New Delhi: The Central Board of Secondary Education (CBSE) has moved the re-evaluation process for class 12 answer scripts away from the platform operated by Hyderabad-based Coempt Eduteck Pvt Ltd and onto infrastructure controlled by the board, amid concerns over the security of the vendor’s on-screen marking (OSM) system.According to the Hindustan Times, the re-evaluation exercise is expected to begin next week through the CBSE’s own portal after student and examination data were migrated from Coempt’s infrastructure. The move comes as the board faces mounting questions over the procurement and rollout of, and cybersecurity safeguards surrounding, the digital evaluation system used for this year’s class 12 examinations.A senior IIT Kanpur official associated with the technical review told HT that security concerns were behind the decision to shift the process to CBSE-controlled infrastructure. The report said the board is continuing to use Coempt’s software code after security modifications and testing, but the system is now being operated on infrastructure under the CBSE’s direct control.The CBSE did not explicitly confirm that security vulnerabilities prompted the switch, but said its procedures were designed to protect the integrity, confidentiality and accuracy of the evaluation process.The development follows weeks of controversy over the board’s first nationwide deployment of the OSM system, which was used to digitally evaluate nearly ten million class 12 answer scripts before results were declared on May 13. Students subsequently raised complaints about blurred scans, evaluation irregularities and technical difficulties with post-result services.The board has also filed a complaint with the Delhi police regarding alleged cyberattacks on its post-result services portal. According to HT, a case has been registered under provisions of the Information Technology Act and an investigation has been launched.The Union education ministry had earlier directed the Indian Institutes of Technology in Kanpur and Madras to assist the CBSE in examining the technical issues. A four-member expert team from the two institutions has been reviewing the platform and overseeing remedial measures.Fresh questions have also emerged over the cybersecurity certifications submitted by Coempt during the tender process.A separate HT investigation reported that certificates accepted by the CBSE as evidence of the platform’s security either related to deployments for another client or had expired before being submitted as part of the tender process.According to documents reviewed by the newspaper, one certificate issued in November 2023 related to the deployment of the OnMark platform for Biju Patnaik University of Technology in Odisha. By the time it was submitted for the CBSE’s August 2025 tender, the certificate was nearly two years old and had exceeded its stated validity period.Another certificate, issued in October 2025, reportedly covered testing of an application called “OneX” on a pre-production environment associated with the same university rather than a live CBSE deployment. The document also noted that production server-hardening remained to be completed.Neither certificate specifically referred to a CBSE system, according to the report.The questions over the certifications have gained significance after cybersecurity researchers disclosed a series of alleged vulnerabilities in the OSM platform earlier this year.Nineteen-year-old student Nisarga Adhikary had identified several vulnerabilities in February, including what he described as authentication weaknesses. A second researcher, Tirth Parmar, later alleged that flaws in the platform enabled access to sensitive databases containing student records, answer scripts and evaluator information. Some of the findings were reported to the Indian Computer Emergency Response Team.The revelations have intensified scrutiny of the procurement process that led to Coempt’s selection.The CBSE’s first tender for the OSM project in February 2025 attracted no bidders, while a second tender failed to produce a technically qualified vendor. A third tender issued in August 2025 relaxed several eligibility requirements, including scanning specifications, staffing thresholds and software maturity standards.The contract was awarded to Coempt in December 2025, roughly 74 days before the commencement of the class 12 board examinations.Subsequent reporting by HT also raised questions about the financial aspects of the contract. While earlier tender documents envisaged work involving approximately 2.38 crore answer scripts – a figure apparently based on the expectation that class 10 papers would also be evaluated using the OSM – only about 98.6 lakh class 12 answer books were eventually scanned under the system.The report noted that the final work order value remained substantially higher than figures indicated in the earlier tenders, although government officials maintained that final payments would be based on the actual number of answer scripts processed.Student groups and activists have argued that changes introduced in the final tender diluted quality and eligibility requirements in ways that benefited the eventual vendor. The CBSE has not publicly accepted those allegations.Meanwhile, students who obtained scanned copies of their answer scripts have been permitted to submit question-wise objections through the CBSE’s post-result portal until June 7. According to figures cited by HT, more than 70,000 applications for verification and re-evaluation had been received by June 4.Coempt did not respond to HT‘s requests for comment on either the security concerns or the certification questions. The CBSE has said payments to the company will be made only after all examination-related processes, including re-evaluation, are completed.