Paraakh
Book a demo
Platform All solutions
Modules
HireExamineGrowComply
AI capabilities
AI Voice InterviewAI Question GenerationCoding Assessments
Also for
For EducationFor AgenciesFor Training Institutes
Industries
Information TechnologyManufacturingHealthcareBFSI Why Paraakh Pricing Book a demo
Security & trust

The boring layer that makes the rest defensible.

When the auditor, the client, or the candidate questions a result, the answer has to hold up. Here's the architecture that makes sure it does.

Platform security

Six pillars under everything Paraakh does.

🔐

Tenant isolation

Multi-tenant architecture with hard isolation at the database and API layer. Your content, candidates, and results never cross a tenant boundary.

🛡️

Role-based access control

Granular permissions per evaluator: who can create exams, view results, manage questions, run shortlisting — controlled per role, per tenant.

📜

Tamper-evident audit trail

Every score, every violation, every certificate carries an immutable, time-stamped record — built for compliance, dispute, and audit.

🗄️

Append-only ledger

Billing and AI-usage records are written once and never updated. A full transaction history for every credit, debit, and refund.

🔑

JWT-based sessions

Token-based authentication with role-scoped JWTs. Guest candidate links are time-bounded, single-purpose, and revocable.

🌐

Cloud-native storage

Webcam evidence, screen recordings, and certificates are stored in encrypted S3-compatible object storage with signed access URLs.

Exam integrity

Ten layers of proctoring. Configurable per exam.

Strict for a high-stakes certification, lenient for a practice quiz — every layer is logged, severity-classified, and reviewable by a human before any auto-fail.

Webcam + face detection

Live monitoring with face-api.js detection of no-face / multiple faces.

Screen recording (opt-in)

Candidate-consented screen capture stored as exam evidence.

Devtools detection

Browser devtools, console, and view-source detection with auto-submit.

Tab-switch tracking

Tab changes, window switches, and focus loss timestamped per session.

Fullscreen enforcement

Mandatory fullscreen with violation logging on exit.

Voice detection

Audio detection during exam to catch verbal cheating.

Compliance posture

Built for the day someone asks for proof.

AUDIT

Audit-ready, not audit-ready-eventually

Coverage, certifications, expiry, and recert workflows are tracked continuously — not assembled the week before the auditor lands.

EVIDENCE

Defensible decisions

Every shortlist, score, and certificate has the evidence behind it: violation logs, time analysis, category breakdown, the rubric used.

RETENTION

Configurable retention

Per-tenant retention policies on candidate data, proctoring evidence, and assessment records — your jurisdiction, your rules.

Certifications & data residency

Working towards SOC 2 Type II and ISO 27001. Regional data residency available on enterprise plans. For a current security questionnaire, customer reference architecture, or data-processing addendum — talk to our team.

Defensible by design

Need our security questionnaire?

Tell us what your procurement team needs — questionnaire, DPA, reference architecture, pen-test summary — and we'll get it to you fast.

Contact security
Book a demo