angle-up angle-right angle-down angle-left close user menu open menu closed search globe bars phone store

TOEFL® Test Security: Prevention

Here are some of the ways we use preventive measures to protect the integrity of TOEFL® test scores.

Establishing Secure Test Centers and Training Administrators

The TOEFL iBT® test is taken at Certified Test Administration Sites (CTAS). Each CTAS undergoes a screening process designed to ensure secure testing, including an initial pre-qualification review to determine if the facilities meet security and CTAS technical requirements.

Test center staff are thoroughly trained to manage test administrations and are required to follow the procedures outlined in the Policies, Practices and Procedures Manual. As such, they are required to pass a certification exam to demonstrate their knowledge of test delivery, as well as testing policies and procedures, before they can serve as Test Center Administrators.

ETS conducts announced and unannounced audits of test sites, as well as visits by mystery shoppers, to observe and confirm that ETS standards are being properly applied at test centers around the world.

Delivering Test Content

Test content is delivered directly from ETS to the test taker's computer at the test center using the same internet security protocols as those used by major financial institutions for secure transmissions. The communication channel uses state-of-the-art encryption, and if a transmission is altered or disrupted, our software will detect it.

Centrally controlled, state-of-the-art algorithms ensure that test content is different among test centers and across time zones, minimizing opportunities to steal content. And with more than 60 test dates a year and a bigger bank of test questions, we limit the exposure of test content, unlike other tests that are administered almost daily.

At the beginning of each test administration, the test software automatically closes all non-TOEFL iBT windows or applications, including instant messaging (IM). It closes any applications that try to open during the test and then automatically logs the incident. The software also locks the desktop, suppressing key combinations so the test taker cannot switch to any other application.

Instituting and Enforcing Test Taker Rules and Requirements

Test takers have to meet several security requirements, including:

  • showing ETS-approved forms of identification
  • providing handwriting and signature samples
  • having their photo taken and embedded in their score reports

Test takers who refuse or fail to follow any instructions from test center staff are not permitted to test. For the full list of security policies and procedures, download the TOEFL® Registration Bulletin.

Maintaining the Quality of Scoring and Score Reporting

To further safeguard against test takers obtaining unfair advantages, no scoring is done at the test center. ETS separates the scoring process from the testing process, eliminating many security issues that would arise from giving test administrators access to scoring tools. Also, test administrators cannot be directly involved in English-language instruction or test preparation, and they cannot administer the test to an individual where it could present the appearance or actual possibility of a conflict of interest.

Because ETS separates scoring from test administration, raters receive spoken and written responses from test takers worldwide; there is no possibility they will know the individuals whose responses they are given to score. For more information, see:

Next: Detection