Bug Bounty and Public Trust programs from Abraxas for software for a digital Switzerland

Abraxas develops IT solutions for a secure digital Switzerland. For this it supplies technology to strengthen administrative processes at the levels of the commune, the canton and the federal state.

Transparency is the best protection against cyber risks. Therefore we invite you to take part in the Abraxas Bug Bounty program for one of the following systems:

1) Results determination system
VOTING determination is the process of recording, calculating and evaluating the results of democratic elections and referendums. It is normally available only via a private network.

Premiums of up to CHF 30,000.– (depending on the criticality and the scenario) are on offer.

2) Offline service for creation of data for printing legally valid voting identity cards
VOTING identity card generation is the offline process for generating and saving the data for printing legally valid voting identity cards. The software is installed on an Airgap laptop, the identity cards are encrypted and digitally signed.

Premiums of up to CHF 30,000.– (depending on the criticality and the scenario) are on offer

3) VOTING Stimmregister
In the VOTING Stimmregister system, electoral registers from municipalities are consolidated at the cantonal level. This system is used, for example, for the central processing of voting rights certificates. Thus, VOTING Stimmregister is a central component of the electoral and voting process for various cantons of Switzerland.

Premiums of up to CHF 30,000.– (depending on the criticality and the scenario) are on offer.

4) VOTING Stimmunterlagen Online

The application, named VOTING Stimmunterlagen Online, is specifically designed for generating voting cards based on the cantonal electoral register. This system facilitates the issuance of voting cards to citizens registered in the electoral database, enabling their participation in the voting process.

Premiums of up to CHF 30,000.– (depending on the criticality and the scenario) are on offer

These systems operate so as to ensure no-one can interfere in the processes of digital Switzerland and put at risk the security of administration and the citizens!

 

You…

… are looking for an interesting project which allows you to get involved in the bigger picture
… are a security researcher with a responsible attitude and you care about digital Switzerland and administrative processes that are close to the people
… are seeking further professional development and you love a challenge
… place great value on an optimum return on investment of your time
… want to progress your career and market value as a security researcher

 

We…

… offer a dialog for technical analysis of your findings, conducted between equals within a short time
… will pay attractive premiums (bounties) for reports that are accepted
… work to fair rules and take transparent decisions
… will place the code and findings in the public domain on GitHub and will be happy to acknowledge your contribution

 

Your focus

 

Participate now

These are public programs – but registration is required as a condition of participation. We guarantee a “Legal Safe Harbour” for all attempts within our guidelines to break into our systems during the course of your work. You can find this guarantee on the application page for the respective program.

To apply for the Bug Bounty program for VOTING Ausmittlung:

Registration

To apply for the Bug Bounty program for VOTING Stimmunterlagen Offline:

Registration

To apply for the Bug Bounty program for VOTING Stimmregister:

Registration

To apply for the Bug Bounty program for VOTING Stimmunterlagen Online:

Registration