Glossary

AI cheating detection — definition, examples, and why it matters in 2026

AI cheating detection in coding interviews is the practice of identifying unauthorized or undisclosed AI assistance. Definition, why keystroke heuristics fail in 2026, and how process telemetry catches contradictions instead.

Also known asAI cheating detection in interviewsAI cheating preventionAI-proof coding interviewChatGPT cheating detectionAI plagiarism detection in technical hiring

Definition

AI cheating detection in coding interviews is the practice of identifying whether a candidate is using AI assistance against the assessment's rules — or, in the post-2024 model, whether the AI assistance the candidate disclosed actually matches what they did. The honest version of this problem looks for contradictions in a record of the candidate's work: prompts that don't match the final code, code that appears without a corresponding prompt or edit, claims that the timeline can't account for. The legacy version uses typing-speed, paste-frequency, and pause-pattern heuristics that were trained on a pre-AI world and that, in 2026, flag good agentic coding as cheating.

Why the term exists / why now

For most of the 2010s, AI cheating in a coding interview wasn't a category. The cheating to worry about was someone Googling LeetCode answers or having a friend write the code for them, and even those were edge cases. The assessment platforms shipped detection layers built around that threat model: keystroke linearity, paste frequency, focus tracking, "suspicion scores."

Then ChatGPT happened. Then Claude Code happened. By 2026, 91% of engineers use agentic AI at work, and 75% have shipped AI-generated code to production in the last six months. The threat model didn't just expand — it inverted. The candidate using Claude Code well types exactly like the candidate pasting an answer they didn't write: fast, linear, frequent pastes from the chat pane into the editor. The keystroke heuristics built to catch cheaters now flag every serious senior engineer.

The "AI cheating detection" term is in active circulation in 2026 mainly because vendors selling sandbox-era assessments are using it to market features that don't actually work. Their detection layer is downstream of an architecture that, in CodeSignal's own words, "has no authority or technical means to monitor other software running on a candidate's machine." A senior who opens Claude Code on a second monitor walks through their detection layer untouched.

The honest version of the problem in 2026 looks completely different. The question isn't "did the candidate use AI" — almost everyone does, and most companies have stopped banning it. The question is "does the AI use the candidate disclosed match what the record shows they did." That's a contradiction-detection problem, not a keystroke-statistics problem, and it requires capturing the candidate's actual AI session.

What AI cheating detection is NOT

Not a keystroke-linearity model. Typing rhythm tells you nothing in 2026. Good agentic coding looks like pasting.
Not a paste-event frequency flag. Pasting from a chat pane into an editor is what working with Claude Code looks like.
Not a webcam-based proctoring overlay. Face detection and gaze tracking detect test-room behavior, not AI use, and the false-positive rate is high enough that recruiters end up manually clearing flags on every serious candidate.
Not a code-plagiarism cross-reference against a submission database. Two candidates using the same model on the same prompt will produce similar code legitimately. Plagiarism heuristics confuse model output with copied work.
Not the same as banning AI. Banning AI in 2026 measures whether the candidate decided to cheat, since detection is broken either way. The signal is inverted: either they used AI and solved it instantly (your signal is noise), or they didn't (you rejected them for not using the tools their coworkers use every day).
Not the same as proctoring. Proctoring catches non-AI cheating signals (someone else in the room, switching tabs to look up the answer). It's a different problem with a different threat model.

How AI cheating detection works in practice

The 2026 model uses process telemetry as the substrate. The platform captures the candidate's actual AI session — every prompt, every diff, every command, every decision, every tool call — and then looks for the patterns that indicate undisclosed assistance or misuse:

Prompt-vs-diff contradictions. Code appears in the final submission that has no corresponding prompt or edit in the timeline. The candidate either pasted it in from somewhere off-record (a second AI session, a teammate, a previous submission) or claimed work the timeline can't account for.
Decision-without-reasoning gaps. The candidate marks a decision but the prompt and command history around it don't show any of the exploration the decision implies. The candidate is narrating a story that doesn't match the trace.
Off-session code injection. A diff arrives without a preceding prompt or model response — meaning the candidate pasted code from outside the captured session into the editor. Common signal for "asked a different model in another window."
Verification gaps. The candidate claims they tested the change. The command history shows no test run.

