Hart Leaps Ahead on First-in-The-Nation Election Security

August 10, 2025

Election systems vendor Hart InterCivic has jumped ahead with security best practices in the United States now that it is certified to the updated Voluntary Voting System Guidelines (VVSG) 2.0 standard via the Election Assistance Commission.

It’s been a decade to get there — and is a quantum leap forward for secure elections.

The EAC approved the much-improved version 2.0 of the voluntary guidelines in 2021, but vendors were also waiting for EAC’s testing systems to be ready for certification to 2.0. Now they are.

The version 2.0 guidelines are designed to help states with outdated voting machines – and software – figure out the best way forward to harden their voting architecture.

It also helps the EAC move forward with retiring outdated 1.0 and 1.1 VVSG standards for vendors, which many states still use.

The Hart Vanguard product certified to the VVSG 2.0 security upgrades is also in compliance with the White House’s recent Executive Order 14248 “Preserving and Protecting the Integrity of American Elections” which states:

“…voting systems should not use a ballot in which a vote is contained within a barcode or quick-response code in the vote counting process… and should provide a voter-verifiable paper record to prevent fraud or mistake…”

By that standard, the vendor has also leaped ahead of the EAC’s own technical advisory group, which has become bogged down over minor upgrades to reflect voter-verifiable paper records for ballots.

No Barcodes to Count Votes

Hart’s information page about Q.R. codes adds:

“Unlike other voting systems from competing manufacturers, no Hart voting system has ever tabulated votes from unreadable barcodes or Q.R. codes.”

“Hart InterCivic has always been dedicated to security, transparency, and voter confidence. Consistent with that philosophy, we believe that electronic ballot marking devices must capture voters’ choices using the same method that voters used to verify their choices – by reading the plain text on the ballot.”

Hart’s approach is aligned with the world’s foremost technology experts who have warned for years about the vulnerability of using Q.R. codes and barcodes to store votes – as well as paperless ballot systems that provide no audit trail.

The systems are sitting ducks for hacking and vote-manipulation – no matter how much defenders of Q.R. codes claim otherwise.

Prof. J. Alex Halderman of Univ. of Michigan’s computer engineering school is one of many examples to cite.

During a hearing on legal challenges to Georgia’s use of Q.R. codes to store voter choices, Halderman demonstrated how to gain access to “Image Cast” ballot marking devices (BMD) by Dominion Voting System, which uses Q.R. codes without paper ballots in that state.

(Dominion’s Democracy Suite products are mostly using the VVSG 1.0 security standard, which was approved in 2005, according to EAC’s certification tracker.)

As PBS reported in 2024:

[Prof. Halderman] used a pen to recycle the power, which gave him administrative control of the computer and he used a widely available USB device favored by computer security experts and hackers to rewrite the software of the machine.

All of this mischief could occur without an obvious trace. That’s because the scanner that tabulates the votes does not look at the human readable text. Instead, it derives its data from this Q.R. code.

Executive Order 14248 calls for the EAC to update its VVSG guidelines to reflect that voter choices on ballots must be human-readable, with a paper backup.

It also says VVSG guidelines should make exceptions where necessary to accommodate individuals with disabilities and should provide a voter-verifiable paper record to prevent fraud or mistake.

Section 4 of the Executive Order also directs the EAC to “take appropriate action to review and, if appropriate, re-certify voting systems under the new standards established under subsection (b)(i) of this section, and to rescind all previous certifications of voting equipment based on prior standards.”

The Technical Guidelines Development Committee (TGDC), an advisory-only group chartered under the EAC, has held three meetings since July to address the changes.

Some members appear to be trying to delay the process, according to their statements in the meetings. Others would prefer not to act at all.

“Let’s be blunt,” said TGDC member Paul Lux during an Aug. 8th advisory group meeting to discuss the EO guidance about voter-verifiable paper ballots.

“In another 2.5 years, another Executive Order could come along that says ‘stick it all back in there,’” continued Lux, a supervisor of elections for Okaloosa County, Fla.

“It seems we could be on this merry-go-round for a long time. If we’re just going to start cutting stuff based on this EO and the changes that it directs — to me, it just feels short-sided to put the TGDC through that every time another EO comes down that changes the tenor and standards.”

