How certification bodies can defend credentials in the age of generative AI.

Why certification is different

Universities run high-volume, repeatable assessments. A student who narrowly fails a final can sit a supplementary exam, re-register the module, change majors, or graduate a semester later. The institution's worst-case for a single mishandled disciplinary case is reputational and individual; the system absorbs imperfect decisions.

Certification bodies don't have that absorption capacity.

The qualifying assessment for a profession — the ECSA professional review for engineering registration, the HPCSA Board exams for medical practitioners, the SAICA APC for chartered accountancy, the LPC competency-based examination for legal admission — is, for most candidates, a once-or-twice-in-a-career event. The candidate has typically completed a degree, several years of articles or supervised practice, and substantial study before sitting the exam. A wrongful refusal of credential isn't a setback; it's a career-stage rupture.

Three properties follow from this.

Identity-at-scale. A certification candidate has one identity to verify, typically tightly bound to professional registration documents. Paid impersonation is more valuable here than at university (the marginal value of admission to a profession exceeds the marginal value of a single course pass) and the candidate-side incentives are correspondingly larger. Continuous identity verification matters more, not less, here.

Appeal exposure. Candidates who fail a qualifying exam — particularly if the failure carries an integrity finding — frequently have legal representation. Hearings are formal, evidence-led, and often public. The certification body's procedure has to satisfy administrative-law standards (procedural fairness, the audi alteram partem rule, reasonable evidence). Vendor algorithm output that the candidate can't see and the body can't explain is, in this setting, malpractice.

Regulatory scrutiny. Most certification bodies are themselves supervised by a national authority (the Council on Higher Education in SA for some, the QCTO for others, sectoral SETAs, treasury regulators in financial-services contexts). Their procedures get audited. A proctoring vendor that can't demonstrate clean evidence-handling practices exposes the body — and through the body, the regulator — to scrutiny.

The four cheating modes, viewed from a certification body's seat

The four post-ChatGPT cheating modes (chatbot generation, real-time dictation, paid impersonation, autonomous agents) all apply to certification, but the priority order shifts.

For universities, chatbot text generation is the volume threat — millions of essay assignments, low marginal cost per cheating attempt. For certification bodies, paid impersonation moves up the list. The marginal value of getting through the exam is much higher; markets exist (and have for decades) for paid exam-takers. AI agents that can pass an oral or coding-style exam in real time, on behalf of the candidate, are an emerging variant.

Real-time dictation is also more dangerous in certification because the qualifying exam often involves applied-judgment questions — case scenarios, clinical reasoning, ethics dilemmas — where a paragraph of relevant context fed in by a coach can be the difference between pass and fail. Bone-conduction earpieces with offsite collaborators have been documented in published reports of certification cheating going back several years; the addition of AI as the offsite collaborator has only made the model more dangerous.

What a defensible evidence chain looks like

The evidence chain that survives a competent tribunal has four properties.

Complete

Every claim — identity verified at minute 23, second voice detected at minute 47, gaze break at minute 89 — must be backed by the underlying timestamped artefact. Not "the system said so." The actual clip, the actual face match score, the actual audio sample. Tribunals don't accept algorithmic conclusions as fact; they accept them as evidence subject to challenge.

Contemporaneous

The artefact has to have been generated at the time the event occurred and not modifiable after the fact. This means cryptographic timestamping, evidence-chain logging, and immutable storage. Vendor systems that allow operators to "re-process" recordings after the fact create gaps that any competent appellant counsel will exploit.

Transparent to the candidate

The candidate must be able to see, in their own terms, what the system flagged and why. "The AI flagged you" is not a sufficient explanation. "At 14:23 the system detected a second voice, here is the audio clip, here is the face-match score for the speaker, here is your opportunity to respond" is the standard. Without it, the appeal almost certainly succeeds — even if the candidate did, in fact, cheat.

