Loqiva City Services Platform & Mobile App
Loqiva is a mobile city services platform for Councils and BIDs that provides residents and visitors with personalised information, a say on relevant local issues and the ability to pay for goods and services through a dedicated mobile app. Loqiva offers a turnkey, customisable solution for smart city initiatives.
- Mobile App (iOS & Android)
- Client Administration Dashboard
- Local Business Dashboard
- Content Personalisation
- Content Management System
- Feedback & Reporting Tools
- Location Triggered Content
- IoT Connectivity
- Create one place for citizen communication
- Increase user engagement with cloud intelligence
- Retain data ownership
- Create efficiencies and cost savings
- Support local businesses with insights and marketing tools
- Streamline revenue generation
- Connect smart city initiatives
- Grow community participation
£10000 to £80000 per licence per year
0207 422 8272
|Software add-on or extension||Yes, but can also be used as a standalone service|
|What software services is the service an extension to||Loqiva aggregates data and information from a range of third-party services including the customer's website, Twitter, YouTube, Google's mapping APIs and other data sources.|
|Cloud deployment model||Public cloud|
|Service constraints||Loqiva requires the customer to register with Google so that Google Maps, Places and Routes can be delivered through the App. The customer is billed by Google separately for this cost. As part of the annual fee, Loqiva maintains the platform and responds to third-party service updates as quickly as possible. Hosting and bandwidth for typical client use is also included in this. Beyond predefined limits, fees for additional bandwidth use are charged.|
|Email or online ticketing support||Email or online ticketing|
|Support response times||We respond to questions for free within one working day or typically faster. Premium support packages guarantee faster response times and an emergency number is provided at weekends.|
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||WCAG 2.1 A|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||Yes, at an extra cost|
|Web chat support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support accessibility standard||WCAG 2.1 AA or EN 301 549|
|Web chat accessibility testing||We use a third-party product which complies with Web Content Accessibility Guidelines. We have tested its use with assistive technologies like VoiceOver.|
|Onsite support||Yes, at extra cost|
Loqiva provides different kinds of support to suit each customer's requirements. We have a package for on-site training and different packages for remote support.
A) On-Site Training:
One of our consultants will visit the customer's premises and provide group or one-to-one training. This is charged at a rate of £500 per day plus travel and accommodation costs.
B) Remote Training, User & Technical Support:
Free - Customers email for support. We will respond within one working day, email or call back where required during business hours. Suitable for small administrative teams that require infrequent support.
Premium - Customers chat online with us. We will respond as soon as possible (immediately or within 2-3 hours during business hours) or call back where required. Emergency 'out of hours' number also provided.
T1 (£500 pcm) - 1 day's dedicated support a month. Suitable for small administrative teams that require a faster response guaranteed.
T2 (£1000 pcm) - 2 to 3 days dedicated support a month. Suitable for larger administrative teams that require a faster response guaranteed.
T3 (£2000 pcm) - 5 days dedicated support a month. Suitable for larger organisations with multiple administrators that require a faster response guaranteed.
|Support available to third parties||No|
Onboarding and offboarding
|Getting started||We prefer to onboard customers with 1 day's onsite training as a minimum, backed up by remote support until users are confident in using the platform to achieve their objectives. Building the public user base is a collaborative process and we can be engaged to suggest strategies to support this alongside questions about the user interface. The system is fully supported by user documentation and a series of videos explaining Loqiva's key features.|
|End-of-contract data extraction||The customer is able to extract data from Loqiva by requesting a CSV file for each of the tables containing anonymised or aggregated data. Data linked to individuals is not provided for download in CSV format unless the customer can demonstrate each user's explicit permission in a manner compliant with local data regulations.|
|End-of-contract process||Once the customer provides notice to end the contract, Loqiva will propose a schedule to close the platform typically over a 3 month period. Key dates will be agreed between the customer and Loqiva to i) notify all users, ii) notify all suppliers/data providers, iii) identify and wind-down necessary platform services, iv) shut down the platform, v) reconcile payments, vi) ensure eligible data is download or transferred vii) provide a data erasure certificate. Included in the price of the contract is the technical decommissioning of the system including data erasure. What is excluded are any customer or supplier outreach requirements, specialist research or work on data permissions, custom technical work, bespoke data transfer needs or dedicated customer liaison,|
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||
Loqiva's smartphone app has been designed for iOS and Android phones. The app is used to deliver Loqiva's services to public users.
The Client Administration Dashboard and Local Business Dashboard are accessed through a web browser on a desktop or a mobile device. The web pages are mobile-responsive and there is no difference in functionality between desktop and mobile views.
|Description of service interface||Loqiva provides administrators and local businesses with a web dashboard to configure and update services. Users are provided with personal credentials to log-in to the platform and make changes. All the services accessible to each type and level of user are presented clearly in the navigation options available for each profile. The service can be modified by the user through the form or controls presented on the relevant page. Public smartphone users can configure the services using the "My Account" page on the app.|
|Accessibility standards||WCAG 2.1 AA or EN 301 549|
|Accessibility testing||We have used VoiceOver to test Loqiva's accessibility in relation to the service interfaces. We continue to work on accessibility.|
|Description of customisation||
Loqiva can be customised in a number of ways:
Upon Installation -
The app and web interfaces can be themed to suit the customer's brand and colours. Naming conventions and modules can be defined. These customisations are managed by Loqiva.
