Voting fraud was expected
It was expected to face the cheating behavior of our members before starting the Challenge project. But we focused on the launching speed, getting the feedback, and proving the idea at that time.
Voting by cookies is not a good idea anymore. But we've decided to do it as simply as possible. And it allowed us to create the prototype in 3 hours and polish it in 3 days.
So we've stuck with a voting fraud very soon.
Starting of the voting list
The general idea of Challenge is submissions + voting list and defining the winner of each Challenge by voting counters.
From the beginning, we understood that anonymous voting based on cookies is not reliable.
To prove the general idea of the Challenge product it was quite enough. But we've got so many visitors and registrations from Product Hunt and other sources. So the product became much more mature and much earlier than we could expect it.
We need a secure voting
And of course, we faced cheaters earlier than we prepared some solution to avoid this fraud.
And after the honest message from one of our members about they created a voting bot even, we decided to stop defining the winner just by votes till the issue will be solved by a better algorithm.
This person showed us how they used Integromat to automatically upvote their submission.
And even everybody can use different browsers and/or different devices and vote for own submission multiple times. Or they can clean the browser's cookies.
Honest informing about the cheating
We decided to inform our audience about this fact
Let them know about the alternative way to define the winner until we can secure the Challenge voting system
Can some external services save us urgently?
It was a draft idea to use some existing voting service like https://likebtn.com/en/ as an interim solution
But actually it is not what we need. They don't provide security anymore
Because it can be based on visitor's IP, User-Agent, request time and other information from the HTTP request
Authorized voting is required!
So any anonymous solution couldn't work as we need.
But unique voting available only with some sign-in/sign-up membership system
And it is always a threshold as we've experienced with registration
But social media authorizing helps to overcome this obstacle
So we need at least two features for this voting at once: twitter login and then personal voting
As an authorized user I can Vote up or down. And even I can see where I've already voted
And I can downvote only submissions voted exactly by me
Since we can see all the voters
It is available on the submission page
We can see the latest voted name and the counter of voters
And by mouse hovering it displays the full voters list like you can see it on Facebook
Votes list in the backend
It is also convenient to see the full list of voters for each submission on the managed area
Surprising Viral result
It was available to vote anonymously before
But since it became required authorizing, many people started registering
Just because submissions owners ask own friends to vote for them
And they vote of course but after the registering
Voting list for you
If you have some similar ideas, you can find the template of such a project in our solutions store. Play with it and improve during the trial period for free.