Compass Informatics Limited

GoParkit :: Location-Smart Parking, Payments, Permitting and Analytics Solution

GoParkit offers a mobile parking, permitting solution with enforcement and sensor integration. It is an open interfaced solution built for integration to existing technologies.
Our platform is built on mapping software making it easily transferable to any other device. This is a technology platform – not just a mobile app.

Features

  • Parking pay by phone, permitting, payment and management platform
  • Location, smart driver app
  • Permitting applications and processing
  • Driver and operator portal with live data and mapping
  • Sensor and API integration
  • CLOUD hosted
  • Location based features and analytics
  • Public notices and advertisement feeds
  • Enforcement application
  • Enhance payments engine based on industry standards

Benefits

  • Simple experience for the user, enabling cashless payments
  • Ease of management and enforcement for the town, city
  • Built on a mapping platform
  • A technology platform, not just a mobile application
  • Web based residential, visitor, campus or business parking permits
  • Mobile location, smart parking payment app and web portal
  • Web based access to data and services for data modelling
  • Based on best practice .Net and CLOUD technology
  • Integration with access control systems, ANPR
  • Includes validation / enforcement mobile technology

Pricing

£5000 per licence per year

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 10

496030961379517

Compass Informatics Limited

Gearoid O'Riain

+44 2071291323; +353 1 2104580

goriain@compassinformatics.co.uk

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints There are currently no service constraints, the service provided is a 24 x 7 x 365 service.
System requirements None

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Compass Informatics will provide a 9.00 am - 5.00 pm live help desk. The call centre can be reached by direct phone, email, Twitter. A full ticketing system is used to provide an expert service.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Compass Informatics will provide a 9.00 am - 5.00 pm live help desk. The call centre can be reached by direct phone, email, Twitter. A full ticketing system is used to provide an expert service.

For technical issues GoParkit provides a support service for problem logging, analysis and resolution. This is largely driven via email and web, and we currently utilise the leading ZenDesk platform.

We operate Customer and User agreements and an SLA. This SLA template will be modified to reflect your specific requirements.

Access to Technical Support includes:

• Problem Analysis
• Defect work around, reporting, and tracking
• Problem Escalation where necessary
• Product software fixes / upgrades, and assistance
• Migration path information
• Assistance with licensing
• Assistance in transferring licenses to another platform

Support methods include:

• Web-based ticketing system with associated knowledge base
• Dedicated support email or direct to appointed team member
• Telephone including phone conferencing
• Telephone (mobile) out of hours
• Remote access to servers to diagnose and fix issues
• Screen sharing via Lync, RSupport, WebEx, or similar
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Setup is a quick process and can be carried out via support and/or by the client organisation. Tasks include:
Zones setup including rates and rules
Permits application forms setup (where required)
Admin setup for funds reconciliations
Support requirements agreement
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction Subject to data protection and the account holders permission, account details can be extracted and delivered to a nominated officer of the client.
End-of-contract process On termination of the Agreement, Compass Informatics shall provide for the transfer of all data, including customer End User data, and / or information received and processed for the duration of the Agreement to You, for customers and parking and permitting events related to parking or permitting activities within Your area. It is recognised that End Users may subscribe to GoParkit services provided outside of the Customer’s area and hence that such data will not be transferred to You. Any data transfer is subject to data protection regulations applying at the time.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service GoParkit’s driver app for smartphones is the easiest way for a customer to pay for parking. Once they are in a parking area the app will detect their location and associated rates and rules. Once registered, the customer simply must choose their desired length of stay. That is all that is required from the user making it the most convenient and quick method of payment on the market. This also means margin for error is reduced as by not having to enter a zone and or space code, they cannot enter the incorrect code.
Accessibility standards None or don’t know
Description of accessibility GoParkit offers a mobile parking, permitting solution with enforcement & sensor integration. It is an open interfaced solution built for integration to existing technologies – both hardware and software. As a GIS technology provider for 20 years Compass Informatics Limited have developed the GoParkit platform as the parking industry’s most advanced mobile payments solution with the following things in mind:

• Simple, enabling customers to perform cashless payments
• Ease of management and enforcement for the city
• Rich back end data analysis
• Fit with industry progression
Accessibility testing Compass takes the following approaches to testing:

1. Unit Tests – to automate the testing of code.
2. Integration Tests – to test that the individual pieces of the system work
3. Manual Testing and Review
4. User Acceptance Testing
5. Performance and Load Testing
API Yes
What users can and can't do using the API We integrate via Web Services with other enforcement and fines management systems via an API. Integration and testing typically takes 2-3 days effort on the side of the third party enforcement system.

We have integrated with Parkrite, CivicSmart, Globetech for example.
API documentation Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation There are a series of configuration options that are specific to a client or operating area. Additional development (custom features, reporting, integrations, data imports) are available by agreement. Note a white label version is available or can be customised, up to technology licensing.

Scaling

Scaling
Independence of resources GoParkit utilises Microsoft Azure hosting at a data centre in Ireland. Each customer utilising specific independent areas, therefore guaranteeing service up time, speed and capability.

