Swiss Post is disclosing its new universally verifiable e-voting system in stages as part of a community programme, to allow it to be verified by independent experts. Swiss Post also runs a permanent public bug bounty programme for e-voting.

More information on the disclosure can be found on the e-voting community website.

Go to the previous system from 2019

From 25 February to 24 March 2019, Swiss Post carried out a public intrusion test. IT specialists and hackers were invited to attack the system with the aim of finding vulnerabilities.

During the four-week endurance test, around 3,200 international IT experts inflicted targeted attacks on the new e-voting system. After the completion of the intrusion test, there were no manipulated votes in the electronic ballot box. The hackers did not manage to infiltrate the e-voting system. Attempts at overloading the system through DDoS attacks were unsuccessful. The hackers submitted a total of 173 findings. The Federal Chancellery, Cantons and Swiss Post confirmed 16 of them. They fall under the lowest classification level, “Best Practice”, and are thus considered non-critical. The entire assessment process for the findings was overseen by representatives of the Confederation and the cantons.

Swiss Post’s final report (PDF, 999 KB) summarizes the results and insights gained from the intrusion test for the Steering Committee, which consists of representatives from the Confederation and the Cantons.

The Confederation’s final report can be found here (German version).