www.Scytl.com

Helping increasevoter turnout & provide accessible, e�cient and secure election processes.

for Credit Union ElectionsOnline Voting

www.Scytl.com

In a time of cyber-security awareness, Federal Credit Unions and other Financial Institutions continue to prepare for cyber-attacks.

The Financial Services Modernization Act of 1999 has forced Credit Unions and Financial Institutions to imple-ment administrative, technical, and physical safeguards to protect the security, con�dentiality, and integrity of member information. However, when it comes to voting for their most in�uential leadership positions, many organizations continue using traditional channels to cast their ballot, traditional channels that do not cater to advanced security and transparency process: in-person paper voting, in-person voting machines, and unsecured telephone & email voting.

These outdated and unsecure voting channels could jeopardize the integrity of your elections and cause harmto your members. By providing your organization with an advanced security and veri�ability framework, online voting will allow you to:

Improve election e�ciency by decreasing traditional election costs such as printing and travel associated with the election process and improve ROI

Increase member turn-out and participation by providing more accessible voting channels

Increase membership con�dence and organizational transparency with end-to-end veri�ability of the voting and tallying processes.

EFFICIENCYOperational e�ciencies resulting from signi�cantly reduced costs & delivery of more timely and accurate results.

ACCESSIBILITYIncrease membership participation in elections by enabling remote members,be it military or members with disabilities to cast their vote securely and privately over the internet.

SECURITYGuaranteed vote and voter privacy, end-to-end election security and full veri�ability via advanced patented cryptographic protocols.

VERIFIABILITYIndividual and universal veri�cation allows members to check if their ballot has been cast-as-intended, recorded-as-cast and counted-as-recorded.

AUDITABILITYGenerated reports through the veri�ability process allows the solution to be audited by independent experts before, during, and after the election.

Online Votinga secure, accessible and fully auditable voting channel which allows voters to cast their vote privately from their desired location using a secure internet connection and the deviceof choice.

www.Scytl.com

ACCESSIBILITY

TRANSMISSION

TALLY

TRANSPARENCY

SECURITY

PAPER VOTING POSTAL VOTING ONLINE VOTING

Voting physically at designated polling place

Paper ballot transmission can be unattended at various

points before tally

Observers only present at one polling place

Vote counted and entered into tally as cast cannot be guaranteed

Voting physically at an embassy or via postal services

Postal ballots can take weeks, are unattended and there is

no guarantee of delivery

Tallying relies on human interaction and prone to human errors

Tallying relies on timely delivery of ballots & human interaction,

prone to human errors

Observers only present at one polling place

Vote integrity, vote counted and entered into tally as cast

cannot be guaranteed

Voting from anywhere with and internet connection

Vote data is transmitted immediately, privately and

securely (end2end encryption). Any unauthorized attempt

Tallying technology ensures timely reports & eliminates human errors

Technology allows full election observation

Vote integrity, voter privacy and vote counted and entered into tally as cast is fully guaranteed

One member, one vote; this is the core belief behind every credit union. Your members are your most important asset and keeping them actively engaged in your organization's leadership elections will increase perceived value to them. However, much like in public elections, members are disenfranchised due to the inconvenience and uncertainty of traditional voting methods.

ONLINE VOTINGTRADITIONAL ELECTIONS VS MODERN ELECTIONS

ONLINE VOTING IS NOT COSTLY:actually, online voting technology helps reduce election costs and complexity due to less ballot printing,sta� requirements, mailing requirements, etc.

ONLINE VOTING DOES NOT COMPROMISE VOTING PRIVACY:The use of advanced technology, cryptographic mixnets, shu�ing and re-encrypting/ decrypting votes breaksthe correlation of votes to voters, ensuring full anonymity.

WITH ONLINE VOTING VOTES CANNOT BE MODIFIED WHEN SENT OVER THE INTERNET: Once voters submit their ballots, these are encrypted on their device, are still encrypted when transmitted and remainso until the counting process. This ensures that if for whatever reason a transmission channel is compromised, the vote cannot be altered as it is securely encrypted.