Analytics

Analytics
Service usage metrics Yes
Metrics types A series of configurable reports are available that include -

• On-street parking session activity
• Permit issuing activity by period, by user group
• Service delivery performance against KPIs
• Financial transactions by period, product, payment method etc.
Reporting types
  • Real-time dashboards
  • Regular reports

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least every 6 months
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach A series of configurable reports are available that include -

• On-street parking session activity
• Permit issuing activity by period, by user group
• Service delivery performance against KPIs
• Financial transactions by period, product, payment method etc.

Also, audit data is stored in Azure File Storage. Data can be downloaded and analysed using the tool Azure Storage Explorer. Dashboard reports are available using an Excel spreadsheet.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Private network or public sector network
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability “Deployment Minutes” is the total number of minutes that GoParkit has been set to running in Microsoft Azure during a month. Deployment Minutes is measured from when the App was initiated an action that would result in running the App to the time Customer initiated an action that would result in stopping or deleting the App.

“Maximum Available Minutes” is the sum of all Deployment Minutes across all Apps deployed by Customer in a given Microsoft Azure subscription during a month.

Downtime: The total accumulated Deployment Minutes, deployed by Customer in a given Microsoft Azure subscription, during which the App is unavailable. A minute is considered unavailable for a given App when there is no connectivity between the App and Microsoft’s Internet gateway.

Monthly Up time Percentage: The Monthly Up time Percentage is calculated using the following formula:

Monthly Up time % = (Maximum Available Minutes-Downtime)/(Maximum Available Minutes) x 100

Service Credit

MONTHLY UPTIME PERCENTAGE SERVICE CREDIT
< 99.95% 10%
< 99% 25%
Approach to resilience No matter how well engineered the physical infrastructure, service incidents do occur. We accept the three laws of operations –
servers will fail, software will have bugs, and humans will make errors. Using Microsoft Azure, we employ sophisticated software-defined service instrumentation and monitoring that integrates at the component or server level, the datacentre edge, our network backbone, Internet exchange sites, and at the real or simulated user level, providing visibility
when a service disruption is occurring and pinpointing its cause. More importantly, we are continuously investing in developing greater application resiliency in our software so it will instantly recognise a disruption and gracefully fail over to a different set of servers or even a
different datacentre, without interrupting the availability of the service.
Outage reporting A public dashboard is available 24 x 7 x 365 enabling you to check for outages.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Restriction to management interfaces and support channels are provided through administrative restrictions both within GoParkit and Microsoft Azure.
Access restriction testing frequency At least every 6 months
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification Yes
Who accredited the PCI DSS certification Trustwave
PCI DSS accreditation date 31/12/2015 and annual review
What the PCI DSS doesn’t cover PCI security standards are technical and operational requirements set
by the Payment Card Industry Security Standards Council to protect
cardholder data. The standards globally govern all merchants and organisations that store, process or transmit this data – with new requirements for software developers and manufacturers of applications and devices used in those transactions. Compliance with the PCI set of standards is mandatory for their respective stakeholders, and is enforced by the major payment card brands who established the Council:
American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc.
Other security certifications Yes
Any other security certifications Cyber Essentials

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach Compass Informatics have established an Information Security Governance Group at a senior level within the organisation hierarchy. This Group includes representation from those responsible for key services, representatives of those responsible for other information assets and those responsible for implementing the information
security policy.

The team:

• Review the ISMS and play a role in its continual improvement
• Co-ordination of cross-organisational controls and conflict resolution
• Provide regular performance reports
• Provide advice and expert assistance, including risk assessments.
Information security policies and processes Compass Informatics have established an Information Security Governance Group at a senior level within the organisation hierarchy. This Group includes representation from those responsible for key services, representatives of those responsible for other information assets and those responsible for implementing the information
security policy.

The team:

• Review the ISMS and play a role in its continual improvement
• Co-ordination of cross-organisational controls and conflict resolution
• Provide regular performance reports
• Provide advice and expert assistance, including risk assessments.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Compass Informatics applies Kanban to its configuration and change management and incorporates elements of SCRUM. This blended approach is sometimes referred to a scrumban. This approach is an evolution of the SRUM agile development methodology which provided a suitable starting point for the development team to follow a change management process.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Compass Informatics perform vulnerability assessments of their entire portfolio on a monthly basis. New vulnerabilities are reported and if required we release software updates. A regular assessment regime is essential to ensure that we are aware of the risks that are present.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Processes are monitored through the Microsoft Azure protective monitoring tool, if compromises are suspected they are dealt with automatically, with threats being quarantined for further investigation and fix. Most incidents are dealt with automatically with no interruption to service levels.
Incident management type Supplier-defined controls
Incident management approach Microsoft Azure provide online tools for checking status of service.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £5000 per licence per year
Discount for educational organisations Yes
Free trial available Yes
Description of free trial Subject to agreement:
Free zones and permits setup;
3 month operation with payments processing costs recovery only.

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