Login| Sign Up| Help| Contact|

Patent Searching and Data


Title:
ONLINE VOTING METHODS AND SYSTEMS
Document Type and Number:
WIPO Patent Application WO/2018/026531
Kind Code:
A1
Abstract:
An online voting method comprises receiving, at a first server, a log in request from a voter at a first interface implemented by the first server; determining, on the first server, if the voter is registered to access online voting and if the voter is registered to access online voting, providing the voter access to a second interface implemented on a second server; receiving, through the second interface implemented on the second server, a vote indication from the voter; and sending an indication of the vote indication to an election management server.

Inventors:
SHARMA, Piyush (A WING 1004Pune, Maharashtra 5, 411015, IN)
GUPTA, Shweta (Pimple Saudagar, Near Shivar GardenSunshine Height Society, Flat#60, Pune Pimpri Chinchwad 7, 411027, IN)
Application Number:
US2017/043037
Publication Date:
February 08, 2018
Filing Date:
July 20, 2017
Export Citation:
Click for automatic bibliography generation   Help
Assignee:
MASTERCARD INTERNATIONAL INCORPORATED (2000 Purchase Street, Purchase, NY, 10577, US)
International Classes:
G07C13/00
Domestic Patent References:
WO2015120307A12015-08-13
Foreign References:
US20050263593A12005-12-01
CN105704117A2016-06-22
EP2645337A12013-10-02
AU2014227522A12014-10-09
Other References:
None
Attorney, Agent or Firm:
DOBBYN, Colm, J. (Mastercard International Incorporated, 2000 Purchase StreetPurchase, NY, 10577, US)
Download PDF:
Claims:
CLAIMS

1. An online voting method, the method comprising receiving, at a first server, a log in request from a voter at a first interface implemented by the first server;

determining, on the first server, if the voter is registered to access online voting and if the voter is registered to access online voting, providing the voter access to a second interface implemented on a second server;

receiving, through the second interface implemented on the second server, a vote indication from the voter; and

sending an indication of the vote indication to an election management server.

2. A method according to claim 1, wherein providing the voter access to the second interface comprises providing the voter with a one-time password to access the second interface.

3. A method according to any preceding claim, wherein the first interface is an online banking interface. 4. A method according to any preceding claim, further comprising encrypting the vote indication.

5. A method according to any preceding claim, further comprising determining a constituency associated with the voter and displaying through the second interface a list of candidates associated with the constituency associated with the voter.

6. A method according to any preceding claim further comprising determining if a voting period is open and wherein the voter is provided access to the second interface if the voting period is open.

7. A computer readable medium carrying computer executable instructions which when executed on a processor cause the processor to carry out a method according to any one of claim 1 to 6.

8. An online voting system comprising a first server and a second server,

the first server comprising a computer processor and a data storage device, the data storage device having an online banking portal module; a voter identification module and an online voting access module comprising non-transitory instructions operative by the processor to:

receive a log in request from a voter at a first interface; and determine if the voter is registered to access online voting and if the voter is registered to access online voting, providing the voter access to a second interface implemented on the second server,

the second server comprising a computer processor and a data storage device, the data storage device having an online voting portal module; and a vote reporting module comprising non-transitory instructions operative by the processor to:

receive, through a second interface, a vote indication from the voter; and send an indication of the vote indication to an election management server.

9. An online voting system according to claim 8, wherein the online voting access module further comprises non-transitory instructions operative by the processor to provide the voter with a one-time password to access the second interface.

10. An online voting system according to claim 8 or claim 9, wherein the first interface is an online banking interface. 11. An online voting system according to any one of claims 8 to 10 wherein the vote reporting module further comprises instructions operative by the processor to encrypt the vote indication.

12. An online voting system according to any one of claims 8 to 11 wherein the online voting access module further comprises non-transitory instructions operative by the processor to determine if a voting period is open and wherein the voter is provided access to the second interface if the voting period is open.