WITH ONLINE VOTING VOTES CANNOT BE MODIFIED ONCE IT IS IN THE SERVER WHERE VOTES ARE COUNTED:Once ballots arrive on the voting server, online voting immutable logs use cryptographic processes to ensure the logs cannot be changed preventing vote tampering on the server as well as highlighting any unfruitful attempt at tampering.

WITH ONLINE VOTING VOTE INTEGRITY IS ASSURED:With online voting voters have the possibility to verify not only that their vote has been cast as they intended,but that it has been recorded and tallied as they intended, ensuring full integrity.

www.Scytl.com

ONLINE VOTINGPERCEPTIONS VS REALITY

End-to-end security and full veri�ability are crucial to all stages of an election. They not only protect the security and privacy of the vote and voter, but also prevent internal and external manipulation and guarantee that the process is transparent and veri�able by outside parties. There are service providers in the private industry that o�er basic security for online voting processes, however, most only provide standard IT security such as HTTPS, SSL, or TSL encryption. Standard encryption and decryption methods are more vulnerable to external and internal attacks, leaving your member’s data susceptible to malicious attacks.

In spite of its 12 years of successful implementations, online voting continues to be surrounded by a series of misconceptions relative to the technology and the security protocols used. Scytl Online Voting advanced security and veri�ability protocols greatly surpasses standard IT security measures and has been tested to a point where all those incorrect perceptions are proven wrong. Many organizations now realize the importance of advanced security protocols and are aware of the added value to the organization and the peace of mind it gives their members.

www.Scytl.com

The latest advancements in online voting technology ensure stronger protection against the challenges posed by online voting while constantly maintaining the credibility of the election.

By using methods such as digital signatures, universal veri�cation and cryptographic mixing, voters can be sure that their identitiesare never exposed and that their vote is kept secret.

ONLINE VOTINGSECURITY BEFORE & AFTER

When implementing an inherently tamper-proof solution, it is important to understand the di�erences between basic security and the advanced security techniques necessary to ensurea fully secure and veri�able online voting process.

PRIVACY

AUTHENTICATION

VERIFIABILITY

INTEGRITY

COMMON TECHNIQUES

SSL based encryption Database encryption “Military grade”

encryption Information protection

User password access control

Logs monitoring System & application logs

Source code open for review Operation traceability

Procedural integrity checks SSL security

3 layers of personal data encryption End-to-end encryption protocol Cryptographic mixing protocol

Secret sharing cryptographic keys

Advanced encryption mechanics

Integrated authentication protocol Multi-factor strong authentication

Strong role-based access control

Cryptographic cast -as-intended Cryptographic counted-as-cast

Digital signatures

Cryptographic immutable logs Digital signatures

End-to-end security

Security cross checks data integrity

BEST PRACTICE TECHNIQUES

www.Scytl.com

THE 4 STEPS IN THEONLINE VOTING PROCESS

Online voting processes are comprised of 4 steps that allow voters to cast their ballots quickly, privately and safely and ensure timely and auditable election results.

AUTHENTICATION VOTING TRANSMISSION TALLYING

/ Supports any type of voter authentication, be it pre-existingor the adoption of a new voting authentication method.

Digital certi�cates: the foundation of Scytl authentication process, privacy and integrityOn site: Standard or Electronic ID, Biometrics Remote: Electronic ID, Digital certi�cates, Voting credentials, Webcrossing

/ Single voting interface for both remote and on-site users. Voter privacy is ensured throughballot encryptionVoter eligibility is ensured through digital signatures of election dataResults integrity is guaranteed thanks to the traceability of voting operations and the vote’s digital signatureAccessibility for all remote members and those with disabilities.

/ Results are received from all polling places and di�erent voting channels such as poll-site voting, Internet voting and postal voting.

Ballots can be transmitted immediately through the internet to election serversBallots can be di�ered if polling stations are not equipped with internet connections.For onsite / non-internet connected kiosks, ballots can be transferred physically to central servers or transmitted securely via telephone networks

/ After the election is closed, all the online votes are consolidated and transferred securely for “Mixing”by the electoral organization.

