West Virginia allowed residents to cast their vote in the 2018 midterm election using the smartphone app Voatz and thousands are expected to use the technology in this year’s election.

However, researchers at the Massachusetts Institute of Technology say the app 'is so riddled with security issues that no one should be using it.'

The vulnerabilities hidden in the technology give hackers the ability to alter, stop or expose how an individual users has voted.

Researchers also uncovered that Voatz's use of a third-party vendor for voter identification and verification poses potential privacy issues for users.

The experiment was conducted shortly after 'inconsistencies' with an app that was supposed to track the results of the Democrat caucuses in Iowa threw the vote into chaos overnight.

Although Voatz was employed during the Iowa caucus, MIT researchers conducted their own test with the app to see just how safe it is, as thousands of voters are predicted to use the technology in the 2020 president election.

Scroll down for video

MIT researchers say Voatz 'is so riddled with security issues that no one should be using it.' The vulnerabilities hidden in the technology give hackers the ability to alter, stop or expose how an individual users has voted

Voatz was not only used in West Virginia, but also during elections in Denver, Oregon, and Utah, as well as at the 2016 Massachusetts Democratic Convention and the 2016 Utah Republican Convention - it was not used during the 2020 Iowa caucuses.

After uncovering the startling vulnerabilities, MIT turned them over to the Department of Homeland Security's Cybersecurity and Infrastructure Agency.

Daniel Weitzner, a principal research scientist at MIT's Computer Science and Artificial Intelligence Lab (CSAIL) and founding director of the Internet Policy Research Initiative, said: ‘We all have an interest in increasing access to the ballot, but in order to maintain trust in our elections system, we must assure that voting systems meet the high technical and operation security standards before they are put in the field.’

‘We cannot experiment on our democracy.'

To investigate Voatz, the team reversed engineered the app and found an adversary with remote access to the device using the application can alter or see a user’s vote.

And if the server is hack, which the team found can be easily done, the cyber criminal can change votes.

Researchers also uncovered that Voatz's use of a third-party vendor for voter identification and verification poses potential privacy issues for users

Michael Specter, a graduate student in MIT's Department of Electrical Engineering and Computer Science and a member of MIT's Internet Policy Research Initiative, said: ‘It does not appear that the app's protocol attempts to verify [genuine votes] with the back-end blockchain.’

WHAT IS THE BLOCKCHAIN? Blockchain is a digital, public ledger that serves as a record of all types of transactions. The system became popularized as Bitcoin grew in use over the past few years. The blockchain serves as a digital record of cryptocurrency transactions. Recently, companies have begun using the blockchain for a variety of different purposes. The blockchain records transactions, or blocks, in the order they were made. Instead of one person having knowledge of the record's order, everyone has access to the system and is able to verify the order. However, each transaction is encrypted with a 'hash' that converts each entry into a random jumble of letters and numbers using an algorithm. Advertisement

‘Perhaps most alarmingly, we found that a passive network adversary, like your internet service provider, or someone nearby you if you're on unencrypted Wi-Fi, could detect which way you voted in some configurations of the election.'

'Worse, more aggressive attackers could potentially detect which way you're going to vote and then stop the connection based on that alone.

The team also found that a third party has the ability to access user’s photo, driver's license data, or other forms of identification.

Matthew Green, an associate professor at the Johns Hopkins Information Security Institute. In the case of Voatz, also noted: ‘I think this type of analysis is extremely important. Right now, there's a drive to make voting more accessible, by using internet and mobile-based voting systems.'

'The problem here is that sometimes those systems aren't made by people who have expertise in keeping voting systems secure, and they're deployed before they can get proper review.'

In the case of Voatz, he adds, "It looks like there were many good intentions here, but the result lacks key features that would protect a voter and protect the integrity of elections."