Mary Saunders, who represents the American National Standards Institute (ANSI) on the advisory board, claimed that the White House EO, which directs the EAC to remove certification for paperless balloting, is “an implementation issue” rather than a “standards issue.”

Their comments appear to align with progressive groups who view federal agencies, including the EAC, as “independent” of the executive branch of which they are a part.

Although parts of the election-related EO are temporarily enjoined while leftwing progressive groups sue over parts that address documentary proof of citizenship to register to vote, the EAC is not enjoined from making changes on its own regarding industry best practices with secure voting systems.

Nor is it enjoined from changing the federal voter-registration form, which it is statutorily empowered to address under the Help America Vote Act (HAVA).

Beyond the sentiments of the advisory committee, EAC members appeared ready to act on a minor point upgrade (2.1) of the draft guidelines so language on paper-verifiable ballots can be published for public comment.

Improves Transparency with Election Data

The current VVSG 2.0 standard is also a leap forward in common data format (CDF) designs that are critical for vendors to provide data transparency and interoperability.

Developed by the National Institute of Standards and Technology (NIST), and updated in 2024, the specifications help vendors ensure that “pre-election and post-election data can be published in a common, well-understood format” both in pre-election setup and post-election results reporting.

They can also be used in addition “to any native formats used by the manufacturer.”

See the full VVSG 2.0 guidelines here.

Groups who monitor how election administrators manage balloting and voting data are likely to see election data transparency improvements with VVSG 2.0.

For example, during Virginia’s 2024 presidential election, data analysts observed significant issues with the reliability of election-night data from a JSON feed (JavaScript Object Notation, a lightweight data-interchange format), which was provided by Virginia’s Department of Elections.

The problem? Incorrectly formatted data from a third-party provider working with ELECT. As a result, no major data parsing tools (Python, MATLAB, Tableau, etc.) could decipher the JSON feed of summary voting data from election night.

(See analysis: VA Election Night: Data Reliability Issues)

The CDF upgrade in version 2.0 “is sufficiently flexible to accommodate many different types of contests and political structures.”

A spokesman for Hart InterCivic says now that its Verity Vanguard product is the first and only voting system tested and certified to the latest EAC VVSG 2.0 standard, it has submitted applications for approval in states that use the voting systems, including Virginia.

“We’re now waiting to hear from those states when they plan to schedule testing,” explained Steven Sockwell, vice president for corporate development and communications for Hart InterCivic.

An EAC spokesperson said two other voting systems vendors are currently undergoing the certification process to VVSG 2.0.

But for now, the United States has one vendor that can say its election systems reflect the most up-to-date security standards for voting systems as compiled by the EAC and technical standards bodies such as NIST. ##

LINKS and RELATED COVERAGE:

EAC on Best Practices in Election Technology.

EAC: Voting Systems Under Test | U.S. Election Assistance Commission.

EAC Aug. 8 Technical Guidance Development Committee link (Working session 2).

EAC July 30th Technical Guidance Development Committee link (Working session 1).

EAC July 2nd Technical Guidance Development Committee Meeting link.

EAC July 16 working sessions of VVSG 2.0:

More From EPEC Team:

VA Election Night: Data Reliability Issues

Odd Data in VA 2024 Election Results

Learn More About EPEC

Do a Deep Dive at DPW

A major project of EPEC is the Digital PollWatchers, where EPEC’s volunteers document even deeper analysis and graphics about voter participation, voter registration lists, and pollwatcher reporting. To find out more, check out DPW and be a part of your elections!

Become an EPEC Sponsor

Electoral Process Education Corp (EPEC) has been making a positive impact on elections by promoting widely held best practices in database management. We have been successful in this effort to promote improved processes. The more American citizens understand the processes of elections management, the more transparency we build into the system, the more we can promote voter participation in a system Americans can trust. To find out more, check out BE an EPEC Sponsor to consider a tech-focused sponsorships to help us grow our mission.

Learn More in our Resources Page

EPEC is building a Document & Knowledge library where you can learn more about how election technology works and perhaps join us as a data analyst Videos, Data Vizualization, Dashboards, Presentations, and FAQs.

Resources is here

EPEC NEWS