Is voting with POLYAS secure?
The voting software POLYAS CORE 2.5.0 meets the requirements of the international Protection Profile according to Common Criteria and is a central component of certification by the BSI (German Federal Office for Information Security). The Protection Profile for secure online voting products is based on the electoral principles anchored in German Basic Law (universal, secret, free, equal, direct).
The voting software POLYAS CORE 2.5.0 generates an anonymous token for you after you login, and this does not allow your identity to be inferred. This token is the basis for your vote. After you have cast your vote, your token is deleted and the electoral roll is informed that no new token may be generated for your data because you have voted already.
The electoral roll then knows that you took part in the election, but not how you voted. The ballot box, on the other hand, knows how the ballot paper is marked, but not who marked it. Only you know the whole secret.
Compliance with the electoral principles in the POLYAS CORE 3.0 voting system is ensured by cryptographic and mathematical methods. For example, voting secrecy is preserved by asymmetric encryption processes. Once the vote has been cast, the voter can no longer be identified.