13. An online voting system according to any one of claims 8 to 12, wherein the data storage device of the first server further comprises a voter registration module comprising non-transitory instructions operative by the processor to

receive an indication of a voter identification;

receive an indication of a bank account number associated with a voter;

store data linking the bank account number to the voter identification; and register the voter for online voting.

14. An online voting system according to claim 13, wherein the voter registration module further comprises non-transitory instructions operative by the processor to register the voter for online voting by providing the indication of the voter identification to the election management server.

15. An online voting system according to claim 13 or claim 14, wherein the voter registration module further comprises non-transitory instructions operative by the processor to receive an identifier of a constituency in which the voter is entitled to vote.

16. An online voting system according to any one of claims 13 to 15, the voter registration module further comprises non-transitory instructions operative by the processor to register the voter for online voting by verifying that the voter identification corresponds to an entitlement to vote with the election

management server.

Description:
ONLINE VOTING METHODS AND SYSTEMS

CROSS-REFERENCE TO RELATED APPLICATION

This application claims the benefit of, and priority to, Singapore Patent Application No. 10201606488Q filed on August 5, 2016. The entire disclosure of the above application is incorporated herein by reference.

TECHNICAL FIELD AND BACKGROUND

The present disclosure relates to methods and systems for online voting.

Citizens of many countries have the right to vote to select their government. However, in many countries the actual number of people who cast their vote is often low compared to the total number of people with the right to vote. One of the reasons for this is that the whole process can be very time consuming starting from getting enrolled to the right voter list, getting correct information on a voter ID card, and waiting for long hours in queues to vote. There are also security issues involved in the management of elections such as ensuring that proxy votes are not carried out by people using a fake identity.

Electronic voting systems are used in some countries. In such systems an electronic voting machine (EVM) is used. The EVM machine typically consists of two units connected by a cable. These units are a control unit managed by a presiding officer; and a balloting unit. The officer in-charge of the control unit will press a ballot button on the control unit after manual verification of voter ID and the voter. This enables the voter to cast a vote by pressing a button on the balloting unit against the candidate or party of the voter's choice. The process is manual, time consuming and has possibilities of allowing duplicate/illegal voting. SUMMARY

In general terms, the present disclosure proposes a method of online voting which uses an interface such as an online banking interface. Users may log onto a first interface which may be an online banking portal. If a user is registered to use online voting the first interface provides the user with access to an online voting interface. The user may then cast their vote through the online voting interface.

According to a first aspect of the present invention, there is provided an online voting method. The method comprises receiving, at a first server, a log in request from a voter at a first interface implemented by the first server; determining, on the first server, if the voter is registered to access online voting and if the voter is registered to access online voting, providing the voter access to a second interface implemented on a second server; receiving, through the second interface implemented on the second server, a vote indication from the voter; and sending an indication of the vote indication to an election management server.

In an embodiment providing the voter access to the second interface comprises providing the voter with a one-time password to access the second interface.

In an embodiment, the first interface is an online banking interface. In an embodiment the method further comprises encrypting the vote indication.

In an embodiment the method further comprises determining a constituency associated with the voter and displaying through the second interface a list of candidates associated with the constituency associated with the voter.

In an embodiment the method further comprises determining if a voting period is open and wherein the voter is provided access to the second interface if the voting period is open.

According to a second aspect of the present invention there is provided an online voting system comprising a first server and a second server. The first server comprises a computer processor and a data storage device, the data storage device having an online banking portal module; a voter identification module and an online voting access module comprising non-transitory instructions operative by the processor to: receive a log in request from a voter at a first interface; and determine if the voter is registered to access online voting and if the voter is registered to access online voting, providing the voter access to a second interface implemented on the second server. The second server comprises a computer processor and a data storage device, the data storage device having an online voting portal module; and a vote reporting module comprising non-transitory instructions operative by the processor to: receive, through a second interface, a vote indication from the voter; and send an indication of the vote indication to an election management server.

