Removal of the words Passwords and Proctoring
AND…
That institutions must use processes that protect student privacy
Let’s explore WHY these changes took place:
Consideration 1: How bad are passwords?
WAY BAD! 97% of the top 1,000 companies have experienced a breach due to weak or stolen passwords. It is not that passwords per se are bad- it’s the Way They are Created – typed in. Key logger hacking software is available as freeware on the Internet (examples, Logrocket, Smartlook, Clicktale). Other software to crack passwords includes Brutus, John the Ripper, Cain and Able. Hackers can easily find your password by analyzing your password patterns and click behaviors. The biggest issue in higher ed is that colleges make it too easy to share passwords so cheating continues.
Ok easy to share and easy to hack. Typed passwords are no longer useful.
BUT GOOD news! When you draw a 4 – character password it is 11.3M times more secure than a 9 -character typed password! Passwords you draw with your finger or mouse are a type of biometric that is exploding in use. The product is called BioSig-ID. The simple change from typing to drawing turns your code into a secure login that stops imposters and sharing of your password since they can’t duplicate your drawing pattern (length, speed, angle, order, stroke count etc.).
This also turns it into what is called Multi-factor authentication (MFA). In short, something you know (your 4 character code) and something you are (how you draw your 4 character code). All it takes is 4 characters to turn your password into something indigestible to the hackers and for hire surrogates. Try it out on our web page www.biosig-id.com No hardware or software downloads are required.
One of our clients has enrolled over 100,000 users where we have authenticated their identity before they get access to over 700,000 tests, quizzes, and exams. To gain access to gradable assessments, these students have performed an estimated 4.2M authentications using BioSig-ID, all with less than 1% help desk calls. https://biosig-id.com/bsi-presents-results-of-case-study-where-they-performed-id-authentication-for-users-in-over-500000-courses/
Years ago virtual proctoring was considered the way to establish the student ID and prevent cheating on tests. Fast forward to today and we find that the same companies that provide services for hire have developed ways to outfox and beat online proctoring technologies.
– https://infoproc.blogspot.com/2013/04/how-to-cheat-online-exam-proctoring.html
– https://jakebinstein.com/blog/on-knuckle-scanners-and-cheating-how-to-bypass-proctortrack/
OK, how about we use a secure browser so students can’t access Dr. Google to assist them during exams? Apparently, this technology is also beaten. Here is one of the 8,280 results if you Google how to bypass a well known solution:
https://www.reddit.com/r/HowToHack/comments/awe35u
Besides being able to beat these virtual proctoring technologies and secure browsers of the world, you have other emerging issues such as privacy, liabilities and the knowledge that students are less likely to cheat when being watched. So the real cheating is happening with non-proctored tests, quizzes, discussion threads..that only need a password to access. For a good overview read this blog:
https://biosig-id.com/264-virtual-proctoring-is-it-true-the-system-can-be-broken/
HOLD ON, there’s more bad news. If a school is giving virtual proctoring, they must now consider the user experience. For years, the poor student may have been subjected to a virtual testing scenario that was not acceptable. This is BIG!
Recent research details the poor user experience that can even affect grades. In a landmark study published on October 3, 2019, nurses were randomized into remote and in-person proctoring for a certification assessment. With 600 nurses completing virtual proctoring they found:
- Overall rating range was 2.5-9.1 (average (5.64) out of 10
- 16.4% had camera or audio issues
- 16.9% could not get a proctor to respond to them
- Those who had these and other issues had a delay of 23 minutes (p = 0.001)
- This 23-minute delay was not taken into consideration and the authors believed it accounted for the lower scores from this group
- Privacy concerns from users was a big issue. This included taking pictures of your ID photo documents, being recorded, 360-degree webcam panning, Giving proctors control of your PC.
