In 2021, Swiss Post published its new, fully verifiable e-voting system in multiple stages as part of a community programme so that independent experts could test it. Swiss Post also launched a public bug bounty programme for e-voting for an indefinite period of time.

More information on the disclosure can be found on the e-voting community website.

From 25 February to 24 March 2019, Swiss Post carried out a public intrusion test. IT specialists and hackers were invited to attack the system with the aim of finding and fixing vulnerabilities.

During the four-week stress test, around 3,200 international IT experts inflicted targeted attacks on the new e-voting system. After the completion of the intrusion test, there were no manipulated votes in the electronic ballot box. The hackers did not manage to infiltrate the e-voting system. Attempts at overloading the system through DDoS attacks were unsuccessful. The hackers submitted a total of 173 findings. The Federal Chancellery, cantons and Swiss Post confirmed 16 of them. They all come under the lowest classification level of “Best Practices”.

Swiss Post’s final report summarizes the results and findings of the intrusion test.

The Confederation’s final report can be found here.

Go to the previous system from 2019