Defensible to a lay tribunal

Tribunals are typically composed of senior practitioners, lawyers, and lay members — not AI engineers. The evidence has to be presentable in language they can evaluate. A vendor whose flagging logic is "proprietary and not disclosable" is, at best, useless to the body; at worst, it actively damages the case.

A vendor whose flagging logic is "proprietary and not disclosable" is, at best, useless to the certification body; at worst, it actively damages the case.

Identity at certification scale

Certification identity verification has properties that university systems often gloss.

The candidate's identity is bound to professional registration paperwork — typically issued years before the qualifying exam, sometimes including national-ID-grade biometrics held by the body itself or a partner authority. A continuous identity check during the exam is comparing against a much higher-confidence reference set than a typical university face match.

This works in the body's favour: a verified candidate-identity match is harder to dispute than a university-managed selfie comparison. But it requires architectural support. The proctoring system has to accept reference biometrics from the body (not require its own enrolment), match against them at relevant intervals, and produce evidence that holds up to comparison with the body's own records.

Vendors that only support their own enrolment flow — "we'll capture the candidate's face the day of the exam" — fail this requirement. The body's existing identity record is more defensible; the vendor needs to use it, not replace it.

What certification bodies should require

A procurement specification for a certification body in 2026 should require the following at the minimum-acceptable level:

1. OS-level lock-screen on candidate devices, native to the OS, blocking automation tools and second-screen mirroring at the syscall layer.
2. Continuous identity verification against the body's existing reference biometrics (not vendor-managed enrolment), with timestamped match records.
3. Dual-camera workspace coverage, with both feeds packaged into the evidence record.
4. On-device flagging that produces a small number of high-confidence segments with timestamped clips, not hours of streamed video.
5. Cryptographic evidence chain: hash-chained logs, tamper-evident storage, immutable timestamping.
6. Candidate-visible evidence portal: the candidate can review every flag and evidence artefact, before the appeal.
7. Disclosable flagging logic: the body can document, in plain language, what each flag type means and how it's generated. No black-box conclusions.
8. Sovereign-deployable: the body can host the platform on infrastructure under its own control, particularly in jurisdictions with strict data laws.
9. Audit-grade logging: every operator action on the platform (review, export, modification) logged with non-repudiation.
10. Operator agreement that pre-signs to the body's standard procurement terms, including breach notification, retention windows, and right of audit.

Vendors that meet all ten are operating at certification-grade. Vendors that meet six or fewer are SaaS proctoring repurposed; the body is taking on the residual risk that the vendor isn't carrying.

The opportunity ahead

The certification space across Africa is, in 2026, in the middle of a multi-year evaluation cycle. Most major bodies — ECSA, HPCSA, SAICA in South Africa; ICPAK, LSK, KMA, EBK in Kenya; the Egyptian Society of Engineers; the Ghana Bar Association — are reviewing their remote-exam policies in light of post-ChatGPT capability and post-COVID expectation. The procurement requirements at this level are unusually exacting, but the contracts are also long, the volumes are stable, and the validation effect on a vendor's reputation is substantial.

A proctoring platform that lands a major certification body — and operates cleanly through one full assessment cycle — has effectively earned certification-grade reference status across an entire region. The pull-through into university and enterprise sales is significant.

For the bodies themselves, the question is whether the legacy proctoring vendor on contract has actually adapted to the post-ChatGPT threat model, or whether the renewal is buying time on architecture that no longer fits. Most legacy vendors haven't. The institutions and bodies that move first earn both better defensibility and the option of a multi-year platform partnership before market pricing tightens.

Conclusion

Certification credentials are valuable specifically because they're hard to obtain — and the proof of that hardness is the body's ability to defend the credential's integrity to anyone who asks. In an environment where generative AI is universally accessible and the threat model has shifted permanently, defending the credential requires architecture, not policy.

The bodies that move now to prevention-first proctoring with audit-grade evidence chains will, in five years, be the ones whose credentials retain their professional and legal weight. The ones that don't will be the ones whose certificates trade at a discount.