1. Is Prometric planning to implement palm scanning or other similar technology in its test centers?



    In 2006, Prometric completed the first global installation of biometric identity management systems throughout our Professional Licensure and Certification test center network. Our biometric systems are an advanced means of verifying a candidate's identity when he/she arrives at our test center to take an exam. Through the years we've evaluated a variety of potential biometric solutions (e.g. retinal scans, iris scans, facial recognition). Digital fingerprinting was selected for several reasons; a) it's technology that's familiar to many candidates and therefore more likely to be wide accepted; b) it is easy for test center administrators and candidates to perform properly; c) it is highly accurate, with minimal false positives and false negatives, all validated by third-parties; d) the electronic files are very compact, making transmission and long-term storage far more efficient than other forms; and e) it is very cost effective.
  2. What does the biometric system do? What does it check for?



    Prometric's biometric identity management system consists of a fingerprint reader, a device for reading the digital information on a driver's license, passport, or similar identification document, and a scanner for recording the human-readable information on the front of the driver's license or other authorized document. The fingerprint reader captures an image of a fingerprint that is used to monitor and control the movement of the candidate in and out of the test room. The fingerprint can also be compared electronically to a central database to ensure that the candidate did not test previously under a different name. This same system is also used to verify the identity of the test center administrators on duty and to monitor proctoring behavior during each day's testing activity. When used in conjunction with the central database the candidate check-in process is made more efficient, particularly for candidates that have tested previously with Prometric, because much of the data collection is automated.
  3. What is Prometric doing to deter proxy testers?



    We rely on our staff of certified test center administrators to uphold our stringent security measures, including biometrics. Using digital scans of fingerprints and TCA intervention each time a candidate enters or leaves a test room ensures that the person who left is the same one returning. The fingerprints are securely stored in an off-site database, so that a year or two or three down the road, if a candidate returns to the test center, we can match up the recent fingerprint with the one previously stored. This virtually eliminates the potential that an individual can test under an assumed identity.
  4. How big a problem is it really?



    A Boston Globe article recently stated that there were 1,000 "confirmed" incidences of cheating among 200,000 test attempts administered by one of Prometric's competitors. This is a rate of 00.5 – or a half of one percent. We'd like to point out that the same story could have reported the facts differently; that is to say that 99.5% of tests are valid and reliable measures of individual skills and abilities.

    Proxy testing is a problem to be addressed, though the scale of the problem is nowhere near as severe as the article implied. There are many factors that come into play in the provision of secure exams and testing experiences, and Prometric has been first to implement many of them on a widespread basis. We take exam security very seriously given its role in the protection of the public, so when tools come along that can improve security and therefore improve the protection of the public welfare we incorporate them into our offerings to clients.

  5. Is Prometric planning to develop a forensic analysis service?



    Prometric already offers a service called "Data Forensics" – to its clients. Our data forensics service provides analysis of items and exams to detect and flag abnormalities in the testing process.

  6. What does it do/how does it work?



    Data forensics looks to identify unusual response patterns, unexpected candidate behavior (e.g. ending the test early, requesting frequent breaks, skipping large numbers of items, spending an inordinate amount of time on selected items) and sudden performance improvements (both localized and universal) which can all be indicators of a potential security concern that can be investigated by a thorough review of the various files generated during a test event. Prometric maintains an extensive amount of data on each test event, including the time spent on each item, the frequency with which responses were changed and the number, time and duration of all breaks. We can tell, based on trends with these data points, whether there is a likelihood that one or more individuals are cheating and/or harvesting items.

  7. Is Prometric involved in any other security-minded initiatives?



    In addition to biometrics and availability of data forensics, Prometric is working with several of our clients to implement performance-based exams that utilize simulations of 'real world' tasks. We are also currently partnering with one of our largest IT certification clients in a new design that allows candidates to fully interact in real time with actual software applications via secure, high-speed, internet connectivity to a remote data center.

Return to the Security Reference Page