solution