You might also like...
More Reads
Use the latest research conducted by your colleagues in the testing industry to evaluate your options and make the best decisions for your assessment program.
Read more →
Get to know your colleagues in the test security industry a little bit better as they answer fun and intriguing questions from Marcel Proust's 18th-century parlor game.
Read more →
The Detection + Reaction Lockbox
David Foster,Ph.D.
David Foster, Ph.D., CEO & President, Caveon
Let's Balance the Scale
A psychologist and psychometrician, David has spent 37 years in the measurement industry. During the past decade, amid rising concerns about fairness in testing, David has focused on changing the design of items and tests to eliminate the debilitating consequences of cheating and testwiseness. In 2003, David co-founded the industry’s first test security company, Caveon. Under David’s guidance, Caveon has created new security tools, analyses, and services to protect its clients’ exams. He has served on numerous boards and committees, including ATP, ANSI, and ITC. David also founded the Performance Testing Council in order to raise awareness of the principles required for quality skill measurement. He has authored numerous articles for industry publications and journals and has presented extensively at industry conferences.

I love this quote by Albert Einstein: “Life is like riding a bicycle. To keep your balance, you must keep moving.” In the context of security, and with a little license, I take the “moving” to mean that we should not only use a variety of solutions, but continuously change, adapt, and match those solutions to whatever threats are current.

Balance is important in the world of security. Banks don’t protect your money with just strong vault doors. They also use cameras, guards, dye-packs, and other security measures you don’t even know about. Cars don’t keep you safe with just seatbelts. They rely on safety training, shatter-proof glass, monitoring gauges, disc brakes, and dozens of other security features. You don’t protect your body’s health with vitamins alone. You exercise, get vaccines, visit the doctor for regular checkups, and much more. When the stakes are high, we recognize that it is foolish to rely on a single solution. Like the old adage, “Don’t put all your eggs in one basket” warns, it is vital that we diversify our efforts. Threats to security come from all directions, and no single solution or type of solution will be sufficient for success.

As you already know, this edition of
The Lockbox
focuses on systems and methods for detecting test security fraud. The
last two editions
were devoted to two other ways of protecting tests and test scores: prevention and deterrence. It is fortunate that there are many tools in the toolbox to bolster the security of high-stakes exams. And because they work differently, or come at the problem from different directions, none of them should be used exclusively. There is no one-stop-solution to test security.
Security tactics that
react to
) test fraud have traditionally been the set of security methods that we in the testing industry are most comfortable with. Somehow, detection resonates very clearly with us. Proctors are useful because they can spot someone using a cheat-sheet. Or web monitoring can find stolen test items on the Internet. Even a published tip line can help us discover something we weren’t previously aware of. Nobody wants fraud to go undetected, and nobody wants it to continue—so we put detection systems in place to discover fraud and to give us the opportunity to quickly react and put a stop to it. I certainly agree with this approach, which is why Caveon has offered a suite of detection services since its beginning in 2003. Our three iconic security offerings beginning in that year were (1) data forensics, (2) web patrol, and (3) test security audits. All three were organized with the express purpose of discovering actual breaches or vulnerabilities. All three provided recommendations on how to fix any problems detected.

Over the years, we have improved these services, but we have also added the ability for our clients to
many forms of fraud before any damage can be done. When
is used routinely, the
systems—still vitally important—will generally detect fewer attempts at fraud. These detection systems become more efficient, evaluative, and more accurately prescriptive. This is a natural and welcomed result of both prevention and detection systems working together.

Likewise, deterrence solutions can and should be added to the mix. It is the third leg of the security stool. (Remember

Those who are considering cheating or stealing test content are definitely people who are sensitive to risk, and who can be convinced not to go through with their nefarious plans. Psychologically, they can be influenced in several ways. Here are some examples:

Simply by learning the rules, many such persons may realize that what they have planned is actually illegal or unethical.
If they already know that their planned actions are illegal and unethical, telling them what measures are in place to catch them can dissuade them. Nobody wants to get caught.
Just telling these individuals about the possibility of civil or criminal legal action taken against them might be the nail in the fraud coffin.

No single test security solution is going to be that effective on its own, and no single method (prevention, deterrence, detection) of test security can triumph single-handedly. If you rely only on a decent preventative solution, such as Caveon SmartItems™, you may never learn how effective they are. Data forensics and web monitoring can tell you if they have the impact you hoped for. The same argument can be made for deterrence solutions. When used, the rate of fraud should reduce, but this can only be determined by your detection methods and technology. But while the detection solutions discussed in this edition are vital for test security, they cannot stand alone. After all, who wants to only see reports of all the fraud that’s occurring? Something will be done about those breaches, to be sure, but it is comforting to know that with a few other tactics in place, you can avoid most fraud in the first place.
Fully accepting the risk of mixing metaphors, I recommend that you keep your eggs in several baskets, while balancing on the bike and putting extra nails in the coffin…and don’t forget to use all three legs of the stool.

Join our mailing list
Copyright© 2019 Caveon, LLC.
All rights reserved.
Privacy Policy
Terms of Use
Interested in learning more about how to secure your testing program? Want to contribute to this magazine? Contact us.