← All articles
·5 min read

The New Cheating Landscape: What's Actually Changed Since 2023

AI-powered contract cheating, deepfake identity fraud, and real-time exam collaboration tools have rewritten the threat model for online assessment. Here's what's real, what's overblown, and what actually works.

The threat model has shifted

In 2020, the cheating concern was "Google during the exam." By 2023, it was "ChatGPT on the essay." In 2026, the threat landscape is more sophisticated, more distributed, and more ambiguous than any of those — and most proctoring tools were not designed to handle it.

This article cuts through the FUD and maps what has actually changed in the online cheating landscape, what proctoring tools can realistically address, and where institutions need to shift their strategy.

What's real: the actual threat vectors in 2026

1. AI contract cheating — sophisticated and hard to detect

AI has made contract cheating cheaper, faster, and more scalable than any human-written cheating service. A student can now:

  • Use a fine-tuned AI model (including open-source models run locally) to generate answers that are indistinguishable from human work
  • Feed the AI access to their course materials and previous assessments to produce stylistically consistent work
  • Use multiple AI models in rotation to avoid any single model's detectable patterns

The detection problem: AI-generated text detectors have a documented false positive rate that makes them legally and ethically unusable as the sole basis for academic misconduct findings. A UK university faced legal action in 2024 when an AI detection tool misidentified a student's native-language writing as AI-generated. Proctoring tools that claim to "detect AI writing" in real time are not reliable.

What actually works: Process integrity — verifying that the work was produced by the enrolled student under the right conditions — is more defensible than content analysis. This is the model ProctorSafe is built on.

2. Real-time collaboration tools

Group messaging platforms (Discord servers dedicated to specific courses, WhatsApp groups, Telegram exam-sharing channels) have become a primary vector for real-time collaboration during exams. A student shares a question in a group chat; peers who have already completed the exam (or have an answer bank) respond in real time.

The detection problem: This happens entirely outside the exam environment. No proctoring tool sees it. Traditional proctoring — the webcam, the room scan — is irrelevant here.

What actually works: Designing assessments that are resistant to collaboration by design: randomised questions, time-limited responses, application-based questions that require synthesis rather than recall.

3. Deepfake identity fraud

In 2025, several universities reported cases of students using AI-generated video to spoof identity verification during remote proctoring sessions — essentially, a fake webcam feed showing a person who isn't the enrolled student. This was made possible by deepfake video tools that can be run in real time on consumer hardware.

The detection problem: Traditional proctoring tools that record and transmit video are actually more vulnerable to this than they might appear — a deepfake video feed passes through the same pipeline as a real one. The detection challenge is significant.

ProctorSafe's position: ProctorSafe does not transmit video — face verification is done on-device against an enrolled template, and the only signal that leaves the device is a binary match/no-match result. A deepfake video played to a webcam would not pass on-device liveness detection (which checks for the physiological signature of a real person — micro-expressions, blood flow, reflection patterns) because the attack surface is on the device, not the server.

This is a meaningful architectural advantage of the on-device model for identity integrity.

4. Exam material theft (question bank harvesting)

Before the exam, students — or paid "researchers" — systematically harvest questions from practice exams, previous years' papers, or course materials to build answer banks. The exam is then completed from the answer bank, not from knowledge.

The detection problem: This happens entirely outside the proctoring window. No tool can detect it.

What actually works: Proctoring tools that focus only on the exam session miss this vector entirely. The solution is assessment design: randomised question pools, randomised question ordering, algorithmically generated variants, and frequent question bank rotation.

What's overblown

"AI will make exams impossible"

Exams were supposed to become impossible when calculators were introduced. Then when the internet was introduced. Then when smartphones were introduced. Each time, institutions adapted — not by eliminating assessment, but by rethinking what they're measuring.

The same will happen with AI. Assessments that measure synthesis, application, and judgement — things that are genuinely difficult to outsource to a language model in real time — remain defensible. The problem is not AI. The problem is exams that measure recallable, AI-generable outputs.

"We need AI detection in proctoring"

AI writing detection tools have well-documented accuracy problems — particularly for non-native English writers, who are disproportionately flagged. Universities that have deployed AI detection as a misconduct finding tool have faced legal challenges, reputational damage, and regulatory scrutiny. This is not a viable enforcement mechanism.

"More surveillance = more integrity"

There is no evidence that higher-surveillance proctoring correlates with higher academic integrity. What it correlates with is higher student anxiety, higher rates of false flags for students with disabilities, and higher privacy complaints. The correlation between surveillance intensity and learning outcomes is, if anything, negative.

What ProctorSafe's model addresses

ThreatCan ProctorSafe detect it?How
AI contract cheating (during the exam)NoProctorSafe is process integrity, not content analysis
Real-time collaboration (outside the exam)NoRequires assessment design
Deepfake identity fraudYes — specifically mitigated by architectureOn-device liveness + face match; no video transmission
Question bank harvestingNoRequires assessment design
Tab-switching, devtools, environment anomaliesYesCore SDK monitoring
Face-absent or face-mismatch during examYesOn-device detection, no video stored

The honest answer: ProctorSafe cannot solve the AI cheating problem, because no tool can. What it does is provide defensible process integrity for the exam session itself — and it does that without the privacy and legal exposure that comes with mass video surveillance.

The strategic shift: from detection to integrity culture

The most durable response to the 2026 cheating landscape is not better detection. It's a shift from integrity as surveillance to integrity as culture:

  1. Assessment redesign — prioritise synthesis, application, and original analysis over recallable outputs
  2. Psychological safety — when students feel surveilled and distrusted, they are more likely to cheat. When they feel respected and fairly assessed, they are less likely to
  3. Clear, consistent consequences — a small number of clear, enforceable integrity violations is more effective than a broad surveillance apparatus that catches nothing
  4. Transparency — tell students exactly what your proctoring tool does and does not do. ProctorSafe's model is defensible precisely because it is explainable

ProctorSafe's architecture supports this shift: it provides a legitimate integrity signal to institutions that want it, without the surveillance apparatus that creates adversarial dynamics between institutions and students.

Assessment designers and academic integrity officers: for a review of how ProctorSafe's architecture handles specific threat scenarios at your institution, contact the team at proctorsafe.eu.