August 14, 2024
PRIVACY & SECURITY
August 15, 2020
At Proctorio, we are proud that administrators at 850+ institutions around the world trust us to be their partner as we develop high-quality, high-integrity online education experiences for learners around the world.
Being an education technology provider means that institutions use our technology in scenarios where very sensitive data changes hands, such as conversations between exam administrators and test takers, answers to exam questions, and homework, to name just a few examples.
Because of the sensitive nature of our place in the education technology stack, we take data security very seriously. We use advanced technology to keep your data safe. Let us explain!
What data can Proctorio access? Proctorio does not require additional personally identifiable information (PII) to use our software or access support beyond what is already required by the assessment platform. Test takers simply sign in their LMS with their institution’s credentials and access their assessment.
Exam recordings are transferred and stored with Zero-Knowledge Encryption, meaning that only institution-approved representatives have access to the encryption keys needed to decrypt and review the recordings.
The only time Proctorio records a test taker during an exam is if and when the exam administrator chooses the video or audio recording option for the assessment. Video/audio recording information is not kept forever; depending on the institution, this information might only exist on our servers for as little as 7 days.
Once it is accessed, how is it protected? Proctorio is differentiated by its usage of Zero-Knowledge Encryption. This proprietary technology means only institution-approved representatives have access to the encryption keys needed to decrypt and review exam recordings.
This unique design ensures that nothing leaves the computer of an administrator or learner until after it is encrypted. This means that if Proctorio were ever to be hacked, the attackers would get a bunch of meaningless gibberish.
On top of that, Zero-Knowledge Encryption is merely one layer of encryption that Proctorio applies! Learner data (including all video, screen and audio recordings) is secured and processed through three layers of encryption:
Our platform goes through daily vulnerability and penetration tests to assess the strength of our systems against a potential attack.
Could a computer be attacked through the software that test takers need to install on their computers to use Proctorio? Proctorio requires no native software. It runs only as a browser extension, allowing test takers to easily install and uninstall Proctorio as they take online exams. We request very specific permissions to even further limit the information that the browser extension could capture; see our Privacy page for a breakdown.
How is Proctorio technology used in exam integrity decision making? Proctorio does not use technology that makes exam integrity decisions through an algorithm. If our face detection or gaze detection software finds something unusual, we flag it to the exam administrator, who will make all determinations and grading decisions. Proctorio flags behaviors; it does not make decisions.
What third-party organizations have vetted Proctorio’s safety standards? Proctorio’s privacy has been vetted by a number of third-party organizations to ensure we are upholding the highest data privacy standards.
Proctorio has been recognized by The Internet KeepSafe Coalition, who review and certify digital products for compliance with state and federal requirements for handling protected personal information, and has confirmed that Proctorio makes every effort to comply with Family Education Rights and Privacy Act (FERPA) and Children’s Online Privacy Protection Act (COPPA). Proctorio has also proudly signed the Student Privacy Pledge, supporting the privacy of K-12 students in the United States. Proctorio makes every effort to be GDPR compliant.
For institutions in Canada, Proctorio also makes every effort to comply with the Privacy Act (British Columbia), Personal Information Protection and Electronic Documents Act (PIPEDA), and Freedom of Information and Protection of Privacy Act (FIPPA). Exam-related data of Canadian test takers is stored locally and securely in Canada.
We also engaged a leading information security consulting company to perform a Security Assessment of our software and cloud environment. Here’s a summary of what they found:
Trust and integrity is at the core of what we do at Proctorio. We are proud of the technologies and measures we have put in place to keep data safe, and to protect the test takers and administrators who trust us as partners.
Note: This blog post was updated for clarity on June 23, 2021.
August 14, 2024
PRIVACY & SECURITY
July 31, 2024
PRIVACY & SECURITY
July 17, 2024
PRIVACY & SECURITY
March 21, 2024
PRIVACY & SECURITY
September 19, 2023
PRIVACY & SECURITY
November 3, 2022
PRIVACY & SECURITY
October 28, 2022
PRIVACY & SECURITY
June 03, 2022
PRIVACY & SECURITY
January 5, 2022
PRIVACY & SECURITY
November 01, 2020
PRIVACY & SECURITY
October 06, 2020
PRIVACY & SECURITY
August 16, 2020
PRIVACY & SECURITY