These signals are about contradiction, not about typing speed. A senior pairing well with Claude Code generates a coherent record — their prompts, the model's responses, the diffs, and the commands all line up. A candidate who farmed the answer somewhere else generates an incoherent one.

The transcript itself is the trust anchor. Each event is signed with a per-session Ed25519 key at the moment it's written. The signature includes a hash of the previous event's signature, so any edit — adding, changing, removing — breaks the chain at the point of edit. promptster verify PST-XXXX walks the chain offline and outputs chain verified or the index of the broken link. The candidate's laptop is the root of trust.

How AI cheating detection in 2026 differs from legacy proctoring

Legacy proctoring / keystroke heuristics. Built on the assumption that the candidate types every character of their own answer. Flags fast pastes, non-linear edits, focus changes, missing face-on-camera frames. The threat model is "candidate has somebody else in the room or is Googling the answer." False-positive rate on senior agentic coders is high enough to make the signal a liability rather than an asset.

Process-telemetry-based detection. Built on the assumption that the candidate is using AI and the question is whether their disclosed usage matches their actual usage. Flags contradictions in a typed event log. The threat model is "candidate is misrepresenting their workflow, not their tools." Works in a world where AI use is the default, not the exception.

The two answer different questions. The first was the right question in 2018 and the wrong question in 2026. The second was unnecessary in 2018 and is the right question in 2026.

Common questions

How do you catch AI cheating in a coding interview in 2026? You don't catch "AI cheating" because AI use is the default. You catch contradictions — places where the candidate's disclosed workflow doesn't match the record of what they actually did. That requires capturing the candidate's real AI session, not flagging their typing speed.

Why don't keystroke heuristics work anymore? Because a senior engineer pasting code from a Claude Code chat pane produces the same keystroke trace as a cheater pasting an answer from a forum. Same signature, different intent. The signal can't separate them.

Can you detect ChatGPT cheating in a coding interview? If the candidate is supposed to be using Claude Code (or no AI at all) and they're secretly using ChatGPT in another window, that shows up as off-session code injection in the process-telemetry record: diffs without preceding prompts, code that appears without an edit. The contradiction is the signal.

Are AI plagiarism scanners useful? Limited. Two candidates prompting the same model with similar problem statements produce similar code legitimately. Plagiarism scanners confuse model output with copied work and generate false positives that recruiters have to clear manually.

Is webcam proctoring still worth it? Webcam proctoring catches different cheating (someone else in the room). It does not catch AI cheating. Plenty of teams in 2026 are dropping the webcam entirely for senior loops because the candidate experience cost is real and the AI cheating it claims to address is not the cheating it actually catches.

What's an AI-proof coding interview? There's no such thing as AI-proof — and the framing is the wrong one. The right framing is AI-native: an interview that expects AI use, captures the workflow, and grades how the candidate orchestrated the agent. That's the assessment Claude Code can't trivialize because the signal isn't the final code.

How do I know the transcript wasn't doctored after the fact? The transcript is signed at the candidate's machine with a per-session Ed25519 key, and each event signature includes a hash of the previous one. Any edit breaks the chain. You verify offline with promptster verify PST-XXXX.

Related terms

Sources

The code is no longer the signal — why keystroke heuristics fail and what to measure instead.
What Is Process Telemetry in Technical Hiring? A 2026 Primer — definition of the underlying capture model and the contradiction-based detection approach.
Best AI-Era Technical Assessment Platforms (2026) — comparison of how the incumbents handle (or don't handle) AI cheating.
CodeSignal: Cheating & Fraud — incumbent admission that browser sandboxes cannot observe desktop AI tools.