Abstract
Reliable voter identification is one of the key requirements to guarantee eligibility and uniformity of elections. In a remote setting, this task becomes more complicated compared to voter identification at a physical polling station. In case strong cryptographic mechanisms are not available, biometrics is one of the available alternatives to consider. In this paper, we take a closer look at facial recognition as a possible remote voter identification measure. We cover technical aspects of facial recognition relevant to voting, discuss the main architectural decisions, and analyse some of the remaining open problems, including dispute resolution and privacy issues.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
The Estonian i-voting system also requires voters to explicitly authenticate themselves before they are allowed to sign their ballots.
- 7.
- 8.
- 9.
References
Adida, B.: Helios: web-based open-audit voting. In: van Oorschot, P.C. (ed.) Proceedings of the 17th USENIX Security Symposium, pp. 335–348. USENIX Association (2008). http://www.usenix.org/events/sec08/tech/full_papers/adida/adida.pdf
Arnò, S., Galassi, A., Tommasi, M., Saggino, A., Vittorini, P.: State-of-the-art of commercial proctoring systems and their use in academic online exams. Int. J. Distance Educ. Technol. (IJDET) 19(2), 55–76 (2021). https://doi.org/10.4018/IJDET.20210401.oa3
Asgari, S., Trajkovic, J., Rahmani, M., Zhang, W., Lo, R.C., Sciortino, A.: An observational study of engineering online education during the COVID-19 pandemic. PLoS ONE 16(4), 1–17 (2021). https://doi.org/10.1371/journal.pone.0250041
Backes, M., Chen, T., Dürmuth, M., Lensch, H.P.A., Welk, M.: Tempest in a teapot: compromising reflections revisited. In: 30th IEEE Symposium on Security and Privacy (S&P 2009), Oakland, California, USA, 17–20 May 2009, pp. 315–327. IEEE Computer Society (2009). https://doi.org/10.1109/SP.2009.20
Balfanz, D., et al.: Web authentication: an API for accessing public key credentials level 1. W3C recommendation, W3C, March 2019. https://www.w3.org/TR/2019/REC-webauthn-1-20190304/
Brand, C., et al.: Client to authenticator protocol (CTAP). Proposed standard, FIDO Alliance, January 2019. https://fidoalliance.org/specs/fido-v2.0-ps-20190130/fido-client-to-authenticator-protocol-v2.0-ps-20190130.html
Buolamwini, J., Gebru, T.: Gender shades: intersectional accuracy disparities in commercial gender classification. In: Conference on Fairness, Accountability and Transparency, FAT 2018. Proceedings of Machine Learning Research, vol. 81, pp. 77–91. PMLR (2018). http://proceedings.mlr.press/v81/buolamwini18a.html
Cardillo, A., Akinyokun, N., Essex, A.: Online voting in Ontario municipal elections: a conflict of legal principles and technology? In: Krimmer, R., et al. (eds.) E-Vote-ID 2019. LNCS, vol. 11759, pp. 67–82. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-30625-0_5
Chaidos, P., Cortier, V., Fuchsbauer, G., Galindo, D.: BeleniosRF: a non-interactive receipt-free electronic voting scheme. In: Proceedings of ACM CCS 2016, pp. 1614–1625. ACM (2016). https://doi.org/10.1145/2976749.2978337
Chamikara, M.A.P., Bertók, P., Khalil, I., Liu, D., Camtepe, S.: Privacy preserving face recognition utilizing differential privacy. Comput. Secur. 97, 101951 (2020). https://doi.org/10.1016/j.cose.2020.101951
Chaum, D.: Security without identification: transaction systems to make big brother obsolete. Commun. ACM 28(10), 1030–1044 (1985). https://doi.org/10.1145/4372.4373
Chaum, D.: Elections with unconditionally-secret ballots and disruption equivalent to breaking RSA. In: Barstow, D., et al. (eds.) EUROCRYPT 1988. LNCS, vol. 330, pp. 177–182. Springer, Heidelberg (1988). https://doi.org/10.1007/3-540-45961-8_15
