Audit firm KPMG has revealed 10 loopholes in the security features of the voter register that could see the 2017 August General Election rigged.
In a report submitted to the Independent Electoral and Boundaries Commission (IEBC), the firm has outlined that the register can easily be hacked into and the data on the 19.6 million voters deleted, altered or amended.
First, the firm states that the IEBC has two active default administrator accounts that access the register and passwords to the accounts have not been changed for some time.
This poses the risk of unauthorised access to the register and using these accounts, tampering with voter information.
Second, the security features of the voters details have not been advanced to the point that users can monitor changes made by other users to the register.
This means that both authorised and unauthorised changes made to the register are not recorded hence cannot be tracked.
Third, the system also does not have mechanisms to prevent and counter cyber attacks that have become rampant globally.
According to the audit firm, the IEBC system has not been tested to assess the actual extent of the risk as the IEBC hindered such operations claiming that they had just acquired new ICT infrastructure.
Also, all backup data has been stored at the IEBC headquarters which posses a greater risk of being lost in case the offices are raided or destroyed for any other reason.
Additionally, the data does not have a remote storage site meaning that if the systems fail then data recovery will be compromised.
The seventh way that the register could be manipulated is the manual transfer of the files through the use of flash disks, which compromises the integrity of the data.
The firm also raised the issue of dead voters, outlining that they could still vote on the material day.
"In order to mitigate the risk of unregistered deceased persons being in the register of voters, it is imperative that the Commission utilises biometric identification of voters as a primary mechanism on polling day," the report read in part.
Another loop-hole is the fact that there are some voters who could vote twice as they registered with both their national identification cards and passports.
Finally, 502,409 voters have issues with their registration details ranging from double registration, non-existent IDs to mismatched identities where men have been registered as women and vice versa.
