The token is used to maintain voting secrecy and to prevent double voting, whereas the session cookie ensures that the system recognizes the voter’s browser session.