To secure an online exam, organizations generally rely on two main approaches: blocking certain actions with a lockdown browser, or detecting risky behaviours through digital monitoring, activity logs and the collection of reviewable evidence. The first approach is restrictive. The second is deterrent-based and evidence-driven. In both cases, there is no such thing as zero risk: the goal is to reduce risks in a way that is proportionate, clear and defensible.
What is a lockdown browser?
A lockdown browser is a tool that limits what a candidate can do on their computer during an online exam. Depending on how it is configured, it can prevent candidates from opening other tabs, accessing certain websites, using external applications, copying and pasting, or leaving the exam environment.
This approach is based on a simple principle: creating a closed digital environment.
In many cases, a lockdown browser requires the installation of software, an extension or an add-on. It is also often used alongside an LMS or another exam platform, which adds an additional technical layer.
What can a lockdown browser actually block?
The first drawback of a lockdown browser is technical friction. When candidates have to install software, update an add-on or change their device settings, the risk of technical issues increases before the exam even begins.
This friction can also widen the digital divide. Not all candidates have the same level of comfort with installing a tool, managing permissions or troubleshooting technical issues. Some use an older device, or a device on which it is impossible to install software, such as certain Chromebooks or devices locked down by an organization. Others do not have quick access to technical support.
Professional devices must also be taken into account. In banking, public, institutional or highly regulated sectors, many candidates use a work computer on which they do not have the administrator rights required to install software. In this context, a solution that requires installation can become a major organizational barrier.
Lockdown browsers can also raise privacy concerns. Candidates want to understand what data is collected, why it is collected, who has access to it and how long it is retained. The e-Assessment Association, an independent nonprofit professional organization specializing in digital assessment, emphasizes that online proctoring must be supported by clear measures to address privacy and transparency concerns.
Finally, when a lockdown browser is added to an LMS or another platform, the ecosystem becomes more complex. The more tools there are to configure, the more technical dependencies exist at a critical moment. This complexity can affect the candidate experience and increase the support burden for the teams responsible for assessment.
Detecting: a deterrent approach based on evidence
A detection-based approach does not necessarily aim to block every possible action. Instead, it aims to make risky behaviours visible, traceable and reviewable. It is a deterrent approach, but also an evidence-based approach.
In a proctored exam, candidates know that their environment may be monitored according to defined settings: camera, microphone, screen sharing, identity verification, activity logs or flagged events. This transparency creates a deterrent effect. The message is clear: the exam is not unmonitored, and unusual behaviours can be documented.
The difference is important. A restrictive tool attempts to prevent certain actions, but it does not always provide a complete picture of what actually happened. A detection-based approach, on the other hand, makes it possible to collect evidence: video sequences, screenshots or screen recordings according to authorized settings, technical events, navigation traces within the exam, interruptions, absences, behavioural changes or observable inconsistencies.
These elements are not only used to flag a risk. They also help support a fairer decision. An alert is not automatically a violation. It becomes an element to be analyzed in context. This is why human review remains essential, sometimes supported by AI agents or automated indicators.
Detecting does not simply mean monitoring. It means collecting relevant, traceable and reviewable evidence to support a fair and documented decision.
What are the advantages of a detection-based approach?
The first advantage of a detection-based approach is that it can be designed to better respect privacy. Rather than broadly locking down the candidate’s digital environment, it allows organizations to define precisely what should be observed, documented and retained as evidence. When properly governed, this approach supports proportionate data collection: only the elements needed to preserve exam integrity, with clear rules regarding access, use and retention of personal information.
The second advantage is inclusion. A detection-based strategy can be more compatible with different candidate profiles, different devices and certain accommodation needs. For example, it can help govern the use of reading assistance tools, writing assistance tools, text-to-speech software, authorized writing aids or online dictionaries, when these resources are permitted by the organization. It avoids imposing an overly rigid software layer that could interfere with assistive tools, specific configurations or controlled professional environments.
The third advantage is simplicity. When a platform operates in SaaS mode and does not require local installation, the candidate experience becomes smoother. Participants do not need to install software, obtain administrator rights or change their device configuration. This reduces technical risks before the exam and simplifies deployment for the teams responsible for assessment.
Finally, this approach supports decision-making after the exam. The evidence collected can be reviewed by an authorized person or a human proctor, with potential support from technological tools. This logic is especially useful for high-stakes exams, because it makes it possible to document events instead of relying solely on a technical blocking mechanism.
What is the difference between a lockdown browser and a detection-based approach?
Criterion | Blocking” approach with a lockdown browser | “Detection” approach with integrated monitoring |
|---|---|---|
| Philosophy | Restrictive | Dissuasion |
| Objective | Prevent certain digital actions | Deter, document and collect reviewable evidence |
| Type of control | Upfront control | Observation, traceability and analysis during the exam (live proctoring) or after the exam (asynchronous proctoring) |
| Installation | Often required | Can work without local installation |
| Privacy | May raise more questions depending on the data collected and permissions required | Can be more proportionate if the data collected is limited, explained and properly governed |
| Inclusion | To be validated depending on the tools, accommodations and devices used | More flexible for different candidate profiles and technical contexts |
| Candidate experience | More restrictive | Generally smoother |
| Physical environment | Not covered by locking alone | Covered through camera and microphone recording options |
| Final decision | Based mainly on restriction | Based on evidence |
Can blocking and detection be combined?