Cheeseman, N., Lynch, G., Willis, J.: Digital dilemmas: the unintended consequences of election technology. Democratization 25(8), 1397–1418 (2018)
Clark, J., Hengartner, U.: Selections: internet voting with over-the-shoulder coercion-resistance. In: Danezis, G. (ed.) FC 2011. LNCS, vol. 7035, pp. 47–61. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-27576-0_4
Code of Good Practice in Electoral Matters: Guidelines and Explanatory Report (2002). European Commission for Democracy Through Law (Venice Commission). https://rm.coe.int/090000168092af01
Cortier, V., Galindo, D., Glondu, S., Izabachène, M.: Election verifiability for Helios under weaker trust assumptions. In: Kutyłowski, M., Vaidya, J. (eds.) ESORICS 2014. LNCS, vol. 8713, pp. 327–344. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-11212-1_19
Das, A., Galdi, C., Han, H., Ramachandra, R., Dugelay, J., Dantcheva, A.: Recent advances in biometric technology for mobile devices. In: 9th IEEE International Conference on Biometrics Theory, Applications and Systems, pp. 1–11. IEEE (2018). https://doi.org/10.1109/BTAS.2018.8698587
Dziva, C., Musara, E., Chigora, P.: Democratisation and securitisation of Zimbabwe’s national elections: opportunities and challenges of biometric voter registration. J. Public Adm. Dev. Altern. (JPADA) 5(1), 48–62 (2020)
E-valimiste turvalisuse töörühma koondaruanne. Estonian Ministry of Economic Affairs and Communications (2019). https://www.mkm.ee/sites/default/files/content-editors/e-valimiste_tooruhma_koondaruanne_12.12.2019_0.pdf. in Estonian
European Parliament, Council of the European Union: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing directive 95/46/EC (General Data Protection Regulation). https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=OJ:L:2016:119:FULL&from=EN
Fowler, A.: Promises and perils of mobile voting. Election Law J. Rules Polit. Policy 19(3), 418–431 (2020)
Grassi, P., et al.: Digital identity guidelines: authentication and lifecycle management [includes updates as of 03–02–2020] (2020). https://doi.org/10.6028/NIST.SP.800-63b
Grother, P., Ngan, M., Hanaoka, K.: Face Recognition Vendor Test (FRVT) Part 3: Demographic Effects (2019). https://nvlpubs.nist.gov/nistpubs/ir/2019/NIST.IR.8280.pdf
Heiberg, S., Martens, T., Vinkel, P., Willemson, J.: Improving the verifiability of the Estonian internet voting scheme. In: Krimmer, R., et al. (eds.) E-Vote-ID 2016. LNCS, vol. 10141, pp. 92–107. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-52240-1_6
House of Commons, Canada: Fact Sheet of Hybrid Voting Process in the House of Commons (2021). https://www.ourcommons.ca/Content/Newsroom/Articles/Factsheet-ElectronicVotingSystem-e-Final-02-25.pdf
Jacobsen, K.L.: Biometric voter registration: a new modality of democracy assistance? Coop. Confl. 55(1), 127–148 (2020)
Juels, A., Catalano, D., Jakobsson, M.: Coercion-resistant electronic elections. In: Proceedings of WPES 2005, pp. 61–70. ACM (2005)
Kim, G., Eum, S., Suhr, J.K., Kim, I., Park, K.R., Kim, J.: Face liveness detection based on texture and frequency analyses. In: 5th IAPR International Conference on Biometrics, ICB 2012, New Delhi, India, 29 March–1 April 2012, pp. 67–72. IEEE (2012). https://doi.org/10.1109/ICB.2012.6199760
Krips, K., Kubjas, I., Willemson, J.: An internet voting protocol with distributed verification receipt generation. In: Proceedings of the Third International Joint Conference on Electronic Voting E-Vote-ID 2018, Bregenz, Austria, 2–5 October 2018, pp. 128–146. TalTech Press (2018). https://digikogu.taltech.ee/en/item/0050d4bb-192b-4531-8e23-ccf8b565222e
