Enhancing E-Voting Security: Integrating Four-Factor Authentication

Abstract

Insecure electronic voting systems can create serious problems for voters and stakeholders who rely on accurate results. Unauthorized manipulation of e-voting data can drastically change the outcome of an election or decision-making process. Current security measures are inadequate to stop unauthorized access or data tampering. Traditional authentication methods like passwords and two-factor authentication are increasingly susceptible to advanced cyberattacks in today's digital landscape. A key challenge lies in reconciling strong security with ease of use, as adding authentication layers improves protection but can hinder user experience. The goal is to create a secure and streamlined four-factor authentication (4FA) mechanism. To overcome this challenge, we created a modular authentication framework based on independent, service-oriented components. This framework employed pre-trained facial recognition and fingerprint matching models (accessed through secure SDKs) for real-time biometric verification, standard cryptographic libraries for Time-based One-Time Password (TOTP) generation and validation, secure token exchange with registered mobile devices for device possession confirmation, and a combination of IP-based geofencing and GPS data cross verification for geolocation verification. Each authentication factor was processed independently and securely, with a weighted scoring mechanism aggregating the individual results to determine access based on overall authentication confidence. A two-week trial involving 100 users demonstrated the system's strong performance. Authentication accuracy was significantly enhanced, with biometric verification achieving over 98% accuracy in controlled settings and 95% even in low-light conditions. False acceptance and rejection rates consistently stayed below 1%. The average latency for complete authentication was a user-friendly 1.1 min. Furthermore, simulated breach scenarios revealed a greater than 90% reduction in unauthorized access attempts compared to traditional two-factor authentication. These findings indicate that a well-integrated four-factor authentication system offers considerable gains in both security and reliability while preserving positive user experience.