Quorum of electoral board members is required to regenerate the election key to decrypt votes.The “mixing” process decrypts thevotes and breaks the correlation between encrypted votes & voters ensuring voter privacy.Results can be published on interactive online portals with graphics and drill-down capabilities (polling place, district, etc.)

ID

VOTING CARD

USERXXXX-XXXXRETURN CODESXXXX-XXXX XXXX-XXXXXXXX-XXXX XXXX-XXXX

A B C

00111000110100011101101110011101101000101

C

74% 65% 42%

26% 74% 35% 65% 58% 42%

A B C

A B C

www.Scytl.com

HOW ONLINEVOTING WORKS

RECEIPT

74% 65% 42%

26% 74% 35% 65% 58% 42%

A B C

C B A

CA

B

ELECTIONREPORTS

1 2 3 4 5

6789

10

/ Members vote online on the device of choice

/ Votes are securely and privately transmitted over the internet

/ Votes are validated by the centralized server and included in the digital ballot box

/ Digital ballot boxes are closed and vote cleansing, mixing and shu�ing begins

/ Quorum of supervisory / election committee builds keyto allow vote decryption

/ Vote decryptionprocess in completed

/ Voters receive vote receiptfor voting results veri�cation

/ Vote tally

/ Results publication

/ Votes are encrypted and digitally signed on the voter’s devices

Internet0011100011010

0011101101110011101101000101

35MILLIONVOTING-AGE PEOPLE WITH

DISABILITIES IN THE U.S.

LESS THAN HALFVOTED IN 2012THAT IS 1

IN 7 PEOPLE

80%

LIVE INDEVELOPING COUNTRIES

15%

OF THEGLOBAL POPULATION

BILLION PEOPLEAROUNDTHE WORLDLIVE WITH DISABILITIES

ONE

INCREASE PERSONS WITH DISABILITIESPARTICIPATION

OBJECTIVESOF SECURE & ACCESSIBLEONLINE VOTING

3

61

2

4

5

87

AccessibilityOnline voting is speci�cally designed to be accessible for remote members, members with disabilities, and members serving in the military. Addressing the challenges and eliminating the barriers of disenfranchised members via online voting technology ensures that they can vote and participate in the election process on equal terms as other members: privately, securely, and independently.

Ease-of-use: simple steps to casting a vote. Voters can easily navigate through voting platform.

Increases �exibility sending: allows for �exible and extended voting times. Voters can vote at their own convenience from any device with an internet connection.

Increases participation: allows for remote voting. Enfranchise your members from remote locations with online voting.

Increases accessibility: empowers voters with limited access to onsite and mail-in voting. Enfranchise members with disabilities and remote members (members serving in the military, expats, hospitalized, etc.)

www.Scytl.com

KEY ONLINE VOTING BENEFITS

www.Scytl.com

KEY ONLINE VOTING BENEFITS

IMP

RO

VE

DSU

STA

INA

BIL

ITY

CA

RB

ON

FOO

TP

RIN

TR

ED

UC

TIO

N

74% 65% 42%

26% 74% 35% 65% 58% 42%

74%

65%

42%

16%

84%ELECTIONTRAINING

74% 65% 42%

26% 74% 35% 65% 58% 42%

74%

65%

42%

16%

84%

ELE

CT

ION

BU

DG

ET

SAV

ING

S

SAVINGHUNDREDS OF

THOUSANDS OF TREES AND

TONS PAPERAND TONER

REQUIREMENTS

ELIMINATE THE NEEDFOR BALLOT PRINTINGNO

ELIMINATION OF PAPER, TONER & RECYCLING NEEDS FOR VARIOUS

ONLINE ELECTION PROCESSES

ELECTIONMANAGEMENT EFFICIENCIESREALIZEDACROSS ALLONLINERELATED PROCESSES

34%SAVINGS IN ELECTIONMANAGEMENT BUDGETS

ELIMINATE THE NEEDTO TRAVEL BOTHREGISTER AND VOTE

SIGNIFICANTCARBON

FOOTPRINT REDUCTION BY ELIMINATING THE NEED FOR

TRAVEL AND MATERIALDELIVERY STREAMLINEDLOGISTICS AND TRANSPORTATION REQUIREMENTS

TRAININGMANUALSAND TESTS

PRINTED

PRODUCTION COSTS OF

REGISTRATION, TRAINING AND

VOTINGMATERIAL

SIGNIFICANTLY REDUCED

E�ciencyOptimizing the electoral process leads to cost savings and overall sustainability by decreasing the dependence on traditional resources.

