Managing risk while enhancing accessibility and access
Each election official is charged with delivering accessible, secure, and trustworthy elections according to the laws in their jurisdiction. Election officials may be required to provide voters with the ability to electronically return their ballot to comply with legislative or court mandates or to provide adequate accessibility to voters.
Officials need solutions that can responsibly meet both legal mandates and foster public trust. That’s why we developed Enhanced Ballot, an electronic ballot delivery system with options to remotely mark and electronically return ballots. Enhanced Ballot is thoughtfully engineered to address accessibility and ballot access needs while rigorously managing security and risk.
Accessibility with purpose
From its inception, Enhanced Voting’s forward-looking technology has aimed to serve voters who encounter barriers to traditional voting. Our tools were first used to assist overseas military and civilian voters who may otherwise struggle to exercise their right to vote due to the logistics of returning a ballot from far-flung locations.
We later adapted the solution to serve voters with disabilities, particularly those who rely on assistive technologies like screen readers. Enhanced Voting allows voters with disabilities to use the same assistive technology they have at home to obtain their blank ballot, mark it, and, based on the options the election jurisdiction chooses, return it either electronically or by printing and mailing it, rather than being forced to use technology that may not work for them.
Security through innovation and verification
No method of voting is completely free of risk; natural disasters, power outages, or other disruptions can all pose challenges. Through it all, election officials do a remarkable job managing these risks and successfully conducting elections time and time again.
We developed Enhanced Ballot to meet the exacting standards election officials use in other methods of voting. The product and the processes underlying it are developed using the best available technology and are rigorously and independently assessed and tested.
Security measures we take
Built to manage risk responsibly
Here are a few of the security measures we take that give us confidence in our solution:
- Integration with Microsoft’s ElectionGuard Software Development Kit and Azure hosting: Integrating with Microsoft’s open-source ElectionGuard software and hosting on Microsoft Azure provides both transparency and resilience. ElectionGuard enables end-to-end verifiability (E2E-V), allowing voters and election officials to independently confirm that ballots are recorded as cast. Open-source code invites public review, reducing the risk of hidden vulnerabilities. Hosting on Azure ensures access to world-class cybersecurity protections, monitoring, and redundancy against outages or attacks.
- SOC 2 Type II audited processes and continuous auditing: Our SOC 2 Type II audited processes mean our infrastructure is independently validated for compliance with five trust principles — security, availability, processing integrity, confidentiality, and privacy. Ongoing third-party audits, supported by continuous monitoring and evidence collection, demonstrate that we not only have robust controls in place, but that they are consistently followed in daily operations, giving customers confidence that safeguards are actively enforced.
- Independent examinations and state-level testing: Having multiple state agencies and independent auditors regularly examine and test Enhanced Ballot ensures accountability and objectivity. These reviews verify that our systems meet or exceed rigorous state, national, and international security standards, providing election officials and the public with external validation that our solutions perform securely and reliably in real-world conditions.
- Comprehensive technical risk mitigations: We apply a multi-layered security approach, including encryption in transit and at rest, memory-safe programming languages, role-based access control (RBAC), audit logs, and a security-focused software development lifecycle (SSDLC). Together with internal quality assurance, customer-led testing, and independent penetration tests, these controls protect data integrity, detect anomalies, and minimize the risk of unauthorized access. Finally, our vulnerability disclosure program invites responsible external reporting, ensuring that potential issues are found and resolved quickly, a hallmark of mature, transparent security practice.
No technology or process can provide perfect security, but we are committed to implementing best practices and staying at the state-of-the-art in securing our products.
Managing risk with appropriate scope
We believe that electronic ballot return is an important tool for the limited number of voters whose circumstances would result in their not being able to cast a vote (think a military member deployed to a submarine), the risk is lower (because of the small scale) and the need greater (because of unique circumstances). When implemented in a limited, targeted context, such as for overseas or disabled voters, electronic ballot return offers a carefully controlled way to provide ballot access without compromising security.
We do not advocate for expanded electronic ballot return; instead, we empower election officials and policy makers to meet their requirements, make informed decisions, and deploy the right solution for their jurisdiction.
Compared to the alternatives of email and fax return, we know our solution provides overseas voters and those with accessibility needs a more user friendly and substantially more secure solution that offers improved privacy for voters.
The Technology We Need
We broadly agree with the findings of the working group at Berkeley’s Center for Security in Politics. Namely the challenges we must overcome before widespread use of electronic ballot return is feasible:
| Challenge | Description |
|---|---|
| End-to-end verifiability limitations | Voters must verify individually—logistically impractical at scale |
| Client-side malware | Home devices are susceptible to tampering, especially by sophisticated actors |
| Confidence erosion via malfeasance | Bad actors can undermine trust through false claims or manipulation |
| Targeted DoS attacks | Disruptions during voting carry high stakes |
| Lack of digital credentials | No widely deployed, inclusive authentication system for remote voting |
| No physical ballot that a voter can verify | No physical ballot to audit or verify post-election that the voter has also physically verified |
Continuous progress
We have and will continue to contribute to overcoming these challenges. And as new technologies emerge, we will integrate them into Enhanced Ballot.
