Last year, Utah County piloted a new form of mobile voting for its municipal elections to enable military personnel stationed overseas and residents with disabilities to participate in the democratic process. Now, a team of researchers at the Massachusetts Institute of Technology says the app could have significant security flaws.
Voatz, an application designed by a Boston-based startup company of the same name, uses blockchain and facial recognition technology to verify voter identity, allowing citizens to vote on smartphones rather than by mail or in person at a polling station.
Utah County was one of the few places in the country, along with Colorado, Oregon and West Virginia, to pilot use of Voatz in federal, state or municipal elections. It was also used during the 2016 Utah Republican Convention.
“It’s literally digitizing the exact same process a voter would experience at polls when they show photo ID,” Utah County Deputy Clerk Josh Daniels said in a July interview.
Clerk Amelia Powers Gardner said in July that the app could potentially provide “a more secure and convenient system for the 2020 presidential election.”
In a technical paper released Thursday, a team of MIT researchers said that “Voatz is vulnerable to a number of attacks that could violate election integrity,” adding that an attacker with root access to the voter’s device “can easily evade the system’s defenses … learn the user’s choices … and alter the user’s vote.”
The Utah County Clerk/Auditor’s Office could not be reached on Thursday to comment on the study.
Graduate students Michael Specter and James Koppel, and MIT Internet Policy Research Initiative Director Daniel Weitzner reverse-engineered the Android application to test its security, according to the paper.
Before publicly announcing their findings, they alerted the United States Department of Homeland Security and “spoke directly with affected election officials in an effort to reduce the potential for harming any election processes.”
Specter said in a press release that the app also poses privacy issues for users since it uses a third party for voter ID verification, allowing for potential access to driver’s license data if that vendor’s platform isn’t secure.
“Perhaps most alarmingly, we found that a passive network adversary, like your internet service provider, or someone nearby you if you’re on unencrypted Wi-Fi, could detect which way you voted in some configurations of the election,” said Specter. “Worse, more aggressive attackers could potentially detect which way you’re going to vote and then stop the connection based on that alone.”
Critics have questioned Voatz prior to the MIT study. Last November, U.S. Sen. Ron Wyden, D-Oregon, wrote to the Department of Defense complaining that the company wouldn’t release audit results or the names of independent experts hired to audit the app.
“This level of secrecy hardly inspires confidence,” Wyden wrote.
Based on their findings and a “lack of transparency” from Voatz, the researchers recommend in the paper “that any near-future plans to use this app for high-stakes elections be abandoned” and that future designs for voting systems be made “available for public scrutiny.”
In a written statement, Voatz rejected the “untested claims” of the MIT paper and accused the researchers of making “bad faith recommendations.” The company said the researchers analyzed an outdated version of the app that wasn’t used in any elections.
“Had the researchers taken the time, like nearly 100 other researchers, to test and verify claims using the latest version of our platform … they would have not ended up producing a report that asserts claims on the basis of an erroneous method,” the company said.
The Boston-based company said that all nine of the governmental pilot elections conducted, including those in Utah, were “conducted safely and securely with no reported issues,” adding that pilot programs “educate all election stakeholders and push innovation forward in a responsible, transparent way.”
“These attempts effectively choke any meaningful conversation and learnings around the safe integration of technology to improve accessibility and security in our elections,” the company said. “The effect is to deny access to our overseas citizens, deployed military service men and women, their families, and citizens with disabilities.”
On its “How Do I Vote?” page, the Utah County Elections Division currently provides information on how to vote using Voatz and a link to the company’s website.