- Other issues included, poor password management causing delays, body movements not permitted, ID management concerns, and foreign-speaking proctors
Source: Use of Resources and Method of Proctoring During the NBCRNA Continued Professional Certification Assessment: Analysis of Outcomes. Dennis Spence, Ph.D. et al, Vol 10, Issue 3 Oct 2019, Journal of Nursing Regulation.com
Consideration 3: Contract cheating has become very common
In a systematic review of 54,514 participants using self- review, students admitted to paying someone to complete their work 15.7% of the time. This represents a potential of 31M students! (Frontiers of Educ., 30 August 2018 ( https://doi.org/10.3389/feduc.2018.00067). Dave Tomar in his book The Shadow Scholar, “How I Made a Living Helping College Kids Cheat” detailed how cheating from papers, discussion groups, tests, quizzes were completed for students for a fee. Recent research looking at Predictors of Academic Dishonesty suggests that in-person cheating is just as bad, if not worse than online classes. (Researchgate.net/publication/325249542_Predictors_of_Academic_Dishonesty_among_undergraduate_students_in_online_and_face-to-face courses.)
Ok, so what is the point? We know cheating is very common in both online and in-person, but why is it allowed to happen? Simple answer. It is the use of typed passwords, how easy it is to share them and nobody knows who is doing the work. Test, quizzes, exams, discussion threads are easy targets. Give your mom, friends or pay some for help and magically your work gets done. Since your school/instructor is not looking for patterns of dishonesty nobody is the wiser, so it continues.
So what do most colleges do? They politely ask the students to please not cheat, read the school’s honor code and please play fair. We will call this the deter method. The problem is when it’s so easy to cheat it creates opportunity. Motivation is the race to achieve higher scores to enable access to better-paying careers and more money. This is the same motivation that the 50+ celebrities paid for their children to get a step ahead into better schools with the ultimate goal of more opportunity.
Fast forward to some work done at the University of New South Wales. They used the “deter” method and decided that it was time to move to a “detect” philosophy. When they did this and started looking for cheating patterns their verified rate of cheating went up 2,000%! (https://www.smh.com.au/education/cheating-found-at-unsw-up-by-2000-percent-as-new-detection-methods-used-20190814-p52gz4.html#comments)
Summary – Current technologies whose purpose is to stop cheating and fraud are failing us:
The environment and technology has changed. BSI approaches the solution differently to account for these changes. We act at the places where cheating is most likely to occur, discussion threads, tests, quizzes, exams that are only protected with a password. BSI also offers award-winning AI forensics that looks continuously to identify human and non-human patterns of cheating. If a student is going to cheat, they most likely will not cheat while being watched. You could be investing in virtual proctoring and subjecting your school to privacy infractions, liability for collecting certain biometrics up to $1,000/incident or poor user experience affecting grades. You can fail your exam and still make a pass by having experts complete the 70-80% of your GPA that is not proctored.
BSI technology gets the job done through continuous 5 second ID authentications, deep forensics and now you can add another technology: BioSight-ID (proctoring “lite”).
BSI now offers e-Proctoring using BioSight-ID. Using the webcam of the user to take images randomly during the exam to verify their identity throughout. Random images taken detect incorrect behaviors or cheating attempts. We determine whether the student is the same student from start to finish. This is a passive, proven way to monitor students during exams without disturbing students with virtual proctors, rigorous setup or privacy concerns. If students are not cheating because a proctor is watching them, why pay for this expense? BioSight-ID is a low-cost alternative to faculty who want proctoring but now it can be proctorless. This combines with BioSig-ID for continuous authentication. To prevent cheating, and add flexibility for faculty we now offer this practical and in-expensive method for our clients.
If you would like to hear about our exciting and proven technology call Tyler Weiland, VP Marketing (+1) 469-206-9343 Tyler.Weiland@biosig-id.com
Ask about our presentations at the Institute for Credentialing Excellence (ICE) and at the SACSCOC 2019 conference discussing ID Authentication in 700,000 courses and 160,000 users or a college with over 80,000 students successfully using BioSig-ID.
Give us a call or visit www.BioSig-ID.com for additional information!