The Technology We Have
Despite these challenges, some of the technologies needed to mitigate the risk for the small population of voters who are eligible for electronic ballot return already exist. Enhanced Ballot uses those technologies. Here are some of the ways in which we do so:
| Category | Key Points |
|---|---|
| Core Capabilities | Electronic Ballot Delivery (EBD) with precinct-specific ballots; marking online and printing with clear return instructions; near-seamless setup. |
| Use Cases | Military and overseas voters and voters with disabilities. |
| Cryptography / Verification | Microsoft ElectionGuard integration (confirmation code lookup, public election record hosting); hosting on Microsoft Azure with cybersecurity services; and providing customers with end-to-end verifiability (E2E-V) capabilities. |
| Independent Assurance | SOC 2 Type II audit (all five trust criteria); independently examined by multiple state agencies; regularly tested by independent auditors. |
| Security Features | Encryption in transit/at rest, memory-safe programming languages, RBAC, audit logs, security-focused SDLC, internal QA, 3rd-party pen-testing, customer-led assessments, vulnerability disclosure program. |
| Electronic Return Workflow | Returned ballots encrypted → official review for eligibility → batch decryption (≥10 ballots at a time recommended for anonymity) → PDF packet printed for tabulation. “Ballot Decryption Allowed After” timing control. |
| Accessibility | Screen-reader and assistive tech support; WCAG 2.2 A/AA alignment; responsive UI (smartphone/tablet); text size and high-contrast controls. |
| Integrations / Ops | Optional API automation with full audit trails; SSO for admin portals; barcode-assisted downstream ballot processing via Enhanced Remake. |
| Hosting / Scale | Cloud-based on Microsoft Azure with multilayer security and compliance; broad adoption across many jurisdictions; denial-of-service protections at the edge and on virtual networks. |
Minimizing Risk, Maximizing Ballot Access
You may be asking why, if there are barriers to widescale adoption, we think it’s okay to offer this solution to any voters at all. Most importantly, many jurisdictions require an alternative for both accessibility and ballot access reasons, and we give them the best possible way to meet those requirements.
In addition, from a pure risk perspective, let’s revisit the importance of the smaller scale. In risk management, particularly risk management against adversarial actors, scale is important because it determines the attractiveness of a target to those bad actors. With today’s technology, a bad actor would have to spend substantial resources and have a high level of sophistication to impact top-tier electronic voting methods. When only a small fraction of voters uses an electronic ballot return system, the target isn’t very attractive relative to the cost of the attack: bad actors look elsewhere. With universal or near-universal adoption, it may be worth the investment to attack. By keeping things small in scale, we can increase access for those who need it most without increasing risk to an election itself.
Enhanced Ballot offers an accessible, verified system backed by neutral, independent testing and tailored to limited populations with non-traditional needs. It empowers officials to modernize access with a clear-eyed view of risk.
At Enhanced Voting, our goal is to partner with election officials to meet each challenge with data, transparency, and continuous improvement. Enhanced Ballot is a practical, verifiable solution for discrete accessibility needs, deployed with care and confidence. We look forward to working alongside officials who share our vision: elections that are accessible, secure, and rooted in trust.
Your Questions Answered: Enhanced Voting and Electronic Ballot Return
Q1: Does Enhanced Voting provide electronic ballot return for all voters?
A: No. Enhanced Voting’s technology supports jurisdictions that authorize electronic ballot return only for limited populations such as overseas military or voters with disabilities who face accessibility challenges. We don’t define who is eligible for electronic ballot return. We’re here to support the individual requirements of each election jurisdiction.
Q2: Isn’t electronic ballot return too risky?
A: There are risks and tradeoffs with all types of voting. The key is to be aware of and manage those risks properly. Overseas voters and those with disabilities often face substantial barriers to voting and, in some cases, a voter has no other option of returning a ballot independently and election officials are mandated by law to offer electronic ballot return as a solution. We’re here to help them by providing the most secure and user-friendly approach to meet their requirements.
Q3: Why can’t all voters use this technology?
A: First, it’s important to recognize that voting is different from other transactions you might do on your phone. There are several reasons for this, but the biggest is ballot secrecy. Every bank transaction you make, while sensitive, is logged and audited. You and the bank both have records of it. With voting, we disassociate you from your ballot when you cast it. That fundamentally changes the technological challenges. Second, increasing the scale of any method of voting increases its risk by making it more attractive to bad actors. Keeping the scale limited to those who will most benefit, we can improve ballot access without increasing risk. We encourage reading the findings of the working group at Berkeley’s Center for Security in Politics as well as the EAC, NIST, FBI, and CISA joint release on Risk Management for Electronic Ballot Delivery, Marking, and Return.
Q4: How does Enhanced Voting ensure accessibility?
A: Our system integrates with assistive technology such as screen readers and audio-tactile interfaces to empower voters with disabilities to independently mark and either print and mail or electronically return their ballots. We are also WCAG 2.2 AA aligned.
Q5: What about public confidence and transparency?
A: We believe confidence grows from transparency and rigorous independent testing. That’s why we’re open about our work, our assessment of risk, and the technologies we employ in our products. We also leverage the open source ElectionGuard software development kit to enhance transparency, security, and verifiability of the electronic ballot return process.
Q6: How does Enhanced Voting view the future of electronic voting?
A: Like all technology, this is an evolving frontier. We support ongoing research and technology efforts to make all aspects of voting safer, more secure, and always anonymous.