There is a problem in the IT certification business. It affects all of us in the industry: hardware and software companies that sponsor certification programs, IT professionals who seek certification to validate their skills and employers who use certifications to identify qualified workers.
Yet this problem is the elephant in the room that everyone knows is there, but no one wants to acknowledge. What is it?
It’s certification fraud.
When people cheat to obtain IT credentials, the value of certification is diminished for everyone. Fraud destroys the trust employers and individuals have in brand-name certifications that are the foundation of the IT profession. Rumors of cheating lead to doubt about the qualifications of all people who hold credentials.
Employers no longer can assume that candidates can do a job, even if their certifications indicate they should have the requisite knowledge and skills. And when employers don’t value certification as a hiring, promotion or compensation criterion, IT professionals don’t see the value in attaining certification.
But certifications are important baseline measures of competency, since the IT industry doesn’t offer objective license programs to measure qualifications like in the pharmaceutical industry.
Therefore, some of the major players in the IT industry are banding together to attack this issue head-on. For the first time, companies such as Microsoft, IBM, HP, Sun Microsystems, Prometric and many others collaborated for the same end goal, resulting in the creation of the new IT Certification Council (ITCC).
Fraud is not a new problem; it has been around for years. What is new is the concerted, collaborative effort to eradicate it.
What Is Certification Fraud?
Certification fraud is a fancy phrase for cheating to provide or obtain a credential. Why do people cheat? Because companies want assurance that the people they’ve hired to design, build and manage the infrastructure and develop and deploy the applications are highly qualified IT professionals, and IT certifications help to offer this assurance.
In the IT certification market, fraud is manifested mainly in two ways: providing illicit information or materials that help a person pass (or appear to pass) a qualifying exam, and using such materials or other improper means to pass an exam.
The people who provide the materials do so largely for financial gain. For example, you can visit any number of “brain dump” sites to purchase an actual certification exam. Of course, these materials are marketed as “study aides,” but in reality they are stolen intellectual property.
Certifying agencies never provide test materials to third-party vendors to sell or distribute. So how do brain dump sites obtain the test materials? Oftentimes, people take a certification test for the explicit reason of memorizing or otherwise capturing questions and answers and then reconstructing the exam for later sale.
The other side of cheating involves an individual who uses illegal materials or means to pass an exam or obtain a certificate. Examples of this type of cheating include purchasing exam materials from a brain dump site prior to sitting for the exam; allowing another person to take a certification exam on your behalf; using forbidden materials or information during an exam; colluding with an exam proctor to obtain a passing score; and buying a fake certificate.
It’s worth noting that some candidates cheat without knowing it and certainly without intending to do so. The student who purchases a “study aid” from a brain dump site might think he or she is buying information authorized by the exam developer. It’s only after sitting for the exam that test-takers learn they inadvertently bought the actual exam items. Intentionally or not, these students have benefited from illicit materials.
The Ramifications of Cheating
When certification fraud occurs, everyone loses: individuals, employers, certification agencies — even the general public.
At the individual level, a person who cheats risks not only certification status, but also his or her career and reputation. Most certifying agencies state in their security policies that a person who is suspected or found guilty of cheating can be subject to consequences such as nullification of exam results, loss of existing credentials, expulsion from the certification program and even notification of the employer. It’s possible for a person to ruin a career over certification fraud.
The company that employs a cheater can be affected in numerous ways, as well. For example, an unqualified employee might be placed in a position of great responsibility. And IT projects staffed with unqualified personnel have a greater rate of failure and can result in huge financial losses for the company. Also, if the employer happens to be a value-added reseller of IT solutions from a specific manufacturer, it could lose authorization to sell the manufacturer’s products.
Certification fraud also robs IT solution manufacturers of their intellectual property. A single certification examination costs hundreds of thousands of dollars to develop. When elements from the exam are for sale, that investment is diminished.
Finally, the general public can be put at risk by certification fraud. Suppose, for example, that a credit card validation system is compromised because an unqualified individual designed it. This can put credit information for thousands or millions of people at risk and can cause millions of dollars in damages.
ITCC is working to combat certification fraud in a number of ways.
First, the member companies are working with test centers such as Prometric and Pearson VUE to analyze the test results from every exam to understand how people take the exams. This data can help establish a baseline of behavior