Adapting Security for Twenty-First Century Testing
By David Foster, President, Caveon Test Security
Over 20 years ago, the first high-stakes tests were delivered using computers. The movement of using technology to administer tests was launched. The many advantages of the new ways of testing were realized almost immediately. These included the convenience of being able to take the test at any time and receive an immediate score report. Unfortunately, the new exams were more susceptible to theft and cheating because tests were given during a long testing window. When the same test is given over a long time frame, say, weeks or months or even years, opportunities exist for people early in the period to steal the questions and share them with people later in the window. How the questions are stolen isn’t all that important, but testing programs have never really come up with good security solutions. The problem remains as bad today as it has ever been.
It’s not that the problem can’t be solved. It’s just that we have tried to apply the security methods of the past century to a new way of testing. It would be like harnessing horses to pull a car. Or, using a telegraph to send an email. Proctors—the standard security default approach—are not able to stop most modern ways of stealing exams, and they are just about as ineffective at stopping cheating. And worse yet, sometimes they even do the stealing and cheating.
So, what’s the answer? How can technology-based tests be made more secure? How can a test today be protected while remaining in active service for long periods or even indefinitely. It seems logical to me that technology, having created the problem, should also provide the solution. As Shakespeare stated in King John, “fight fire with fire,” meaning that we should enhance our security efforts with new technologies.
If new security technologies can stem exam theft and cheating, what are some of them?
New data forensics analyses go beyond detecting erasures on answer sheets. They can detect clusters of unusually similar tests. They can make use of item response times to detect tests that are taken too quickly or too slowly.
Exams can be “watermarked” intelligently in such a way as to identify the thief if the items are later found on a website.
New computer-only item formats can protect content better than traditional item designs. Items can be administered one at a time in a design that doesn’t allow for returning and reviewing them.
This list can go on, and the above methods can be refined and improved. Plus, many of these can be used effectively to improve security for paper-and-pencil tests. We’ve given the thieves and cheaters quite a head start. It’s time to fight back with fire of our own.