In System Settings -
Interest categories, business user privileges, data feeds and other configuration settings can be adjusted by the customers with SuperAdmin credentials.
By Administrators -
Administrators can access different parts of the content management system depending on the privileges assigned to their level. Content changes can be made, alerts set, surveys created and sent and more.
By Local Businesses
Local business can log-in through their dashboard, update their profile, offer targeted rewards to public users, update the system events calendar and create location-triggered alerts.
By Adding Custom Modules -
Loqiva provides the framework for custom modules to be developed rapidly where there is need for a custom service. For example, a local Council might wish to add a "Parking Finder" service using the API of the incumbent parking vendor. This module might appear as a new option on the smartphone app and client administration dashboard.
|Independence of resources||Council customers are provided with single-tenanted virtual machines with load balancers. BIDs are provided with multi-tenanted virtual machines with load balancing features. Resources at the data centre are monitored and can be scaled to meet requirements.|
|Service usage metrics||Yes|
Loqiva offers a wide range of metrics and analytics to Client Administrators and Local Businesses.
Metrics provided to Administrators provide a guide to use of the platform by Public Users each week, as well as subscriptions generated by Local Businesses. Meanwhile analytics provide insights as to demographic information.
Local Businesses are provided with metrics in relation to people with the app walking by their premises, the number of rewards alerted to them and claimed. Analytics in the form of demographic information is also provided.
|Supplier type||Not a reseller|
|Staff security clearance||Staff screening not performed|
|Government security clearance||None|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||No|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||Explicit overwriting of storage before reallocation|
|Equipment disposal approach||A third-party destruction service|
Data importing and exporting
|Data export approach||Users need to make an information request. Data is manually exported by the Loqiva team and is placed in a secure repository on the server for the user to download. A process is being developed for users to do this remotely.|
|Data export formats||CSV|
|Data import formats||CSV|
|Data protection between buyer and supplier networks||
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
|Guaranteed availability||Our SLA ensures hosting and platform availability uptime for a minimum of 98% of each month. Below this, customers are eligible for a refund equivalent to 10% of that month's fee (Annual Fee / 12 = 1 Month's Fee). We do not offer compensation for loss of business.|
|Approach to resilience||This information is available on request.|
|Outage reporting||We report service outages to customers using email alerts.|
Identity and authentication
|User authentication needed||Yes|
|User authentication||Username or password|
|Access restrictions in management interfaces and support channels||We restrict access to key interfaces and support channels through the use of administrative privileges. Each user is shown the service interfaces required to perform their role.|
|Access restriction testing frequency||At least once a year|
|Management access authentication||Username or password|
Audit information for users
|Access to user activity audit information||Users contact the support team to get audit information|
|How long user audit data is stored for||Between 1 month and 6 months|
|Access to supplier activity audit information||No audit information available|
|How long system logs are stored for||Between 1 month and 6 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||No|
|Security governance approach||We approach security governance using internal policies informed by best practise. These cover controls for all employees including management of confidential data, keeping emails safe, managing passwords properly and transferring data. For network administrators and system developers, further controls and guidelines are put in place.|
|Information security policies and processes||Security reporting is the responsibility of the CTO and CEO. The following policies and procedures have been put in place - Acceptable Use Policy, Access Control Policy, Change Management Policy, InfoSec Policy, IR Policy, Remote Access Policy and an Email Communication Policy. Disaster Recovery and Business Continuity strategies are in place. Data is managed in accordance with GDPR.|
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||All new features are architected and assessed for security issues prior to development. Changes to services are made within a development framework which prevents security vulnerabilities from occurring. Components are tracked and regularly reviewed.|
|Vulnerability management type||Undisclosed|
|Vulnerability management approach||Potential threats to our services are assessed by our development team. We upgrade our services in line with best practise and our analysis of the threat. Information about potential threats comes from third-party vendors and suppliers alongside insights from advisors and industry commentators.|
|Protective monitoring type||Undisclosed|
|Protective monitoring approach||We identify potential compromises through in-house penetration testing prior to release. Live code is assessed regularly by our CTO. Vulnerabilities are assessed through external penetration testing. We respond immediately to any incidents.|
|Incident management type||Undisclosed|
|Incident management approach||We have an in-house reporting process for incidents. These are logged and made known to clients beyond a pre-specified severity level. Users are able to report incidents via phone or email for our team to investigate.|
|Approach to secure software development best practice||Supplier-defined process|
Public sector networks
|Connection to public sector networks||No|
|Price||£10000 to £80000 per licence per year|
|Discount for educational organisations||No|
|Free trial available||No|