Test Piracy: The Darker Side of Certification
It’s no surprise that one definition of piracy in the dictionary is “an act of robbery on the high seas.” But a second definition states, “the unauthorized use of another’s production, invention or conception, esp. in infringement of a copyright.” Except for the “high seas” part, both definitions of piracy describe exactly what has been going on in the darker places of IT certification. Stealing questions, changing test results, taking tests for someone else and unauthorized use of materials during testing are some of the daring, illegal and unethical actions becoming more commonplace as individuals attempt to achieve unearned certifications. The problem has become epidemic, and serious efforts are underway throughout the industry to combat it.
But here’s the bright side: Today’s piracy efforts for the most part are juvenile, occur infrequently, remain unorganized and have occurred in an environment of trust and developing technology. With industry-wide support and organization, along with new tools and industry commitment to protecting the value of certification, these piracy efforts can be countered.
Scope of the Problem: Larger than IT Certification
In August 2002, the Educational Testing Service (ETS) temporarily suspended testing of the Graduate Record Exam (GRE) in China, Korea and Taiwan because of suspicious testing patterns in these regions, as well as Web sites with questions and answers from live GRE exams. Paper-and-pencil testing was re-instituted in these countries. More recently (October 2002), the National Board of Podiatric Medical Examiners canceled the scores of 272 students from four schools because there was evidence that the students had the test content before the scheduled exam date.
Recently in Massachusetts, 19 teachers, administrators and students broke the rules for administration of a statewide assessment known as the Massachusetts Comprehensive Assessment System (MCAS). Teachers sent test questions to colleagues, returned test booklets and asked students to revise them and gave some pupils two days instead of one to complete the test essays.
In IT, results of a recent survey of 629 respondents indicated that 86 percent of certification candidates felt that it was acceptable to use “brain dumps,” Web sites that contain illegally obtained questions from live exams, to prepare for the exams. Only 9 percent felt that such an activity was cheating.
A few years ago, Nancy Cole, president of ETS, described the United States as a “nation of cheaters” and cited evidence to support her claim that cheating has become commonplace, with up to 98 percent of college students admitting to cheating in high school (Miami Herald, Dec. 15, 1998). Other researchers, Linda Trevino, a professor at Penn State, and Donald McCabe from Rutgers reported that cheating on tests for college students increased from 25 percent to 50 percent between 1963 and 1993 (reported in New York Times, May 10, 2002).
It is clear that when the stakes are high, such as those for certification/licensure or college admission exams, the motivation to cheat or commit other types of testing fraud exists. Individuals will try to get a higher score or a passing decision without having the sufficient skill or knowledge. While there are many honest individuals, it must be recognized that others will try to gain from the lack of security measures taken to protect exams and the programs that rely on them.
Computerized Testing: Good News and Bad
There is no doubt that the switch from paper-and-pencil tests to computerized tests has improved the security of the exams. In fact, the major security problem associated with paper-and-pencil testing, that of students copying the answers from students sitting near them, has been completely wiped out by the computer’s ability to present questions in a random order. Here are some other security advantages:
- Complete and equivalent test forms are randomly selected. Test-takers can’t anticipate which set of questions they will see.
- Computerized adaptive testing creates individually tailored exams, reducing the exposure level of questions and making it difficult for less competent individuals to succeed by cheating.
- Encryption and password protection provide secure transmission of tests and test results.
- Test development that is entirely computerized prevents the copying and distribution of question pools and tests.
Now the bad news. One of the major advantages of computerized testing to certification candidates is the ability to give the test any time at convenient locations. Some IT certification tests have been available for more than two years. This convenience brings with it a huge security problem: It lets earlier test-takers share questions with later test-takers. Paper-and-pencil tests do not have this problem, because they are usually given only once a year at set locations. While the best solution to this problem is to increase the size of the item pool and create more test forms, this takes time, uses valuable resources and is expensive.
Types of Security Problems
What exactly are the types of security problems occurring in IT certification? I have categorized them by those occurring before, during and after testing. Here are two or three examples of each. The examples aren’t all from IT certification tests, but illustrate what has occurred or what is possible:
- Arranging to have someone take the test for you. Last year in the United Kingdom, an employee of a testing center offered a passing score to anyone who would pay him his asking fee, about $500. He would have the candidate meet him at the testing center where he would perform the required security measures. Then once the test began, he would answer the questions for the candidate.
- Obtaining the questions prior to taking the test. One of the more popular forms of testing fraud occurs when a certification candidate obtains alleged actual test questions prior to taking the test. This is done in several ways, but the most popular seems to be visiting brain-dump sites. Brain dumps are Web sites where others who have already taken a particular test have supposedly memorized the questions and placed them on the site. Sometimes the access to the site is free, but often the candidate pays a fee to receive access to the questions.
- Using unauthorized materials. IT certification candidates have been caught bringing a wide variety of “aids” with them into the actual room where tests are delivered. These include copies of training and technical manuals, PDAs, digital cameras, tape recorders, cheat sheets (papers with information on them that would help to answer questions) and blank paper for copying questions and options. These and other materials and techniques are, of course, forbidden and should have been left outside the testing room.
- Receiving help during the exam. Because many testing centers exist within the walls of training centers, there exists strong motivation to help the center’s students pass the test. On occasion, instructors or other employees of the training centers have “helped” the examinee answer questions. While this wasn’t necessarily done for a fee and may even have been spontaneous, it is still an example of fraud.
- Leaving the testing room for the purpose of getting help. During lengthy tests, it is possible to obtain permission to leave the testing room to get a drink of water or to go to the restroom. Some test-takers have taken advantage of this privilege and have used it as an opportunity to consult unauthorized materials or ask someone for help.
- Memorizing questions with the intent of sharing them later with others. A few years ago, a t