In an embodiment the online voting access module further comprises non-transitory instructions operative by the processor to provide the voter with a onetime password to access the second interface.

In an embodiment the first interface is an online banking interface. In an embodiment the vote reporting module further comprises instructions operative by the processor to encrypt the vote indication.

In an embodiment the online voting access module further comprises non-transitory instructions operative by the processor to determine if a voting period is open and wherein the voter is provided access to the second interface if the voting period is open.

In an embodiment the data storage device of the first server further comprises a voter registration module comprising non-transitory instructions operative by the processor to: receive an indication of a voter identification; receive an indication of a bank account number associated with a voter; store data linking the bank account number to the voter identification; and register the voter for online voting.

In an embodiment the voter registration module further comprises non- transitory instructions operative by the processor to register the voter for online voting by providing the indication of the voter identification to the election management server.

In an embodiment the voter registration module further comprises non- transitory instructions operative by the processor to receive an identifier of a constituency in which the voter is entitled to vote.

In an embodiment, the voter registration module further comprises non-transitory instructions operative by the processor to register the voter for online voting by verifying that the voter identification corresponds to an entitlement to vote with the election management server.

According to a yet further aspect, there is provided a non-transitory computer-readable medium. The computer-readable medium has stored thereon program instructions for causing at least one processor to perform operations of a method disclosed above.

BRIEF DESCRIPTION OF THE DRAWINGS

Embodiments of the invention will now be described for the sake of non-limiting example only, with reference to the following drawings in which:

Fig. 1 is a block diagram showing an online voting system according to an embodiment of the present invention; Fig. 2 is a block diagram showing a technical architecture of an online banking server according to an embodiment of the present invention;

Fig. 3 is a block diagram showing a technical architecture of a vote aggregator server according to an embodiment of the present invention;

Fig. 4 is a flowchart showing a method of registering a voter for online voting according to an embodiment of the present invention;

Fig. 5 is a flowchart showing a method of allowing a voter access on an online voting portal according to an embodiment of the present invention; and

Fig. 6 is a flowchart showing a method of online voting according to an embodiment of the present invention.

DETAILED DESCRIPTION

Figure 1 is a block diagram showing a system for online voting according to an embodiment of the present invention. The system 100 comprises an online banking server 110; a vote aggregator server 120 and an election management server 130. The online banking server 110 provides an online banking portal 115. A voter having a bank account which is registered for online banking can log on to the online banking portal 115 using a user device 140. The user device 140 may be, for example a mobile telephone; a tablet device; a laptop or desktop computer. The online banking portal 115 allows the operator or the user device 140 to perform banking actions such as viewing account details; making bank transfers and paying bills. In embodiments of the present invention, the online banking portal 115 also provides access to an online banking portal 125 provided by the vote aggregator server 120. The online voting portal 125 allows the user to cast their vote. The vote aggregator server 120 is coupled to the election management server 130 which counts may be coupled systems to allow votes cast on electronic voting machines or paper ballots to be combined with the votes cast through the online voting system 100.

It is envisaged that the vote aggregator server 120 may be implemented by a payment aggregator such as the National Payments Corporation of India (NPCI) or a payment network, for example, a payment card type of network such as the payment processing network operated by MasterCard. The various communication may take place via any type of network, for example, virtual private network (VPN), the Internet, a local area and/or wide area network (LAN and/or WAN), and so on. It is envisaged that the communications may take place over a secure or encrypted channel, for example a channel according the secure sockets layer (SSL) standard.

The election management server 130 may, for example be associated with an electoral commission and have access to a central database of all voters and constituencies.

Figure 2 is a block diagram showing a technical architecture 200 of the online banking server 110 for performing steps of exemplary methods 400 & 500 which are described below with reference to Figure 4. Typically, the methods 400 & 500 are implemented by a number of computers each having a data-processing unit. The block diagram as shown in Figure 2 illustrates a technical architecture 200 of an online banking server which is suitable for implementing one or more embodiments herein.

