Does Codility Detect Screen Recording or Second Screens? (2026)

Direct Answer

Codility's 2026 proctoring stack detects screen recording only when the recruiter has explicitly enabled Screen Proctoring or Video Proctoring on the assessment, and even then it sees only the display source the candidate chose to share through the browser's WebRTC capture dialog. The Device Integrity App, introduced in 2024 and expanded throughout 2025 and 2026, scans for known capture, remote-desktop, and AI-assistant binaries at session start. Second monitors are detected by both the display enumeration check in the desktop app and by mouse-exit and focus-loss patterns inside the browser. The platform does not have a generic way to see the contents of overlay windows that never enter the capture buffer, nor does it stream a continuous packet capture of the candidate's machine.

The Two Modes Most Candidates Confuse

The first source of confusion about Codility is that the platform has two materially different assessment formats and four different proctoring tiers on top of them. CodeCheck is the asynchronous take-home assessment that runs in the candidate's browser, with the recruiter reviewing results after the fact. CodeLive is the synchronous shared-editor interview where a human interviewer is on a video call with the candidate in real time. Each format can be configured with no proctoring, behavioral-events-only proctoring, snapshot proctoring with webcam stills, or full Video Proctoring with continuous webcam and screen recording. The signal set the recruiter actually sees depends entirely on which tier they enabled.

The lighter "evaluate" configuration, which many companies use for first-round screens, records tab focus, copy-paste events, and a similarity score on submission. It does not record video or screen. The full proctored configuration adds webcam snapshots, audio capture, screen recording, and the Device Integrity check. A candidate who is told they will be taking a Codility test should ask which configuration is being used; the answer changes the entire detection surface.

What Codility's Behavioral Layer Actually Logs

The behavioral-events layer runs in every Codility assessment by default and does not require any extra permission from the candidate beyond the standard browser sandbox. It logs tab focus changes, window blur events, paste operations into the code editor, the timestamp and length of each typed segment, and any IDE shortcuts that touch the clipboard. Each event lands in the candidate timeline visible to the recruiter after submission, alongside the timeline of code edits.

Tab focus is the most reliable of these signals because the browser exposes the visibilitychange and blur events directly. If the candidate clicks into another window for forty seconds and then pastes a sixty-line block of code, those three events line up next to each other in the recruiter's timeline. Codility does not need any special browser permission to see them. This is also the layer that catches the most common bypass attempts: candidates who briefly check a chat window, candidates who alt-tab to a notes app, and candidates who paste a snippet that was copied earlier from a different tab.

Typing Pattern Detection and the AI-Code Heuristic

Codility's Typing Pattern Detection feature, expanded through 2025 and 2026, looks at the rhythm of keystrokes inside the editor. The model is trained on a large corpus of organic candidate sessions and learns the distribution of pauses, backspaces, and burst-typing patterns characteristic of a human writing code under interview pressure. Sessions where the keystroke distribution looks more like transcription than composition — long pauses, then long bursts of clean typing with no edits — get flagged with a higher behavioral suspicion weight.

This is the layer aimed at candidates who read an AI-generated solution off a second screen and retype it into the Codility editor. The detector does not see the second screen directly. It infers that something off-screen is driving the typing rhythm. Public Codility documentation describes the feature as a signal for review, not a verdict, which means it surfaces a flag on the recruiter dashboard rather than auto-rejecting the submission. Background on why this kind of detector exists and what it actually measures is covered in the broader piece on how AI interview assistants work.

The Device Integrity App

The Codility App for macOS and Windows is the platform's answer to overlay tools, virtual cameras, and screen-capture tools that the browser cannot see on its own. When Device Integrity is enabled on an assessment, the candidate is required to download and run the app before the test starts. The app performs a one-shot scan against a maintained list of process names, application bundle identifiers, code signatures, and known driver names associated with cheating tools, remote-control software, and screen recorders.

