← Back to blog

I spent three years building upskillfinder.com, a platform that helps professionals find and navigate online certifications. In that time, I personally completed more than 30 certifications across cloud platforms, security, and project management.

I also found the services that would have done it for me, for around $200 each, pay-after-pass.

This is a short account of how those services work, what the certification market can't see, and why the credential on your candidate's resume might not mean what you think it does.

The Proxy Service Model

The operation is straightforward. A candidate finds a "certification assistance" service through targeted ads, Telegram groups, or forums. They pay a deposit or agree to pay only after a passing score is confirmed. A human expert—typically someone who has already passed the exam multiple times—sits the assessment remotely while the candidate's account is logged in.

The exam platform sees a valid login, a live video feed if webcam proctoring is active, and a passing score. The certificate is issued to the candidate. Nobody flagged anything.

The pricing varies by certification difficulty and prestige. A basic cloud associate exam might run $150–$200. A harder enterprise architect exam from the same provider might cost $400–$600. The economics make sense for both sides: the proxy earns more than most hourly consulting rates, and the candidate gets a credential that can justify a $15,000–$40,000 salary increase.

The certificate is identical to one earned legitimately. Same logo. Same issuer. Same metadata. The hiring manager cannot tell the difference from the PDF.

What I Found While Building upskillfinder

When I started mapping the certification ecosystem for the platform, I expected to document which certs were worth pursuing, how long preparation realistically took, and what skills they actually validated.

What I found alongside that was a parallel market. For nearly every certification I completed honestly, there was a service offering to do it for me. The pass rates they advertised were high—some claiming 95%+. The reviews were positive. The operations were professional.

I had spent real time on those certifications. I had the skills the exams were supposed to measure. And the certificate I received was, from the outside, indistinguishable from the one a proxy service would have produced.

That asymmetry matters. The credential system only works if the credential signals the underlying skill. Proxy services detach the two. The certificate still circulates; the skill it was supposed to verify never existed.

Why Browser-Based Proctoring Doesn't Stop This

The obvious response is: webcam proctoring catches this, because the wrong person is on camera.

Except the services that have operated for years have worked around that too.

Remote desktop injection: The candidate sits in front of their webcam, maintaining gaze and presence for the proctoring camera, while the exam itself is being answered remotely on a shared screen. The webcam sees the right face. The keyboard input comes from elsewhere.

Co-located proxies: The "proxy" is physically present at the candidate's location, sitting just outside the camera frame and feeding answers verbally or through a second device. The proctoring software sees one person, one screen.

AI-augmented proxies: More recently, the proxy isn't even a human specialist. The candidate uses an AI assistant on a separate device to generate answers in real time. The proxy "service" is now just a ChatGPT subscription and a second phone.

In each case, the proctoring software records a clean session. The exam platform's audit log shows no violations. The certificate gets issued.

What Verification Actually Requires

A certificate is a claim. Verifying that claim requires more than looking at the document.

True verification requires knowing three things: that the person who took the exam is the person claiming the credential, that the exam environment was controlled during the assessment, and that the session didn't involve external assistance—human or AI.

Most certification platforms can confirm the first weakly (name and login match) and can't confirm the second or third with any real confidence.

What changes that is a detection layer that operates at the session level rather than the document level. This means:

• Identity verification at session start: biometric or ID-match binding the logged-in account to the physical person present
• Network-layer monitoring: blocking and flagging access to AI APIs, remote desktop protocols, and screen-sharing services during the exam
• Tamper-evident session artifacts: a signed audit record that proves the session data hasn't been altered after the fact

Without these, the credential market operates on trust—and proxy services have been quietly eroding that trust for years.

The Hiring Signal Problem

The downstream cost lands on the people who rely on the signal.

A hiring team evaluates two candidates. Both hold the same certification from the same issuer. One earned it. One bought it. The hiring process cannot distinguish between them on that dimension alone.

This means the credential that was supposed to reduce uncertainty—to give the hiring team a verified signal about a specific skill—has become noise. Worse than noise: false confidence. The team makes a decision based on a data point that doesn't reflect reality.

This compounds across the market. As more credentials get purchased, the signal-to-noise ratio of the certification market degrades. Employers start discounting certifications they used to trust. The candidates who earned their credentials legitimately lose the signal value that made the work worthwhile.

I spent three years building infrastructure to help people navigate certifications because I believed they could be a genuine leveling mechanism—a way for someone without a prestigious degree to demonstrate real skill. Proxy rings undermine exactly that.

Fixing it requires exam platforms and certification bodies to operate at the session level, not the document level. The tools exist. The question is whether the industry deploys them before the signal degrades past the point where it matters.

Aiseptor provides exam platforms with network-layer integrity verification — blocking AI APIs, remote desktop tools, and screen-sharing services at the WireGuard level, with tamper-evident session records. Contact us about a pilot →