Krips, K., Willemson, J.: On practical aspects of coercion-resistant remote voting systems. In: Krimmer, R., et al. (eds.) E-Vote-ID 2019. LNCS, vol. 11759, pp. 216–232. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-30625-0_14
Kulyk, O., Teague, V., Volkamer, M.: Extending Helios towards private eligibility verifiability. In: Haenni, R., Koenig, R.E., Wikström, D. (eds.) VOTELID 2015. LNCS, vol. 9269, pp. 57–73. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-22270-7_4
Li, Y., Li, Y., Yan, Q., Kong, H., Deng, R.H.: Seeing your face is not enough: an inertial sensor-based liveness detection for face authentication. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 1558–1569. ACM (2015). https://doi.org/10.1145/2810103.2813612
Lyastani, S.G., Schilling, M., Neumayr, M., Backes, M., Bugiel, S.: Is FIDO2 the kingslayer of user authentication? A comparative usability study of FIDO2 passwordless authentication. In: 2020 IEEE Symposium on Security and Privacy, SP 2020, pp. 268–285. IEEE (2020). https://doi.org/10.1109/SP40000.2020.00047
Madise, Ü., Martens, T.: E-voting in Estonia 2005. The first practice of country-wide binding internet voting in the world. In: Electronic Voting 2006: 2nd International Workshop, Co-Organized by Council of Europe, ESF TED, IFIP WG 8.6 and E-Voting.CC. LNI, vol. P-86, pp. 15–26. GI (2006)
Marasco, E., Ross, A.: A survey on antispoofing schemes for fingerprint recognition systems. ACM Comput. Surv. 47(2), 28:1–28:36 (2014). https://doi.org/10.1145/2617756
Moore, L., Sawhney, N.: Under the Hood: The West Virginia Mobile Voting Pilot (2019). https://sos.wv.gov/FormSearch/Elections/Informational/West-Virginia-Mobile-Voting-White-Paper-NASS-Submission.pdf
Neumann, S., Volkamer, M.: Civitas and the real world: problems and solutions from a practical point of view. In: Seventh International Conference on Availability, Reliability and Security, ARES 2012, Prague, pp. 180–185. IEEE Computer Society (2012). https://doi.org/10.1109/ARES.2012.75
Okamoto, T.: Receipt-free electronic voting schemes for large scale elections. In: Christianson, B., Crispo, B., Lomas, M., Roe, M. (eds.) Security Protocols 1997. LNCS, vol. 1361, pp. 25–35. Springer, Heidelberg (1998). https://doi.org/10.1007/BFb0028157
Patachi, Ş, Schürmann, C.: Eos a universal verifiable and coercion resistant voting protocol. In: Krimmer, R., Volkamer, M., Braun Binder, N., Kersting, N., Pereira, O., Schürmann, C. (eds.) E-Vote-ID 2017. LNCS, vol. 10615, pp. 210–227. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-68687-5_13
Peixoto, B., Michelassi, C., Rocha, A.: Face liveness detection under bad illumination conditions. In: Macq, B., Schelkens, P. (eds.) 18th IEEE International Conference on Image Processing, ICIP 2011, pp. 3557–3560. IEEE (2011). https://doi.org/10.1109/ICIP.2011.6116484
Prabhakar, S., Pankanti, S., Jain, A.K.: Biometric recognition: security and privacy concerns. IEEE Secur. Priv. 1(2), 33–42 (2003). https://doi.org/10.1109/MSECP.2003.1193209
Aiello, R.: A historic first: MPs hold House of Commons votes by app (2021). https://www.ctvnews.ca/politics/a-historic-first-mps-hold-house-of-commons-votes-by-app-1.5338151
Rivest, R.L., Shamir, A., Tauman, Y.: How to leak a secret. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 552–565. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-45682-1_32
Rosacker, K.M., Rosacker, R.E.: Voting is a right: a decade of societal, technological and experiential progress towards the goal of remote-access voting. Transforming Government: People, Process and Policy (2020)
