Fingerprint 2FA

increase an attackers cost for using fake or dead people.

It is a stand-alone improvement which aims to disrupt thugs that create huge amounts of fake ballots in a boilerroom setting.

2-Factor Authentication (2FA) ties two different forms of authentication together: Both have to be correct that access is granted.

While an attacker might get access to one form of authentication, it is increasingly harder for him to get access to a second one as well. Fingerprint 2FA supplements the already present signature on an envelope with a second form of authentication: The voters fingerprint. As faking signatures is still rather easy, the additional need for a fingerprint increases the difficulty for an attacker. Fingerprints can also be checked for duplicates: This new need for different fingerprints makes the mass production of fake ballots unfeasible.


Notes

The gained security depends on the level of implementation:

Pseudo 2FA

Store fingerprints temporary and check them against each others for duplicates.

→ Security against huge amounts of fraudulent ballots.

→ Easy to implement.

Real 2FA

Store fingerprint permanent and check them against an existing voter database.

→ Security against huge amounts of fraudulent ballots.

→ Security against fake & dead people.

→ Security against impersonators.

→ Difficult to implement.


Angles of attack

Corrupted machines report false results (Critical)

It must be ensured that the machines reliably scan, store and compare fingerprints.