The Estonian parliament is the first democracy to enable mobile phone voting , which will be in place by the next election due in 2011. The new system which has already been tested requires voters to obtain a free, authorization chip for their mobile phone.
This chip will authenticate the identity of the voter and qualify their participation in the election via mobile phone, and extends the country's democracy leadership in Internet voting to an even more pervasive service fabric. There are more mobile phone users than Internet users in Estonia and pretty much everywhere in the world.
It seems to me that the authorization chip may be too much security technology. Wouldn't it be better to just rely on the mobile telephone number as the voter authentication feature?
Here's a simpler voter authentication process that won't require extensive security technologies to be handed to voters:
1. Voter shows up with mobile phone in hand.
2. Voter authenticates themselves with picture ID.
3. Authentication triggers automatic generation of 4-digit password to link the caller ID with the voter.
4. Voter dials a server telephone # in front of the administrator and then keys in the 4-digit password defined in step 3.
5. Server records the users tel # (caller ID) and who/when/where the authentication with the voter list happened.
6. Voter speaks their name to the server which records their name for actual voting authentication.
On voting day, user dials the voting number, listens to prompts and make their choices and authenticates their vote by saying their name, which is compared to the existing voice print recorded in step 6. If the call is too noisy, the voting choices may have lost their integrity too, so advise the caller to try again from a different place.