Converj

Open voter ID

About

Open Voter ID was designed to be like OpenID, to allow third-party web-applications to confirm registered voters' city of residence, and thereby enable local civic participation without foreign interference. Open Voter ID uses scrambled government voter-registration data to confirm a user's name & address & verification data. But Open Voter ID does not reveal the user's data to application-websites, except for the user's city & an application-user-id only usable on that application-website.

Open Voter ID helps third-party application-websites build services that are specific to the citizens of a city, without needing to access nor store sensitive information about each user.

Open Voter ID helps users use multiple third-party application-websites providing a variety of civic services, using a single login, while remaining anonymous to the application-websites.

Goals

When creating Open Voter ID, we had the following goals:

Some of these goals conflict, such as anonymity versus application-websites storing user-activity-records.

Methods

To accomplish the goals, Open Voter ID was designed with the following features:

Anonymity

Protecting user anonymity was one of the most important and difficult goals of the login system. No guarantee is possible, because users can intentionally de-anonymize themselves in their posts. However, the login-system should prevent accidental de-anonymization. Open Voter ID's methods help protect anonymity, as follows:

Sequence of events

Open Voter ID implemented the described login methods, using the following order of operations. All hashes use sha-512, and salt from an OS-specific randomness source.

Application website Login website

Upload voter-registration records

  1. Store each user's identity = hash(name + address)
  2. Store each user's verification = hash( identity + {birthdate / phone / social-sec / secret-code} )
  3. Store each user's locale (city)
Application-website registers with login-service
  1. Application provides return-URL
  1. Generate & store & return application ID, request-signing-secret, user-identity salt
User visits application-website
  1. Generate login-request, using app-ID & request-signing-secret
  1. Verify login request
  2. Ask user for identity: name & address
  3. Verify that hashed user-identity exists
  4. Ask user for verification: birthdate / phone / social-sec / mailed-code
  5. Verify that hashed user-identity + verification exists
  6. Regenerate application-specific-user-ID as: hash( identity + app-salt )
  1. Return app-specific-user-ID and locale
  1. Verify login-result request
  2. Verify user locale is eligible for service
  3. Store app-user-ID into browser cookie
  4. Store activity records keyed by app-user-ID

Existing instance

The implementation of Open Voter ID is non-proprietary, open-source, with a license that permits deriving commercial works.

An instance is running at https://openvoterid.net/about

To upload a city's voter-identity & verification hashes, contact Converj LLC.