The technical architecture 200 includes a processor 222 (which may be referred to as a central processor unit or CPU) that is in communication with memory devices including secondary storage 224 (such as disk drives), read only memory (ROM) 226, random access memory (RAM) 228. The processor 322 may be implemented as one or more CPU chips. The technical architecture 220 may further comprise input/output (I/O) devices 230, and network connectivity devices 232.

The secondary storage 224 is typically comprised of one or more disk drives or tape drives and is used for non-volatile storage of data and as an over-flow data storage device if RAM 228 is not large enough to hold all working data.

Secondary storage 324 may be used to store programs which are loaded into RAM 228 when such programs are selected for execution. In this embodiment, the secondary storage 224 has a voter registration module 224a, an online banking portal module 224b, a voter identification module 224c, and an online voting access module 224d comprising non-transitory instructions operative by the processor 222 to perform various operations of the method of the present disclosure. The ROM 226 is used to store instructions and perhaps data which are read during program execution. The secondary storage 224, the RAM 228, and/or the ROM 226 may be referred to in some contexts as computer readable storage media and or non-transitory computer readable media.

The I O devices 230 devices may include printers, video monitors, liquid crystal displays (LCDs), plasma displays, touch screen displays, keyboards, keypads, switches, dials, mice, track balls, voice recognizers, card readers, paper tape readers, or other well-known input devices.

The network connectivity devices 232 may take the form of modems, modem banks, Ethernet cards, universal serial bus (USB) interface cards, serial interfaces, token ring cards, fiber distributed data interface (FDD1) cards, wireless local area network (WLAN) cards, radio transceiver cards that promote radio communications using protocols such as code division multiple access (CDMA), global system for mobile communications (GSM), long-term evolution (LTE), worldwide interoperability for microwave access (WiMAX), near field

communications (NFC), radio frequency identity (RFID), and/or other air interface protocol radio transceiver cards, and other well-known network devices. These network connectivity devices 232 may enable the processor 222 to communicate with the Internet or one or more intranets. With such a network connection, it is contemplated that the processor 222 might receive information from the network, or might output information to the network in the course of performing the above- described method operations. Such information, which is often represented as a sequence of instructions to be executed using processor 222, may be received from and outputted to the network, for example, in the form of a computer data signal embodied in a carrier wave.

The processor 222 executes instructions, codes, computer programs, scripts which it accesses from hard disk, floppy disk, optical disk (these various disk based systems may all be considered secondary storage 224), flash drive, ROM 326, RAM 328, or the network connectivity devices 232. While only one processor 222 is shown, multiple processors may be present. Thus, while instructions may be discussed as executed by a processor, the instructions may be executed simultaneously, serially, or otherwise executed by one or multiple processors.

It is understood that by programming and/or loading executable instructions onto the technical architecture 200, at least one of the CPU 222, the RAM 228, and the ROM 226 are changed, transforming the technical architecture 200 in part into a specific purpose machine or apparatus having the novel functionality taught by the present disclosure. It is fundamental to the electrical engineering and software engineering arts that functionality that can be implemented by loading executable software into a computer can be converted to a hardware implementation by well-known design rules. Although the technical architecture 200 is described with reference to a computer, it should be appreciated that the technical architecture may be formed by two or more computers in communication with each other that collaborate to perform a task. For example, but not by way of limitation, an application may be partitioned in such a way as to permit concurrent and/or parallel processing of the instructions of the application. Alternatively, the data processed by the application may be partitioned in such a way as to permit concurrent and/or parallel processing of different portions of a data set by the two or more computers. In an embodiment, virtualization software may be employed by the technical architecture 200 to provide the functionality of a number of servers that is not directly bound to the number of computers in the technical architecture 200. In an embodiment, the functionality disclosed above may be provided by executing the application and/or applications in a cloud computing environment. Cloud computing may comprise providing computing services via a network connection using dynamically scalable computing resources. A cloud computing environment may be established by an enterprise and/or may be hired on an as-needed basis from a third party provider.

