Demand Responsive Transport Software
Padam Mobility designs and develops smart and dynamic Demand-Responsive Transport solutions using foolproof routing algorithms.
Our mobile apps, simulation and management interfaces are tailored to the needs of our customers: Transit Operators, Transport and Local authorities, private companies, in the interest of users and territories.
Features
- Demand Responsive Transport Alogrithm
- Demand Reponsive Transport Application
- Demand Responsive transport management
- Demand Responsive transport service design
- Real time and advance booking
- Rural Mobility solution
- Multi-territory DRT platform
- SEND DRT solution
- DRT dirver applications
- Public Transport optimisation
Benefits
- Public Transport optimisation
- Real time and advance booking
- Public Transport Cost optimisation
- Routing optimisation
- White lable user application
- Book a public transport in real time
- Support of public transport public expert for service design
- Full integration with existing network
- Real time traveler informations
- Payment modules integration
Pricing
£1,000 a licence a month
Service documents
Request an accessible format
Framework
G-Cloud 12
Service ID
4 4 1 1 3 1 8 6 8 4 7 3 3 1 0
Contact
PADAM MOBILITY
David Carnero
Telephone: 0033770275009
Email: david@padam.io
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Private cloud
- Service constraints
- No specific constraints. Operating under a SaaS model
- System requirements
- Androïd tablets for driver application
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
The Solution will be available on a monthly basis of 99.9% Working Hours.
The calculation of this availability rate does not include scheduled maintenance periods and service
interruptions due to a Force Majeure Event.
In the event of an Error, the Client may open an Error ticket with the Provider's Support Service, which
will intervene and resolve the Error under the conditions defined below.
Blocking error : within 5 business hours
Major error : within 2 business days
Minor error : within 3O business days
The Support Service is only available during Business Hours - User can manage status and priority of support tickets
- No
- Phone support
- No
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
- We provide First level online support which is included in our offer
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
Padam Mobility can provide full onsite or online training (as well as tailored change management strategy if needed) thanks to our dedicated training team.
Padam mobility can provide extensive documentation to its customer as well as an online support platform with FAQ and documentation available 24/7 - Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
- When a contract ends Padam Mobility send the relevant datas back to the customer and destroy remaining datas in agreement with the customer
- End-of-contract process
- N/A
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 7
- Internet Explorer 8
- Internet Explorer 9
- Internet Explorer 10
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari 9+
- Application to install
- Yes
- Compatible operating systems
-
- Android
- IOS
- MacOS
- Windows
- Windows Phone
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
-
Desktop services :
- Booking website
- Management interface for local authorities/operators
Mobile service :
- Native application for mobile devices - Service interface
- No
- API
- Yes
- What users can and can't do using the API
- User can access services through or APIs but can't make any change
- API documentation
- Yes
- API documentation formats
- Open API (also known as Swagger)
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- User can ask for customisation which could be then be develop by Padam's team
Scaling
- Independence of resources
- Infrastructure is dedicated for each of our customer, so that errors are not propagated. Database is powered by AWS RDS, set up with a redundant database to automatically take over if needed. Backups are automatic and allow restoring at any second for the previous 10 days. As a redundant measure, we manually backup the database 5 X day to another AWS service and keep them for the previous 5 days. We use a minimum of 2 application servers per customer and scale them according to demand. one server fail, another one is automatically launched. Servers are created in various datacenters.
Analytics
- Service usage metrics
- Yes
- Metrics types
-
Padam provides an access to a dedicated Power BI dashboard with more than 50 metrics available :
Real-time monitoring for reactivity in case of hazards
A posteriori analysis of operations for capacity adaptation - Reporting types
-
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Baseline Personnel Security Standard (BPSS)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- European Economic Area (EEA)
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Supplier-defined controls
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
-
- Physical access control, complying with another standard
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
- Explicit overwriting of storage before reallocation
- Equipment disposal approach
- In-house destruction process
Data importing and exporting
- Data export approach
- Users exports their data into according format during set-up phase via "Wrike". Padam Mobility project management tools usually under an Excel or CSV format
- Data export formats
-
- CSV
- ODF
- Data import formats
-
- CSV
- ODF
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
- We offer first level SLA
- Approach to resilience
-
Our system is as much redundant as possible:
- Infrastructure is dedicated for each of our customer, so that errors are not propagated
- Database is powered by AWS RDS, set up with a redundant database to automatically take over in case of need. Backups are done automatically and allow restoring at any second for the previous 10 days. As a redundant measure, we manually backup the database 5 times a day to another AWS service (encrypted of course) and keep them for the previous 5 days.
- We use a minimum of 2 application servers per customer and scale them according to demand. Should one server fail, another one is automatically launched. Servers are created in various datacenters.
- Configuration is saved in multiple places so that there’s no loss - Outage reporting
- Email Alerts and through the management interface
Identity and authentication
- User authentication needed
- Yes
- User authentication
- Username or password
- Access restrictions in management interfaces and support channels
- For the management, we have created multiple different profiles to restrict actions: for instance, call center personnel may only book for a customer but wouldn’t change the service design. In fact, call center personnel do not have to the management interface but use a dedicated version of consumer booking website so that they are restricted .In the management interface, one can be restricted, for instance, to only display the service as designed, but not edit it. When setting up the permissions, we ask our customers to restrict as much as possible the rights given to each account.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
- Username or password
Audit information for users
- Access to user activity audit information
- Users receive audit information on a regular basis
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users receive audit information on a regular basis
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
- Tech team board is in charge of security governance policy
- Information security policies and processes
- Our CTO is in charge of the security policies and we have security guidelines, charter and documents available upon request
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
Production infrastructure is entirely located on AWS datacenters.
Computers of employees having access to data are encrypted, and formatted when recycling is needed.
We are building on a secure framework (Django) and we validate user input and actions according to best security practices and user rights.
Our code is tagged in our versionning tool so that we can always be sure of the deployed version. - Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
Penetration tests have already been conducted, which have confirmed the general quality of the system. Fixes have been developed to correct the vulnerabilities identified in the penetration tests according to their criticity.
We use a ticketing system to follow and ensure changes are pushed to production in a timely way. We take great care into not breaking retro-compatibility or offering an update path to the users. - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
Security events are collected into logs and analysed manually.
A part of our infrastructure is meant to react automatically to attacks: traffic is monitored and would raise alert above a certain level; calls to APIs are volume restricted and would be blocked above a certain threshold; user accounts are locked if too many signin errors happen - Incident management type
- Supplier-defined controls
- Incident management approach
-
Should a security incident happen, we would create a team on the spot dedicated to it.According to the attack vector, we would prevent access to the affected area: it it’s a network attack, we would remove all active servers and create new ones, as we think the most urgent action is too remove attacker access to our network.
If the breach is in our apis, we will try to be as invisible as possible and only work on affected APIs if possible. In the last extremity, we would shut down some part of our service while fixing the breach.
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- No
Pricing
- Price
- £1,000 a licence a month
- Discount for educational organisations
- No
- Free trial available
- No