Improved sustainability: eliminates the need for paper ballots, toner, and recycling for election processes.

Carbon footprint reduction: eliminates the need for transportation with traditional method (registration, voting, streamlined logistics and ballot production).

Election budget savings: signi�cant reduction in production costs and election management e�ciencies.

E�cient and accurate results publication: by reducing human interaction and errors, election resultswill be more accurate and timely.

Veri�ability Individual and universal veri�cation allows members to check if their ballot has been cast-as-intended, recorded-as-cast and counted-as-recorded, providing election and voting transparency.

Cast-as-intended: Voters will receive unique secure codes corresponding to each candidate before the election. Once the voter has cast their vote online, they will receive return codes con�rming their voting options. If the return code doesn’t match, we can assume that their vote has been tampered with or manipulated.

Recorded-as-cast: Voters receive a voting receipt based on a �ngerprint of the encrypted vote. During the voting process,the servers publish the �ngerprints of the encrypted votes.The voting receipt will allow voters to check that their vote has been recorded properly.

Counted-as-recorded: Through this veri�cation process and the use of Zero Knowledge proofs, observers monitoring the election can determine if the vote was manipulated when the contents of the encrypted votes were obtained. These proofs do not contain any information that can allows correlation between the votes and the members increasing transparency while preserving voter privacy.

www.Scytl.com

KEY ONLINE VOTING BENEFITS

www.Scytl.com

AuditabilityIn order to ensure election integrity to your members, a means for the election process to be audited by independent authorities is required. Generated reports through the veri�ability process allow the solution to be audited by independent experts before, during, and after the election.

Digital signatures: Encrypted votes need to be digitally signed by voters before they are cast. This prevents the manipulation of the votes after being cast and also ensures the eligibility of the votes stored in the ballot box by means of veri�cations of the digital signatures.

Immutable logs: Logs using cryptographic systems are generated and stored to facilitate election monitoring. These logs are used to record activity which can then be audited and reviewed to ensure election integrity.

KEY ONLINE VOTING BENEFITS

ELECTIONAUTHORITY

EA

ELECTIONAUTHORITY

EA

ELECTIONAUTHORITY

EA

Bulletin Immutable

Board

www.Scytl.com

SecurityEnd-to-end security is crucial to allstages of an election and is providedvia advanced patented cryptographic protocols. It not only protects the security and privacy of the vote and voter, butalso prevents internal and external manipulation and guarantees that the process is transparent and veri�able by external sources and auditors.

Privacy:Online voting ensure fullvote and voter privacy.

Integrity:Guarantees votes are nottampered with or modi�ed,ensuring full election integrity.

Patents:Scytl has capitalized on its morethan 22 years of research to develop election-speci�c cryptographic security technology protected by more than40 international patents and patent applications, positioning Scytl as the company with the largest patentportfolio of the industry.

KEY ONLINE VOTING BENEFITS

OUI!

AN!

JO!

KAMA!

SI!

SE!

LAA!中頻!

AKO!

NO!

IF!

NËSE!

DA!YES!

AKO!

www.Scytl.com

The National Credit Union Administration (NCUA) standards and guidelines for safeguarding member information is an important set of criteria to ensure the privacy of a credit union member’s personal information. These guidelines are in place to protect personal information against threats or hazards that can harm your members and your organization. Most credit unions have considered these guidelines and designed an information security program to control identi�ed risks.

