The recent Aland mass-deletion incident—where thousands of voter registrations were allegedly deleted in a single coordinated action—has laid bare catastrophic security deficiencies in the Election Commission of India’s (ECI) digital infrastructure. In response, I conducted an urgent security review of the Voter Helpline App (VHA) and the official voter portal at voters.eci.gov.in. The findings are not just alarming—they are indefensible for a system entrusted with the integrity of India’s democratic foundation.
A Failing Grade: Mozilla Observatory Score of 15/100 (F)
The Mozilla Observatory, a respected industry-standard tool for evaluating web security posture, awarded the ECI voter portal a dismal 15 out of 100—an outright F. This isn’t a minor oversight; it’s a systemic collapse of basic web security hygiene.
Key failures include:
- Invalid Content-Security-Policy (CSP) Header: The CSP—a critical defense against cross-site scripting (XSS) and data injection attacks—is syntactically broken. In effect, CSP is disabled, leaving the portal wide open to client-side exploits.
- No HTTP Strict Transport Security (HSTS): Without HSTS, users are vulnerable to SSL-stripping and man-in-the-middle attacks, especially on public Wi-Fi networks.
- Session Cookies Lack SameSite Attribute: This omission enables cross-site request forgery (CSRF) attacks, where malicious sites can silently trigger actions (like voter deletion) on behalf of authenticated users.
Compounding Risk: WebView Embedding
Both the Voter Helpline App and the portal rely heavily on embedded WebViews to render web content inside mobile applications. This architectural choice magnifies every server-side vulnerability. A single XSS flaw—already likely given the broken CSP—can be weaponized to steal session tokens, manipulate voter data, or execute mass-deletion scripts with the user’s full privileges. In the context of voter registration, this isn’t just a bug—it’s a potential vector for electoral sabotage.
A Betrayal of Public Trust
This is not merely a technical failure. It is a profound breach of public trust. The ECI handles one of the most sensitive civic functions in the world: the management of voter identity and participation. Yet, the commission has deployed systems that fail to meet even baseline security standards expected of a basic e-commerce site—let alone a pillar of democracy.
Using public funds to build and operate such a fragile, half-baked digital infrastructure is unconscionable. There is no evidence of a pre-deployment security audit, no adherence to OWASP Top 10 practices, and no apparent incident response readiness. The Aland incident may be the tip of the iceberg.
Immediate Actions Required
Take Voter Enrolment and Deletion Services Offline Immediately
Until a full, independent security audit is completed and all critical vulnerabilities are remediated, these services must be suspended. The risk of further mass manipulation or data compromise is too high.
Preserve All Forensic Evidence
The ECI must immediately:
- Export and preserve logs from CDNs, load balancers, application servers, databases, and SMS gateways related to the Aland incident and the preceding 90 days.
- Generate and publish SHA-256 hashes of all exported datasets.
- Issue a Section 65B certificate under the Indian Evidence Act to authenticate these digital records for potential forensic examination by the Central Investigation Department (CID) or other competent agencies.
Commission an Independent Penetration Test
Engage a globally recognized, independent cybersecurity firm (with no prior ties to ECI vendors) to conduct a full-scope red-team exercise. The complete report—including vulnerabilities, exploitation scenarios, and remediation timelines—must be published in full transparency.
Enforce Accountability
- If these failures stem from negligence or incompetence, the responsible officials and contractors must be immediately removed. They have demonstrated they are unfit to manage critical democratic infrastructure.
- If there is evidence of deliberate sabotage or collusion, a criminal investigation must be launched without delay.
The Stakes Could Not Be Higher
India’s electoral system is the world’s largest and most complex. Its digital extensions must be held to the highest standards of security, resilience, and transparency. What we have uncovered is not a “glitch”—it’s a systemic failure that undermines the very legitimacy of voter rolls and, by extension, election outcomes.
The ECI must act now—not with press releases, but with concrete, verifiable security actions. The public deserves nothing less than absolute confidence in the sanctity of their vote.
Democracy cannot run on broken code.