Roy, A., Memon, N.D., Ross, A.: MasterPrint: exploring the vulnerability of partial fingerprint-based authentication systems. IEEE Trans. Inf. Forensics Secur. 12(9), 2013–2025 (2017). https://doi.org/10.1109/TIFS.2017.2691658
Ryan, P.Y.A., Rønne, P.B., Iovino, V.: Selene: voting with transparent verifiability and coercion-mitigation. In: Clark, J., Meiklejohn, S., Ryan, P.Y.A., Wallach, D., Brenner, M., Rohloff, K. (eds.) FC 2016. LNCS, vol. 9604, pp. 176–192. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53357-4_12
Sabra, M., Maiti, A., Jadliwala, M.: Zoom on the keystrokes: exploiting video calls for keystroke inference attacks. In: 28th Annual Network and Distributed System Security Symposium, NDSS 2021, Virtually, 21–25 February 2021. The Internet Society (2021). https://www.ndss-symposium.org/ndss-paper/zoom-on-the-keystrokes-exploiting-video-calls-for-keystroke-inference-attacks/
Scytl: individual verifiability, Swiss Post E-voting protocol explained. Technical report, Swiss Post, November 2017. https://www.post.ch/-/media/post/evoting/dokumente/swiss-post-online-voting-protocol-explained.pdf?la=de
Shukla, D., Kumar, R., Serwadda, A., Phoha, V.V.: Beware, your hands reveal your secrets! In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, AZ, USA, 3–7 November 2014, pp. 904–917. ACM (2014). https://doi.org/10.1145/2660267.2660360
Shweiki, O., Lee, Y.: Compelled use of biometric keys to unlock a digital device: deciphering recent legal developments. United States Attorneys’ Bull. 67(1), 23–42 (2019)
Stenerud, I.S.G., Bull, C.: When reality comes knocking Norwegian experiences with verifiable electronic voting. In: Proceedings of EVOTE 2012. LNI, vol. P-205, pp. 21–33. GI (2012)
Wolf, P., Alim, A., Kasaro, B., Namugera, P., Saneem, M., Zorigt, T.: Introducing biometric technology in elections. International Institute for Democracy and Electoral Assistance (2017). https://www.idea.int/sites/default/files/publications/introducing-biometric-technology-in-elections-reissue.pdf
Xu, Y., Heinly, J., White, A.M., Monrose, F., Frahm, J.: Seeing double: reconstructing obscured typed input from repeated compromising reflections. In: Sadeghi, A., Gligor, V.D., Yung, M. (eds.) 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS 2013, Berlin, Germany, 4–8 November 2013, pp. 1063–1074. ACM (2013). https://doi.org/10.1145/2508859.2516709
Xu, Y., Price, T., Frahm, J., Monrose, F.: Virtual U: defeating face liveness detection by building virtual models from your public photos. In: 25th USENIX Security Symposium, pp. 497–512. USENIX Association (2016). https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/xu
Zhao, W., Chellappa, R., Phillips, P.J., Rosenfeld, A.: Face recognition: a literature survey. ACM Comput. Surv. 35(4), 399–458 (2003). https://doi.org/10.1145/954339.954342
Acknowledgements
This paper has been supported by the Estonian Research Council under grant number PRG920. The authors are grateful to the Estonian Information System Authority and State Electoral Office for their support of the research process.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Heiberg, S., Krips, K., Willemson, J., Vinkel, P. (2021). Facial Recognition for Remote Electronic Voting – Missing Piece of the Puzzle or Yet Another Liability?. In: Saracino, A., Mori, P. (eds) Emerging Technologies for Authorization and Authentication. ETAA 2021. Lecture Notes in Computer Science(), vol 13136. Springer, Cham. https://doi.org/10.1007/978-3-030-93747-8_6
Download citation
DOI: https://doi.org/10.1007/978-3-030-93747-8_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-93746-1
Online ISBN: 978-3-030-93747-8
eBook Packages: Computer ScienceComputer Science (R0)