The important property of this check is that it is a denylist match at session start, not a continuous behavioral monitor. If a tool's binary is in the list, the candidate is blocked from starting until the binary is closed or uninstalled. If a tool is not in the list — for example, a tool released after the list was last updated, or one that does not register a process name — the Device Integrity check does not see it. Codility's public documentation states the app does not record the screen, monitor keystrokes, or collect personal data beyond the standard assessment.

Screen Proctoring, WebRTC Capture, and What Recording Actually Sees

When Screen Proctoring is enabled, the candidate is prompted by the browser to share a screen, a window, or a single tab. This is the standard WebRTC getDisplayMedia API. The candidate's choice determines what Codility records. Choosing a single tab limits the recording to that tab; choosing the entire display gives Codility a full continuous capture of everything visible on that display, including any overlay windows that are rendered into the standard display buffer.

The recording is stored alongside the assessment for recruiter review. Codility marks suspicious moments in the timeline using a combination of audio energy detection (sudden voice activity), large changes in screen content (an unexpected window appearing), and any paste or focus events that occurred during the same time window. The recording is not analyzed by a content-aware AI vision model in real time; it is stored and reviewed on demand by a human recruiter, with timeline markers driving where they look.

Second-Screen Detection: Mouse Exit, Display Enumeration, and Heuristics

Codility uses two separate mechanisms to detect a second monitor, and they answer slightly different questions. The first is display enumeration through the Device Integrity App: at session start, the app queries the operating system's display API for the number of connected adapters and reports the count back to Codility. A candidate with two physical monitors connected at start time triggers a flag regardless of which one they share.

The second mechanism is mouse-exit pattern analysis inside the browser. The browser exposes mouse position relative to the viewport. If the mouse cursor reaches the edge of the assessment window and crosses into the off-screen coordinate space at the right or top edge of the display — and then re-appears at the same edge after a delay — the pattern is consistent with a cursor moving onto a neighboring monitor. The detector is heuristic. It triggers a behavioral flag rather than a hard block. It also produces false positives: ultrawide monitors with split workspaces, picture-in-picture browser windows, and operating-system features like macOS Stage Manager can all generate similar mouse traces.

Similarity Scoring: How Codility Compares Your Code

Similarity Check is the post-submission layer that compares every passing solution against a corpus of historical candidate solutions, known leaks from question banks, reference solutions written by Codility's own team, and, since 2024, reference solutions produced by major large language models on the same task. The pipeline operates on normalized syntax rather than raw text, so renaming variables and reformatting whitespace does not change the similarity score. A simplified version of what the comparator does, in pseudocode:

function similarity_score(submitted, corpus):
    normalized = normalize(submitted)
    # strip whitespace, rename identifiers to canonical form,
    # convert to language-agnostic AST token stream
    ast_tokens = tokenize_ast(normalized)
    fingerprint = winnowing_hash(ast_tokens, window_size=12, k=4)
    # produce a set of k-gram hashes covering the AST

    best_match = 0
    for reference in corpus:
        ref_fp = fingerprint_cache[reference.id]
        overlap = jaccard(fingerprint, ref_fp)
        if overlap > best_match:
            best_match = overlap
            best_source = reference.source

    return SimilarityResult(
        score=best_match,
        likely_source=best_source,  # e.g. "GPT-4o reference"
        confidence=calibrate(best_match, task_difficulty)
    )

The comparator uses a winnowing fingerprint over a normalized AST, which is robust to identifier renaming, whitespace changes, statement reordering inside a block, and most cosmetic edits. It is less robust against meaningful logical restructuring — a candidate who rewrites the algorithm from a different angle will not match. The output is a similarity score and a candidate source, which the recruiter sees attached to the submission. Codility explicitly notes that the similarity score is not a verdict and that recruiters should review the full submission before making a decision.