Figure 3 is a block diagram showing a technical architecture 300 of the vote aggregator server 120 for performing steps of an exemplaiy method 600 which is described below with reference to Figure 6. Typically, the method 600 is implemented by a number of computers each having a data-processing unit. The block diagram as shown in Figure 3 illustrates a technical architecture 300 a computer which is suitable for implementing one or more embodiments herein.

The technical architecture 300 includes a processor 322 (which may be referred to as a central processor unit or CPU) that is in communication with memory devices including secondary storage 324 (such as disk drives), read only memory (ROM) 326, random access memory (RAM) 328. The processor 322 may be implemented as one or more CPU chips. The technical architecture 320 may further comprise input/output (I O) devices 330, and network connectivity devices 332.

The secondary storage 324 is typically comprised of one or more disk drives or tape drives and is used for non- volatile storage of data and as an over-flow data storage device if RAM 328 is not large enough to hold all working data.

Secondary storage 324 may be used to store programs which are loaded into RAM 328 when such programs are selected for execution. In this embodiment, the secondary storage 324 has an online voting portal module 324a and a vote reporting module 324b comprising non-transitory instructions operative by the processor 322 to perform various operations of the method of the present disclosure. The ROM 326 is used to store instructions and perhaps data which are read during program execution. The secondary storage 324, the RAM 328, and/or the ROM 326 may be referred to in some contexts as computer readable storage media and/or non-transitory computer readable media.

I/O devices 330 may include printers, video monitors, liquid crystal displays (LCDs), plasma displays, touch screen displays, keyboards, keypads, switches, dials, mice, track balls, voice recognizers, card readers, paper tape readers, or other well-known input devices.

The network connectivity devices 332 may take the form of modems, modem banks, Ethernet cards, universal serial bus (USB) interface cards, serial interfaces, token ring cards, fiber distributed data interface (FDDI) cards, wireless local area network (WLAN) cards, radio transceiver cards that promote radio communications using protocols such as code division multiple access (CDMA), global system for mobile communications (GSM), long-term evolution (LTE), worldwide interoperability for microwave access (WiMAX), near field

communications (NFC), radio frequency identity (RFID), and/or other air interface protocol radio transceiver cards, and other well-known network devices. These network connectivity devices 332 may enable the processor 322 to communicate with the Internet or one or more intranets. With such a network connection, it is contemplated that the processor 322 might receive information from the network, or might output information to the network in the course of performing the above- described method operations. Such information, which is often represented as a sequence of instructions to be executed using processor 322, may be received from and outputted to the network, for example, in the form of a computer data signal embodied in a carrier wave.

The processor 322 executes instructions, codes, computer programs, scripts which it accesses from hard disk, floppy disk, optical disk (these various disk based systems may all be considered secondary storage 324), flash drive, ROM 326, RAM 328, or the network connectivity devices 332. While only one processor 322 is shown, multiple processors may be present. Thus, while instructions may be discussed as executed by a processor, the instructions may be executed simultaneously, serially, or otherwise executed by one or multiple processors. It is understood that by programming and/or loading executable instructions onto the technical architecture 300, at least one of the CPU 322, the RAM 328, and the ROM 326 are changed, transforming the technical architecture 300 in part into a specific purpose machine or apparatus having the novel functionality taught by the present disclosure. It is fundamental to the electrical engineering and software engineering arts that functionality that can be implemented by loading executable software into a computer can be converted to a hardware implementation by well-known design rules.

