Cheaters: Inside IT Certification Fraud
Targeting the Consumer
This, then, begs the question: why don't authorities shut down the brain dump sites? Because it's not as easy as it seems.
"In the late 1990s, the Digital Millennium Copyright Act (DMCA) gave software companies and testing centers the ability to go after unauthorized providers of test content," says David Meissner, vice president of Solution Services at Prometric. "But having this legal tool doesn't make it easy to go after the offenders. Often they are located in countries that don't recognize U.S. laws, making prosecution difficult to impossible."
It takes very deep pockets to pursue the purveyors of brain dumps. Civil or legal action can drag out for years with little success to show for the effort. Many certifying agencies will pursue a cease-and-desist order rather than a lawsuit if their intellectual property is compromised.
A different strategy for combating certification cheating is to go after the consumer of the illicit materials. "Brain dump sites are like drug dealers," says Lee Futch, product management lead for Symantec Education Services. "As long as there is a customer, there will be a dealer. We need to cut off the customer base to kill the illegal dealers of stolen [intellectual property]."
One of the missions of the ITCC is to spread the word to candidates that the certifying agencies are indeed going after the consumers of the stolen test materials whether the consumption was intentional or inadvertent.
The good news is that it's getting easier to spot cheaters. Using new data forensics techniques that didn't exist just a year or two ago, certifying agencies now collect metrics that can indicate the possibility that someone has used illegal tactics to pass the exam.
The metrics reveal statistics such as how long it took the student to answer each test item, which answers were changed during the test, and how much time the student needed to complete the test. These metrics are compared with a historical baseline value, and too much variation raises a red flag. Before the student even walks out the door of the test center, the test results can be called into question, triggering further investigation.
Even "inadvertent cheaters" can be caught this way. People who use information from the brain dump sites are essentially able to memorize or at least practice actual test questions and answers, whether they do it knowingly or not. This advantage can be readily identified in the test metrics, and the candidate can be singled out for further investigation and possible consequences.
"Citrix uses data forensics to identify specific instances of cheating," Scalisi says. "We now conduct a monthly review to identify anomalous scores and results. Once confirmed as cheating, candidates are subject to remedies up to and including certification revocation and ban from testing for up to one year."
ITCC members don't share data forensics about specific exams or individuals, but they do share information about testing centers if corruption is suspected. "Forensics let us look across tests and centers around the world," IBM's Cooper says. "When a test center appears to be compromised, we gather statistically valid proof to act upon. This data is based on tens of thousands of tests that are administered each year."
One test developer who prefers to remain anonymous describes a recent scenario in which dozens of candidates took the same exam at a proctored testing center in India. Every candidate scored extremely high on the test -- a definite aberration from normal circumstances. "This was an indication to us that the test center had a security problem," says the developer. By sharing such information through the ITCC, the IT vendors can decide whether to continue using that testing center.