Yes, it is possible to combine certain elements of both approaches. For example, a deterrent-based platform could enforce full-screen mode during the assessment to limit exits from the exam environment, while maintaining a logic of detection, evidence collection and review.
However, each added restriction must be assessed based on its impact on the candidate experience, accessibility, professional devices, IT policies and the protection of personal information. The more restrictive a solution is, the more it must be justified.
A hybrid approach may seem relevant, but organizations should avoid adding restrictions solely to create an impression of control. Each measure must address a real risk, be understandable for candidates and remain proportionate to the stakes of the exam.
Why does human review remain essential?
Technology can flag unusual behaviour, but it should not fully replace human judgment. An alert must be contextualized. In addition, an AI agent and algorithmic analyses can help identify certain signals, but the final decision must remain clear, fair, explainable and reviewable.
This precaution is especially important in high-stakes exam contexts, where a decision may have academic, professional or regulatory consequences. Evidence must be interpreted according to the exam rules, the observed context, the organization’s policies and the rights of the individuals concerned.
This issue is directly connected to privacy principles. In Québec, Law 25 reinforces the importance of not treating an automated alert as a definitive conclusion. When a decision is based exclusively on automated processing of personal information, information and review obligations may apply. In Europe, the GDPR also provides that a person has the right not to be subject to a decision based exclusively on automated processing, including profiling, when that decision produces legal effects or significantly affects them. In a proctored exam context, these frameworks reinforce the value of clear, documented and explainable human review.
In this context, human review is not just an operational best practice. It helps make the process more transparent, more proportionate and more defensible. It prevents a technical alert from being automatically interpreted as a violation, and strengthens the organization’s ability to explain how a decision was made.
For proctored exams, this means that evidence should not be treated as a conclusion in itself. It must be analyzed, contextualized and documented by an authorized person, with possible support from technological tools. This approach helps protect both exam integrity and candidates’ rights.
Which approach should you choose to secure your online exams?
The real question is not simply choosing between two technologies. It is choosing between two philosophies: a restrictive approach, which aims to lock down the digital environment, and a deterrent approach, which relies on monitoring, traceability and evidence collection.
For organizations that want to secure their online exams without multiplying installations or complicating the candidate experience, an integrated platform like Nexam offers a balanced path. It helps support assessment integrity while taking into account accessibility, privacy and the technical realities candidates face.
A detection-based approach is not only about monitoring. It is about the ability to collect useful, proportionate and reviewable evidence in order to support fairer and better-documented decisions.
That said, monitoring is not the only measure to consider when preventing cheating and plagiarism in an online exam. A secure assessment relies instead on a set of complementary measures applied at different levels, including:
- Identity verification
- Access management
- Randomized questions
- Selection from question banks
- Time limits
- Blocking of a second screen
- Activity logs
- Integrity declaration
It is therefore the combination of these mechanisms that makes it easier to implement a more secure exam, without relying on a single control measure. To explore this topic further, see the “Features to ensure integrity” section of our article Advantages and disadvantages of asynchronous proctoring.
The instructions shared with candidates also play an important role. Clear rules before the exam help specify the authorized materials, expected behaviours, permitted tools, technical requirements and possible consequences in the event of non-compliance. This clarity reinforces the deterrent effect of proctoring and reduces ambiguity during the review process. To go further, see also our article: What instructions should be included to secure an online exam?
To discover how Nexam can support an integrated approach to securing online exams, schedule a demo with the Nexam Solution team:
👉 https://go.nexam.io/en/schedule-a-demo
FAQDoes a lockdown browser prevent all cheating?No. A lockdown browser limits certain digital actions, such as opening other tabs or accessing external applications, but it does not fully control the candidate’s physical environment, such as the use of a cellphone, paper notes or help from another person. What is the difference between blocking and detecting in an online exam?Blocking means restricting certain actions during the exam. Detecting means monitoring, documenting and collecting evidence to enable a contextual review of risky behaviours. Is detection less secure than blocking?Not necessarily. It is based on a different logic: deterring risky behaviours, collecting evidence and supporting a human decision, rather than systematically locking down the digital environment. Why is evidence collection important?Evidence collection helps understand what actually happened during the exam. It helps distinguish between a technical anomaly, an accidental behaviour and a genuinely problematic event. Why is human review essential?An automated alert should not be treated as a definitive conclusion. Human review makes it possible to analyze the context, document the decision and protect candidates’ rights, especially when the exam may have significant consequences. Can an exam be secured without installed software?Yes. Some SaaS platforms, such as Nexam, make it possible to proctor an online exam directly from the browser, depending on the configured settings, without requiring local software installation. Is proctoring enough to secure an online exam?No. Proctoring is one measure among others. Exam security also relies on identity verification, candidate instructions, question banks, randomized questions, the use of authentic question formats such as video responses, time limits, activity logs and navigation rules. |