Developing an Indigenous Evoting System Architecture – A Case Study By: Dr Agu Collins Agu Director, Zonal Offices Coordinating Department, National Information Technology Development Agency (NITDA)

BRIEF SYSTEM OVERVIEW NIGCOMSAT’s e-Registration and Voting System is a novel invention of a reliable, secure and always available electronic registration and voting system that adopts two mature technologies for its implementation; RFID (Radio Frequency Identification) and biometrics.

BRIEF SYSTEM OVERVIEW CONT’D The unique combination of both technologies provides an offline system with intrinsic voter authentication as well as instant check for multiple registrations, voting and an anti-rigging mechanism. Complementing this system is a database-driven web application for real-time display of collated data e.g. election results for public viewing.

KEY TECHNICAL SPECIFICATIONS RFID Card Features  Ruggedized PVC card with weather-proof embodiment  Contactless transmission of data (no battery required)  Operating distance 100mm  Fast data transfer (106 kbps)  High data integrity (16 bit CRC, parity, bit coding, bit counting)  True anti-collision  Typical transaction <100ms (including backup management)  Data retention of more than 10 years

KEY TECHNICAL SPECIFICATIONS Security Features  Mutual triple pass authentication (DES, 3-DES and AES)  Data encryption with replay attack protection (DES, 3- DES and AES)  Supports multi application with key hierarchy  Unique serial number for each card  Anti-tear protection mechanism

KEY TECHNICAL SPECIFICATIONS CONT’D RFID Card Reader Features  Operating distance 100mm  Highly integrated analog circuitry to decode card response  Unique serial number  Secure non-volatile key memory  Suitable for high security terminals based on 3-DES, AES, RSA  Anti-collision procedure support  Very low power consumption (USB nano-watt technology)

KEY TECHNICAL SPECIFICATIONS CONT’D Security Features  Mutual triple pass authentication (DES, 3-DES and AES)  Data encryption with replay attack protection (DES, 3- DES and AES)  Supports multi application with key hierarchy  Unique serial number for each reader  Anti-tear protection mechanism  Supports over 32 secret keys

KEY TECHNICAL SPECIFICATIONS Fingerprint Biometrics Features  FBI certified  High performance PC USB fingerprint scanner  256 bit AES  Enrollment time <0.1 second  World’s best performing fingerprint algorithm (NIST MINEX and FVC 2004/2006)  Fast matching speed : 100,000 match within a second  500 dpi optical fingerprint sensor  Very low power consumption (USB nano-watt technology)  Ruggedized scratch free sensor surface

Voter Registration Duplicate Search System Multi-biometric technology to identify duplicate registrations in the nation’s voter database. Accurately identify and remove all duplicate registrations in the voter database. Database that will include photographic and fingerprint records for atleast 80 million voters. With such a large database, the search for duplicates is a complicated task that requires a large number of matching operations and a high degree of reliability. Will become core identification engine for Nigeria’s security / law enforcement system for data portability.

Key Benefits System helps ensure the administration of fair and democratic elections by verifying the accuracy of the country’s national voter database. Up to 40,000,000 fingerprints per second matching speed on a single unit. Scalable cluster architecture. ISO & ANSI fingerprint template standards support. The interoperability and flexibility of the SDK enable the system to work easily with a variety of other software and hardware. The low cost-per-unit and low hardware system requirements enable a cost-effective solution for Nigeria.

How the System Works Face and Fingerprint Capturing The voter information collected consists of face and finger fingerprint images along with personal demographic information of each and every person registered. In essence, the system will capture face and fingerprint data for up to 80 million voters using a variety of input devices, including PC Web cams for capturing face images and fingerprint scanners. The system stores the face and fingerprint images within the RFID Voter’s card and also in a secure database in WSQ format.

Template Generation The Template Generation Module, based on a Matching Client, reads the WSQ images from the database and generates fused face and fingerprint templates that are then stored in a SQL Server Database. The Voter Registration Duplicate Search System then uses these templates to carry out the biometric “N-to-N” matching process that identifies duplicates within the database records.

N-N Matching Our implementation for Nigeria will carry out fusion matching by providing two options: 1. Fuse always 2. Face then fuse The first option, “Fuse always” is for a complete N-to-N matching strategy which requires much more time than that of second option. “Face then fuse” means that the system first generates face score, and if the score crosses the threshold value then the respective finger template is matched. Due to the high speed of the face matching algorithm, this process significantly reduces the amount of time required to identify duplicate entries.

N-N Matching This powerful fused algorithm can produce up to 400,000 matches per second on a single processor PC; and with fault-tolerant, scalable cluster software, this number can be multiplied across multiple PCs to perform extremely fast, parallel fingerprint and face matching using databases of practically unlimited size. The latent fingerprint template editing capabilities will also allow it to be used in forensic AFIS applications.

Server Cluster Architecture The cluster server consists of a server machine, several cluster machines, a cluster server license, several cluster client licenses, and necessary software and data as shown in figure 1 below. It provides significantly high capacity for record matching depending on the number of cluster nodes used. The cluster server can be configured to match up to match tens of millions of records at a time.

Server Cluster Architecture

Detailed System Description The system involves the following four (4) phases: registration, verification, vote casting, and result tallying and display. Below are sub- sections that describe each phase respectively. Registration Phase In the registration phase, designated registration units are used to register eligible voters. In a registration centre, a registration unit is comprised of the following: 1. Notebook 2. HD camera 3. Registration software 4. RFID card reader 5. Fingerprint scanner

Detailed System Description Fingerprint Biometric Scanner A Specimen of an RFID Voter Card RFID Card Reader/Writer RFID Card Printer

Voting Phase The voting phase, designated voting stations are used by eligible voters to vote. A voting station is comprised of the following: Notebook with a touch screen Voting software RFID card reader Fingerprint scanner Ballot printer

Result Tallying & Display Phase A reliable communication link is to be used to connect each voting centre to a centralized command center for vote aggregation of votes from all voting centres. A polling scheme is to be adopted to poll data from each polling centre at a particular interval of time for real-time collation and tallying of results. The collation and tallying process is handled by a database management system (DBMS). The collated and tallied results from the various voting centres are made available for online display through a web application over a secure network and/or Internet.

Web Interface for Result Display including Textual and Graphical Viewing