Futr. Outside (Citizen facing chatbot)
Your users want to request new bins, report a theft or check your opening hours. They want to ask at 11pm on a Saturday, and in a second language. Make life simple for them and you, with a helpful, self explanatory voice or chatbot interface for everything they need.
- Conversational interface
- Multilingual (over 160 languages) and multi-language detection
- Emotion and sentiment detection
- Seamless livechat handover
- Data compliance by design
- Multi-channel distribution
- Intelligent queuing
- Full audit trail
- Automate repetitive tasks
- Interact with data through conversational dialogue
- Increased accessibility to services
- Targeted content distribution
- Improved compliance
- Improved access to and visibility of data
- Cost reduction
- Improved service delivery
- Improved data consistency and quality
- 24/7 real-time usage
£1 per user per month
- Education pricing available
Futr AI Limited
|Software add-on or extension||Yes, but can also be used as a standalone service|
|What software services is the service an extension to||Any service with an API or database connectivity.|
|Cloud deployment model||
|System requirements||Internet connectivity|
|Email or online ticketing support||Email or online ticketing|
|Support response times||Instant|
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
|Support levels||Support levels are subject to individual service level agreements. We offer these based on availability, capacity and performance with associated tiered penalties should targets not be met.|
|Support available to third parties||Yes|
Onboarding and offboarding
|Getting started||For standard service, users have access to a wide range of online support documentation. For bespoke service, we would engage as agreed.|
|End-of-contract data extraction||Export to all standard industry formats, for example, CSV, JSON, XML, Word, Excel, PDF.|
|End-of-contract process||We provide the export free of charge in any of the supported formats as a part of the standard contract.|
Using the service
|Web browser interface||No|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||None|
|Accessibility standards||WCAG 2.1 A|
|Accessibility testing||User acceptance testing.|
|What users can and can't do using the API||Users can integrate their own products and services with our AI engine. There are no set limitations. We would discuss access based on the organisation's requirements.|
|API documentation formats||Open API (also known as Swagger)|
|API sandbox or test environment||Yes|
|Description of customisation||Content customisation for basic service without any restrictions. Full customisation for bespoke services subject to agreement.|
|Independence of resources||
Our standard service is cloud based and the agreements we have in place with providers such as Amazon (AWS) and Microsoft (Azure) include the ability to automatically scale on demand.
Bespoke services would utilise the same architecture unless agreed otherwise.
|Service usage metrics||Yes|
Standard service includes, distinct users, questions asked, languages used, daily activity, daily sentiment analysis, interactions per day, most common actions, cost savings, response times, confidence score and channel activity all as standard and real time.
Bespoke service can include any required metrics that can be extracted from the service.
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||At least every 6 months|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||We provide the export on request for the standard service. Bespoke services can include an API that the users can extract their data through.|
|Data export formats||
|Other data export formats||
|Data import formats||
|Other data import formats||
|Data protection between buyer and supplier networks||
|Data protection within supplier network||
Availability and resilience
|Guaranteed availability||Service levels are negotiated as part of the standard service with a sliding scale of availability targets. Associated penalties are also negotiable based on the targets and can include both refunds and / or service credits.|
|Approach to resilience||
Our data centre is provided by Microsoft Azure services. This includes real time backup and restoration and automated data recovery for business continuity purposes.
Data is stored in 2 data centres with real-time synchronisation to avoid any localised service disruption.
|Outage reporting||Public dashboard and email alerting as defined in service level agreements|
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||We use domain driven authentication through industry solutions such as active directory and we use role based authorisation to manage restricted access.|
|Access restriction testing frequency||At least once a year|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||User-defined|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||User-defined|
|How long system logs are stored for||Between 1 month and 6 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||No|
|Security governance approach||We do not hold any data outside of the Microsoft Azure platform and utilise their security governance standards. Any partner details are stored on securely protected platforms.|
|Information security policies and processes||
All employees are made aware of their responsibilities in relation to data security management on joining the organisation. Employees are responsible for reporting any data they feel should not be retained or for which access should be restricted to the Data Security Officer (DSO) who is a board member. Failure to do so is a disciplinary offence.
The DSO’s duties include a bi-annual review of any data that has been identified as requiring elevated protection and wherever possible deleting this data. In addition the DSO is responsible for bi-monthly audits of other data held on any platforms to ensure compliance.
An annual technical review is carried out in conjunction with the CTO to ensure the storage mechanisms in use remain suitable and proportionate for any data we are holding.
Our overriding principle is to only hold data where absolutely necessary. All our services are GDPR compliant by design.
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
We manage change control following a Gitflow model. We maintain 3 environments, Dev, UAT and Production with a defined release schedule.
Changes are developed in the Dev environment, pushed to UAT for testing and once signed off released to live, Up to 3 previous versions are retained should back out be required. Once the change is released to the live environment the UAT and Dev environments are refreshed to ensure any changes in progress are developed and tested on the latest version.
Changes are assessed for security, accessibility, usability and performance across all supported platforms.
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||Our platform is built on cloud services and we rely on their advanced security, real time patching and threat assessment.|
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
Our solutions are built on Microsoft Azure and Amazon Web Services. These services provide cutting edge 24/7 monitoring of potential threats.
This includes alerting to any potential vulnerabilities within service architecture and technical vulnerabilities. We receive notification of any identified threats so we can also analyse and understand the actions that have been taken to address them.
Remediation of identified threats is automated and real-time ensuring we are fully protected at all times.
|Incident management type||Supplier-defined controls|
|Incident management approach||
Our third line support is subject to supplier services. Internally we use processes that follow ITIL guidelines including:
Defined response and fix times in a service level agreement
Clear escalation paths with named individuals and timings
Paper forms should IT systems be unavailable
Users are able to report incidents using email, chat or phone
Incident reports are provided from our incident management software.
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Public sector networks
|Connection to public sector networks||Yes|
|Connected networks||Police National Network (PNN)|
|Price||£1 per user per month|
|Discount for educational organisations||Yes|
|Free trial available||Yes|
|Description of free trial||We run a free trial for our basic functionality bot which includes FAQ's and broadcasts. This is typically limited to 2 months.|
|Link to free trial||https://futr.ai|