Every vote provable. Every ballot secret. Every result auditable by anyone.
HushVote gives voters a cryptographic receipt, gives administrators an irrefutable audit trail, and gives the public a published ledger anyone can verify -- without ever revealing how any individual voted.
Three steps that replace paper ballots, scanner machines, chain-of-custody procedures, and post-election audit processes -- with a phone the voter already carries.
Before election day, eligible voters receive an invitation link. After a brief identity verification step -- matched against the official electors list -- a DataHush credential card is issued directly to their Apple or Google Wallet. Takes about three minutes. Done once; reusable for future elections in the same jurisdiction.
On election day, the voter opens Wallet, taps their DataHush card, and taps the ballot link on the back. The system verifies their credential in under a second, confirms they have not already voted, and presents the ballot. They make their selection and submit. The vote is recorded anonymously -- no link to their name or credential is retained.
Immediately after casting, the voter's Wallet card updates to show "BALLOT CAST" and a unique receipt code. When results are published, the complete anonymous ballot ledger is released publicly. The voter finds their receipt code in the ledger and confirms their vote is recorded exactly as cast. Anyone can audit the entire set.
Every voter gets a cryptographic receipt. Every auditor can verify the entire result. Nobody learns how any individual voted unless that individual chooses to disclose it.
Your receipt code is on your Wallet card. Find it in the ledger. Your vote is either there -- exactly as you cast it -- or it isn't. There is no grey area.
HushVote integrates with your existing electors list, operates under your jurisdiction's brand, and leaves you with a complete, independently auditable record when the polls close.
Upload your existing electors list in standard CSV or structured format. HushVote cross-checks every credential request against the list at verification time. No phantom voters, no duplicates. Your list; your rules.
Every credential card issued for your election carries your jurisdiction's logo, colours, and name. City of Toronto voters see a City of Toronto card. Provincial elections see the provincial crest. The DataHush trust infrastructure is the invisible plumbing. Your brand is what voters hold in their Wallet.
Voters cast on any device: phone, tablet, desktop. The credential lives in Wallet on the phone; the ballot page works in any browser. No app download required. No special hardware. No polling station queue for advance voters.
Track turnout, credential issuance rate, and ballot submissions in real time throughout the voting period. Anomaly detection flags unusual patterns for scrutineer review before polls close.
When polls close, results are sealed and the public ballot ledger is published simultaneously. The hash of the ledger is time-stamped on publication. Any post-close modification would be immediately detectable.
The underlying DataHush cryptographic plumbing is a long-term research programme (initiated 1992, current phase 2024--). Jurisdictions co-investing in deployment may qualify for SR&ED partnership arrangements. Contact us to discuss.
Each election sponsor provides a logo PNG and a colour palette. HushVote generates every voter's credential card in that treatment automatically. The Pass Type ID signing certificate is managed by DataHush; the visual identity is entirely the sponsor's.
HushVote is the application layer on top of the DataHush identity and communications infrastructure -- a research programme that has been in continuous development for over three decades. The cryptographic plumbing is not new; it is proven.
"Diebold is a $2B market cap company and their stuff aggressively sucks compared to what we already have. By the fall it will be the best way to vote, hands down. Imagine."-- Bob Trower, DataHush / Trantor Standard Systems, March 2026
Electors list matching, ballot presentation, receipt issuance, public ledger publication, audit dashboard.
Wallet pass issuance, credential signing, enrollment flow, two-step QR + passphrase verification. Apple and Google Wallet.
All credentials carry Trantor cryptographic signatures. Every receipt is Trantor-signed. Forgery is computationally infeasible.
Tower/Pillar mesh network provides distributed redundancy. No single point of failure. Auditable at every node.
Whether you are running a municipal by-election, a provincial advance poll, a corporate AGM vote, or a pre-election poll that needs to be auditably bulletproof -- HushVote can be deployed for your jurisdiction.