Codility vs HackerRank: Where the Detection Surfaces Diverge

The most common comparison candidates ask about is Codility versus HackerRank. The two platforms cover similar ground but with different emphasis. HackerRank's Integrity Signals stack rolls every proctoring signal — tab proctoring, multi-monitor detection, plagiarism, ID verification, full session replay — into a single integrity score that the recruiter sees as a number. Codility leaves the signals separate and surfaces them in the timeline rather than rolling them into one composite score. Detailed coverage of HackerRank's current detection surface lives in the dedicated piece on whether HackerRank detects AI in 2026.

HackerRank's video proctoring stack is generally more aggressive on real-time analysis. Codility's edge is the Device Integrity App and the post-submission similarity check; HackerRank's edge is the integrity score and the in-session video model. Candidates should expect either platform to catch tab switching and large paste events. Candidates should not expect either platform to catch a tool whose process signature is not on the relevant denylist and whose output never enters the screen capture buffer.

False Positives and the Recruiter's Discretion

Public Codility documentation is unusually explicit that behavioral signals are not proof of cheating. The platform calls them signals for review. Common benign causes of false flags include macOS notification banners stealing focus, accessibility tools that synthesize keystrokes, IDE autocomplete that the editor reads as a paste event, large monitors with split workspaces, and candidates who type their solution in a separate text file before pasting it in to manage formatting. Recruiters at well-run hiring teams treat the flags as a prompt to watch the session replay and decide; less experienced recruiters sometimes treat them as a verdict, which is one source of unfair rejections in this space. The broader phenomenon of qualified candidates failing due to false positives is covered in why qualified candidates fail technical interviews.

The similarity score has its own false-positive pattern. Easy tasks — two-line one-liners, classic textbook problems — produce naturally high similarity scores across the entire candidate pool, which is why Codility excludes low-scoring solutions and SQL tasks from the similarity pipeline. Even on harder tasks, two candidates who independently learned the same canonical algorithm will produce code that overlaps significantly under AST normalization. The score is a starting point for human review, not a final answer.

What the Stack Does Not See

Two categories of behavior fall outside Codility's current detection surface in 2026. The first is overlay windows that the candidate's operating system renders outside the screen capture buffer used by WebRTC and the standard display API — this is the architectural property that defines "invisible" tools. The Device Integrity App's denylist is the only layer that addresses this category, and it only catches tools whose binary signatures Codility has cataloged. The second is anything happening on a physically separate device: a phone propped next to the laptop, a tablet on a stand, or a second machine running on a different network. Codility has no view into the contents of a separate device. Mouse-exit heuristics and webcam snapshots can flag the candidate looking away from the screen, but the contents of that other device are invisible to the platform.

This is the architectural reality candidates should plan around. Detection happens where the candidate's primary machine touches Codility's instrumentation: the browser, the optional desktop app, the optional webcam stream, and the submitted code. Anything outside that surface is, by construction, outside what Codility can see. That does not make using it ethical or risk-free — it means the platform's defense against it is indirect, working through behavioral inference rather than direct observation.

The 2026 Baseline for Candidates

The platform-level summary for 2026 is this: Codility's default behavioral layer catches tab switching, paste patterns, and code similarity on every assessment. The optional proctoring tiers add webcam, audio, and screen recording. The Device Integrity App adds a process-list scan against a maintained denylist of known capture and overlay tools. The Similarity Check runs post-submission against historical solutions and AI-generated references. Typing Pattern Detection adds a behavioral inference layer against retyped AI output. None of these layers individually is conclusive, and Codility's own documentation says so. The combination is meant to give the recruiter enough signal to know which sessions to watch end-to-end.

Candidates preparing for a Codility round should treat the platform as a system designed for the recruiter's benefit, with strong but not unlimited reach. Asking the recruiter which configuration is in use is reasonable. Reviewing the company's stated interview policy is reasonable. Preparing the underlying material so that performance does not depend on any single external factor is the only durable answer to a detection arms race that continues to escalate every quarter. The broader ethics conversation around this topic is treated in is using AI during a coding interview cheating.