Private cybersecurity firms such as Trail of Bits and Shift State have conducted security analyses of the main industry vendors being used – including Democracy Live, Scytl, and Voatz. Universities are researching the methods as well; for example, MIT published a report regarding security issues and electronic ballot return voting. The Department of Homeland Security has also reviewed different applications, offering security feedback.
The National Cybersecurity Center is working to develop a set of guidelines and standards to inform the security standards for electronic ballot return. One key aspect of this is the requirement for ongoing code review to ensure that any updates only support the ongoing security of the industry partner’s product.