Security Facts

Q:Does Smartmatic forbid disclosing its source code?

FACT: No. Transparency is the key to building trust in election results. Smartmatic has made transparency and auditability a priority of its technology. To stress Smartmatic’s commitment to integrity, they made it a point to actively push for stakeholders to conduct source code audits. The source code is, as a rule, available to political parties and accredited organizations for extensive scrutiny.

During the elections of 2010 in the Philippines, Smartmatic’s source code was accredited by a certification agency in the United States - SLI Global Solutions.  After the said certification, the source code was digitally signed and the hash codes were shared to all participants. These secure code was then loaded into each VCM. This helped to guarantee that the code used was the same code that was reviewed.

For automated Philippine elections in 2010, 2013 and 2016, authorities invited stakeholder groups to audit the source codes of the counting equipment. Unfortunately, in 2010, not one single group filed an official request to review it.  In 2013, all watchdogs and political parties who reviewed the source code of both the Canvassing and Consolidation System and the VCMs, confirmed that the system worked as intended. In 2015, Smartmatic and the Commission on Elections initiated the source code almost 7 months ahead of the 2016 Philippine Elections.

Q: Is it true that automated elections cannot be audited?

FACT: False. One of the strengths of Smartmatic’s electronic voting systems is that, it is fully auditable. Unlike a manual ‘system’, a well-designed automated election, by contrast, produces multiple copies of every data point, both in electronic and paper-based forms. This creates a very rich audit trail that cannot be outwitted. The Venezuelan 2015 election was audited itself 13 times.


Q: Is it true that Electronic Voting Machines (EVM’s) do not produce a Voter Verifiable Paper Audit Trail (VVPAT)?

FACT: False. Smartmatic conducted the first national fully-automated election that delivered printed paper trails in 2004. Electronic voting machines with VVPATs are today’s global standard, and Smartmatic has been leading the way since 2004. 


Q: Can someone pre-program Smartmatic machines before the day of elections and rig the electronic results?

FACT: No. Following the 2013 midterm elections in the Philippines, some groups claimed that results were predetermined following a fixed-share voting pattern: 60% for one party, 30% for another and 10% split between remaining candidates.

The claim was investigated and debunked by election observers such as The Parish Pastoral Council for Responsible Voting (PPCRV), the leading elections watchdog in the Philippines. They have declared that there was absolutely no evidence to support such theory. Additional studies found that actual vote distribution follows the 60-30-10 pattern only when a few precincts are counted, therefore debunking the claim on the basis of it not being an accurate representation. John Paul Vergara, Professor of Computer Science and Trustee at PPCRV, confirmed that the voting patterns were not rigged and reflected those that “would typically arise in almost any election.” 

None of the election protests filed after the 2013 Midterm Elections raised the issue of an alleged pre-fixed voting pattern.  Not a single election protest prospered on the ground of rigged or pre-programmed results.

A report written by academic experts discussed the inadequacy of evidence offered by critics of the 2013 automated elections and further found that the 60-30-10 pattern allegations did not hold well against scrutiny.  A report written for Rappler by Aries Rufo, which used an analysis of official election canvassing results, also found that regional votes do not support the alleged 60-30-10 pattern.

The alleged pattern was also dismissed by Dr. Michael Purugganan, Dean of Science of New York University, after he conducted a research on this allegation. “No conspiracy here—just mathematics at work.” Independent researchers have found that the software used by Smartmatic cannot be hacked.


Q: Can hackers easily penetrate Smartmatic machines and alter the electronic results?

FACT: No. Smartmatic utilizes a range of mechanisms to safeguard security and privacy of votes, from: security fragmentation, security layering, device identity assurance, multi-key combination and opposing-party auditing. This is very similar to the security protocols used by financial institutions, who transacts billions of dollars on a daily basis.
All election results are encrypted and digitally signed. After polls, election data is transmitted into random patterns from the different precincts over the course of few hours, and it is impossible to know in advance when a specific precinct will transmit its results. The canvassing servers verify the authenticity and integrity of the data before accepting the transmission.

The transmission is done through a private and secured network which is built together with all major cellular networks in the country. Furthermore, the country may choose to print paper copies of results, which are signed by the BEI’s (board of election inspectors,) to provide a robust auditing system in addition to the transmission and canvassing processes.


Q: Does Smartmatic’s equipment go through a certification and approval process?

FACT: Yes. Smartmatic machines go through an Engineering Test as well as a source code approval process. The source code approval process allows the source code to be read, reviewed, and checked for mistakes. The main objective of the engineering evaluation is to certify the performance, reliability and easiness of the voting technology and its tolerance to failures of the result transmission.