Although the technical architecture 300 is described with reference to a computer, it should be appreciated that the technical architecture may be formed by two or more computers in communication with each other that collaborate to perform a task. For example, but not by way of limitation, an application may be partitioned in such a way as to permit concurrent and/or parallel processing of the instructions of the application. Alternatively, the data processed by the application may be partitioned in such a way as to permit concurrent and/or parallel processing of different portions of a data set by the two or more computers. In an embodiment, virtuaiization software may be employed by the technical architecture 300 to provide the functionality of a number of servers that is not directly bound to the number of computers in the technical architecture 300. In an embodiment, the functionality disclosed above may be provided by executing the application and/or applications in a cloud computing environment. Cloud computing may comprise providing computing services via a network connection using dynamically scalable computing resources. A cloud computing environment may be established by an enterprise and/or may be hired on an as-needed basis from a third party provider.

Various operations of the exemplary method 400 will now be described with reference to Figure 4 in respect of registering a voter for online voting. It should be noted that enumeration of operations is for purposes of clarity and that the operations need not be performed in the order implied by the enumeration.

Figure 4 is a flowchart showing a method of registering a voter for online voting according to an embodiment of the present invention. The method 400 utilizes the fact that a customer opening a bank account generally must provide some identification. This information may also be used to register the customer for online voting. Thus embodiments of the present invention may use the so called 'know your customer' (KYC) data held by a bank in order to register for online voting. Many countries such as India issue national identity cards. In India citizens are issued with Aadhaar cards which include a unique identifier (UID) and are linked to biometric data. The unique identifier (UID) may be linked to a bank account for example for payment of state benefits for that individual.

In step 402, the voter registration module 224a of the online banking server 110 receives an indication of a voter identification document. The voter identification document may be, for example an identification card having a unique identifier (UID) for the voter. The bank associated with the online banking server 110 may consider only exposing the service to valid account holders. The due diligence of KYC data is carried out by the bank for the individual voter.

Information such as the voter name; voter identifier; an identifier of a constituency in which the voter is entitled to vote and the voter's UID number may be obtained from the voter and received by the voter registration module 224a of the online banking server 110 in step 402. Contact information such as an email address or telephone number may also be provided to the voter registration module 224a of the online banking server 110. This information may be directly provided by the voter or may be imported from existing records held by the bank for the voter.

In step 404, the voter registration module 224a of the online banking server 110 receives an indication of a bank account number for the voter.

The information in received in steps 402 and 404 may be input into a bank terminal by a member of staff at the time of account opening, or at a later time, for example when a customer requests to be registered for online voting.

In step 406, the voter registration module 224a links the customer bank account to the UID associated with the voter. This link may be stored as data either on the online banking server 110 or on server coupled to the online banking server 110.

In step 408, the voter registration module 224a registers the voter registered for online voting. This registration may be stored on the election management server 130. The voter must have a valid voter identification to be eligible for online voting. Step 408 may comprise data such as the voter identifier being transmitted from the online banking server 110 to the election management server 130 for verification. As mentioned above, the election management server 130 may store or have access to a database of all voters eligible to vote. Therefore the registration in step 408 may comprise a sending data to the election management service 130 to confirm that the voter is eligible to vote. Once the voter is registered to vote in step 408, and thus the voter's documentation such as KYC documents has been checked and approved by the bank staff, the details of the voter are stored on the election management service 130. As described in more detail below with reference to Figure 5, at the time of voting, the online banking portal 115 allows a voter who has been registered and approved for online voting to access the online voting portal 125 implemented by the vote aggregator server 120. This may be accomplished by exposing an application program interface (API) to the voter through the online banking portal 1 15.

Following the registration in step 408, the voter may receive a message by email or short messaging service (SMS) confirming that they have been registered for online voting.

Various operations of the exemplary method 500 will now be described with reference to Figure 5 in respect of allowing a voter access to an online voting portal via an online banking portal. It should be noted that enumeration of operations is for purposes of clarity and that the operations need not be performed in the order implied by the enumeration.

Figure 5 is a flowchart showing a method of allowing a voter access on an online voting portal according to an embodiment of the present invention.

In step 02, a login request is received from a voter using a user device 140 by the online banking portal module 224b of the online banking server 110. The online banking server 110 provides a secure login to the online banking portal 115.

