Most remote proctoring products were not built for examination integrity. They were built for video conferencing and adapted. The core capture and transport mechanisms were designed for meetings — cooperative environments where no one is trying to defeat the camera — not for the adversarial reality of a high-stakes examination where candidates are motivated to beat whatever is watching them.

OroLink takes a different approach.

Built for examinations, not meetings

OroLink is an open-source, low-latency remote-delivery protocol built from the ground up with examination integrity as the primary design requirement. It is not a layer on top of existing video-conferencing infrastructure. It owns the entire stack — from the moment pixels are read off the screen hardware, through encoding, transport, decoding, and display on the proctor's monitor.

That ownership is the whole point. Because OroLink controls the capture layer, it operates at a stage of the rendering pipeline that precedes the point where cheating tools hide themselves.

How OroLink sees what others cannot

When a candidate runs an AI assistance overlay during an OroLink-proctored session, the proctor dashboard shows two simultaneous feeds:

  • The standard view — what any screen-sharing tool would produce. A normal desktop. Nothing suspicious.
  • OroLink's full capture — the complete, unfiltered frame, including the overlay the candidate intended to hide.

The proctor sees the AI-generated answers appearing on the candidate's screen in real time. Not a flag in a log. Not a risk score that might be wrong. The actual tool, on the actual screen, in the actual session.

Why open source

Examination organisations are understandably cautious about software that runs on candidate machines. Proprietary proctoring tools ask institutions to trust what they cannot see. We think that is the wrong model for security-critical software.

OroLink's protocol, detection engine, and client software are fully open source. Any institution can audit every line of what runs on candidate machines before making a deployment decision. The security community can identify and report vulnerabilities. Candidates can verify what is being monitored.

Transparency is not a weakness in a security product. It is a requirement.

What OroLink detects

Beyond hidden-overlay tools, OroLink addresses the broader landscape of organised examination fraud:

  • Input behaviour analysis identifies the timing signatures of remote keyboard and mouse input — detecting proxy exam-taking, where an expert answers while the candidate sits in front of the camera.
  • Cross-session pattern analysis finds measurable similarities in answer structure, writing style, and response characteristics across sessions — surfacing the expert solvers behind multiple fraudulent examinations, not just individual incidents.
  • Continuous identity signals monitor behavioural consistency throughout the session, beyond the initial face-verification check.
  • Network monitoring flags outbound connections to AI cloud services during examination sessions.
  • Behavioural analysis uses gaze and response-timing patterns to detect the signatures that AI-assisted answering tends to produce.

What OroLink does not claim

OroLink does not claim to catch everything. Organised fraud operations with sophisticated technical capabilities represent a genuine challenge for any software-based proctoring system, and we will not pretend otherwise. What OroLink does is close the most significant gaps in current proctoring — particularly the invisible-overlay problem the entire industry has been unable to address — and make organised fraud significantly more expensive and detectable.

That honesty matters. A proctoring product that overstates its reach teaches institutions to trust outcomes they should be questioning.

Get started

The protocol is available at github.com/orospor/orolink. Examination organisations interested in piloting OroLink can contact us or read the full OroLink overview.

Key takeaways

  • OroLink owns the capture-to-display stack, so it sees the unfiltered frame the proctor needs.
  • Every component on candidate machines is open source and auditable — no black box.
  • It targets the full fraud landscape (overlays, proxies, solver networks) while being honest about its limits.