NATIONAL CREDIT UNION ADMINISTRATION GUIDELINES

However, some organizations have not re�ected these security measures when nominating and selecting potential candidates for in�uential leadership positions. Traditional methods and online voting technology with standard IT security do not ensure the privacy and transparency of your member’s vote. Ensuring voter con�dence in your member's vote will bring added value to your organization and build greater relationships between your members and leaders.

If you’re considering implementing security measures for your next elections, please consider the following guidelines when making your decision:

NCUA INSPIRED GUIDELINES TO SAFEGUARDING MEMBER ELECTIONS

Authenticate Access Controls and permit access only to authorized individuals.

Access Restrictions of Electronic BallotBox that contains members votes.

Encryption of the member informationand vote cast information.

Monitoring systems and procedures to detectany attempted attacks or intrusions on the votes.

Response systems in place to detectany suspicion of vote manipulation.

Prevent & Protect the loss ormanipulation of Member Vote

THE SCYTL ONLINE VOTING DIFFERENCE

Scytl Online Voting´s unique authentication methods ensure that onlyauthenticated members are able to access the voting portal and cast their vote.

Scytl Online Voting has unique encryption protocols in place that ensureonly the Board of Executives or authorized individuals can download ballots.

Scytl Online Voting’s security protocols and authentication ensurethe privacy of your member’s vote and membership information.

Scytl Online Voting security protocols include the use of immutable logs which candetect any attempt of vote manipulation or removal from both internal and external attackers.

Scytl Online Voting’s veri�cation processes provide reports for third partyauditors to detect any attempts at manipulation during or after the election.

Scytl Online Voting’s security measures and protocols prevent any manipulationor mishandling of your member's vote, ensuring voter privacy and election integrity.

“Online voting means I can vote anonymously like everybody else. It means independence, it means being sure that my voice has been heard and that my vote counted.” Jennifer, Visually impaired voter, Vision Australia

“For the second consecutive year our citizens of Girona have expressed their trust in the online

in participation encourages us to continue leveraging the use of innovative tools like online voting.” Deputy Mayor & Councilor of Finance

“Not only was the election convenient

an opportunity for our members to experience online voting which can potentially transform the future of elections in the United States.” Diane Allen, NFWL Chair Senator of New Jersey

www.Scytl.com

As online voting technology continues to evolve, both governments and private organizations across the globe continue to embrace the new voting channel – either as a standalone channel or as an additional and complimentary channel to paper and postal channels - and are leveraging the bene�ts it provides to both their members and the organization.

ORGANIZATIONS ALREADY BENEFITING FROM SCYTL ONLINE VOTING

“Scytl consistently exceeded our expectations by providing us with the highest level of service throughout the project. Our members clearly understood their roles throughout the election process and provided positive feedback about the Online Voting solution.”

Patricia Mercado, Organization of American States (OAS) Sta� Federal Credit Union

CHECKLIST FOR DELIVERING SECURE, ACCESSIBLE ONLINE VOTING FOR CREDIT UNION ELECTIONS

Conclusion: as you advance down the road of online voting evaluation for your next election, best practices recommend that all the t’s are crossedand the i´s dotted before embarking on projects such as these.

More accessibility, higher e�ciencies, proven security and veri�ability and global experience managing online voting in di�erent countries and organization types are of paramount importance and will be the key to ensuring a successful online voting experience for your election sta� andyour voters.

Scytl Online Voting technology provides advanced security measures guaranteeing that voters are authenticated, voter privacy is protected, and member’s votes and election results were not manipulated by external hackers or internal technical sta� with system privileges. These security protocols will ensure a secure and fair election and bring added value to your membersand your organization.

Easy access for remote and overseas voters

Accessible to persons with disabilities

Guaranteed voter privacy and vote integrity Voter veri�cation for cast-as-intended, counted-as-cast and recorded-as-cast

Possibility of source code publication for certi�cation and third party audit

Observer, participants and independent auditor validation and veri�cation

Full system auditability by independent experts and academics

Technology tested and proven in a vast number of secure online voting projects

www.Scytl.com

www.Scytl.com

Helping increasevoter turnout & provide accessible, e�cient and secure election processes.

for Credit Union ElectionsOnline Voting