Can EVMs be hacked? Learn about the technology that makes them secure.

EVMs: There's a frequent debate in the country regarding the Electronic Voting Machine (EVM). Some argue that it's completely secure, while others question whether it can be hacked.

EVMs: There's a frequent debate in the country regarding the Electronic Voting Machine (EVM). Some argue that it's completely secure, while others question whether it can be hacked. The truth is that simplicity and standalone operation were prioritized when designing EVMs, but security layers and audit mechanisms further strengthen them.

The Basic Design of EVMs and the First Level of Security

India's EVMs are hardware-based and designed to operate offline, meaning they aren't connected to any network or the internet. Their circuitry, memory, and vote storage are local, making remote hacking impossible without internet access. This design is the most fundamental security layer of EVMs.

VVPAT

The VVPAT (Voter-Verified Paper Audit Trail) system, installed alongside the EVM, shows the voter a paper receipt of their choice, and these paper rolls can be counted later. If any doubts arise, the EVM's record is verified by counting the VVPAT. This is a significant audit layer that can prove crucial in any technical dispute.

Research and Security Questions

Several international and Indian research papers have shown that any electronic voting system could theoretically have vulnerabilities if the machine is physically opened and tampered with, or if security is not maintained during storage. Therefore, security is not limited to the internal design of the machine but depends on the entire election process: manufacturing, storage, transportation, polling-station handling, and counting. These initiatives include monitoring, the presence of party representatives, and post-election C&V (Checking & Verification) procedures.

Have there been actual reports of hacking in India?

Such claims have surfaced from time to time, and some individuals have even claimed to have hacked them, but the Election Commission and subsequent verifications have often found these claims to be unfounded. The Election Commission has repeatedly stated that the EVM-VVPAT system is robust and reliable, and that no tampering was found in election audits.

What technologies and processes make EVMs secure?

The lack of network access makes remote attacks difficult. Permission-based programming and hash-checking control the machines' firmware and memory. The VVPAT audit trail is used for reconciliation during any vote count. Bi-party protocols and strict logistics (synced storage, warehouse monitoring, party inspectors) combine to create multiple layers of security.