In step 504, the voter identification module 224c of the online banking server 110 determines whether the voter is registered for online voting. In step 504, the voter identification module 224c of the online banking server 110 may communicate with the election management server 130 to confirm that the voter is registered for online voting. This communication may be encrypted.

If, in step 504, it is determined that the voter is not registered for online voting, the method moves to step 506. In step 506, the voter is not allowed access to the online voting portal. A message may be displayed to the voter stating that they are not registered for online voting.

If, in step 504, it is determined that the voter is registered for online voting, the method moves to step 508. In step 508, the voter is allowed access to the online voting portal. Step 508 may be implemented by providing the voter with a one-time password (OTP) to access the online voting portal. For example, the voter may be presented with a link to click to submit a vote and once the link is selected, the voter is directed to a new webpage and provided with the OTP. If the voter attempts to log in for a second time, then no OTP will be shared and after the user clicks the link they will be shown an error message indicating that a vote has already been captured.

In some embodiments, the link or channel for online voting is only opened for a limited time period. This time period may be for example the whole voting period on the day of an election. Or alternatively, the time period may be a specific time period such as 2 hours from 1 lam to 1pm on the day of the election.

The steps carried out once the voter has accessed the online voting portal are described below with reference to Figure 6. Various operations of the exemplary method 600 will now be described with reference to Figure 6 in respect online voting via an online voting portal. It should be noted that enumeration of operations is for purposes of clarity and that the operations need not be performed in the order implied by the enumeration.

Figure 6 is a flowchart showing a method of online voting according to an embodiment of the present invention.

In step 602, a login request is received by the online voting portal module 324a of the vote aggregator server 120. The login request may comprise a one-time password (OTP) generated by the online banking portal 115 of the online banking server 110.

Step 602 may be implemented by a dedicated secure link between the online banking server 110 and the election management server 130 via the vote aggregator server 120. This link may be provided by an application program interface (API) present at the online banking server 110. The encryption of the API is managed by the election management server 130.

In step 604, the voter provides an indication of their vote. Step 604 may comprise a set of voting options being displayed to the user. These voting options may relate to candidates for a constituency for which the voter is eligible to vote. Step 604 may comprise the vote aggregator server 120 communicating with the election management server 130 to determine the constituency for which the voter is eligible to vote and also the list of candidates for that constituency. As described above, an API may be implemented between the online banking server 110 and the election management server 130 via the vote aggregator server 120. Thus in step 604 when the voter provides an indication of their vote the API is exposed to the online banking server 110 but the encryption and security is managed by the election management server 130.

In step 606, an indication of the vote by the voter is sent by the vote reporting module 324b of the vote aggregator server 120 to the election management server 130.

Following step 606, the election management server 130 may combine the indications of votes received from the vote aggregator server 120 with votes received from other vote aggregators and also with votes cast through other means such as electronic voting machines and / or paper ballots.

The communication between the vote aggregator server 120 and the election management server 130 may take place over an encrypted communication line. In one embodiment there are two communication lines connecting the vote aggregator server 120 and the election management server 130: a secure encrypted line carrying vote data from the vote aggregator server 120 to the election management server 130 and an unencrypted line carrying information from the election management server 130 to the vote aggregator server 120. Thus the interface between the vote aggregator 120 and the election management server 130 may comprise two communication lines: a public communication line which provides information to the vote aggregator server 120 such as a request for registration and a private communication line which provides vote data from the aggregator server 120 to the election management server 130. The communication lines may be

implemented as Multi-Protocol Line Switching (MPLS) lines.

As described above, the API to integrate the management of the online voting process is controlled by the election management server 130. The online banking server 110 acts as a presentation layer. It is the vote aggregator server 120 and the election management server 130 that host the applications, data link and the network layers for communication, and also management of security.

Whilst the foregoing description has described exemplary embodiments, it will be understood by those skilled in the art that many variations of the embodiment can be made within the scope and spirit of the present invention.