Automated Communications & Payments
We build fully managed automated communication solutions for business to consumer organisations to improve customer engagement and lower cost to serve. illion digital tech solutions utilises SMS, email, Web, Interactive Voice Messaging, Interactive Voice Response & payment gateway technologies as alternatives to call centre agents and letters.
Features
- Managed SMS Services
- Interactive Voice Response
- Interactive Voice Messaging
- Debit and Credit Card Payment Gateway
- Income and expenditure capture
- SMS Payments
- Managed Two way SMS services
- Voice of the customer services
- Web payments
- Debit & Credit Card Tokenisation
Benefits
- Fully managed service minimising client effort
- Improved customer engagement
- Reduced operating costs for customer communications
- Reduced inbound calls to call centre
- Increased self service transactions
- More payments faster
- Reduce the cost of collecting outstanding accounts
- Improved customer satisfaction
- Faster message delivery
- Reduced PCI DSS Scope
Pricing
£0.02 an instance
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 12
Service ID
5 9 7 8 0 5 7 2 5 6 0 0 5 1 9
Contact
illion Digital Tech Solutions Ltd
<removed>
Telephone: <removed>
Email: <removed>@77dec2ac-f5b8-427b-981d-5578ee118b36.com
Service scope
- Software add-on or extension
- Yes, but can also be used as a standalone service
- What software services is the service an extension to
- The services can work stand alone or in conjustion with your internal CRM and / or payments servies.
- Cloud deployment model
- Private cloud
- Service constraints
- Due to the nature of the service maintenance does take place, notification will be provded in advance.
- System requirements
- PCI DSS Compliance Certificate
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
1 - Critical | 30 minutes response time | Initial response by phone with hourly updates being sent via email until resolution.
2 - Major | 60 minutes response time | Initial response by email with updates as appropriate
3 - Minor | 12 hours response time | Via email/Incident reporting system
4 - Enquiry | 24 hours response time | Via email/Incident reporting system - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- No
- Support levels
-
Illion DTS support team support and maintain the automated sections of the illion DTS Service 24 x 7 x 365.
The other components we support are;
Operative – Manual Process | Manual download and decrypt process Connecting to the government gateway
Download and decrypt files as appropriate,Upload files into automated processes and deleting the files once upload is confirmed.
This service is supported 09:00 – 17:00 Mon to Fri
Operative – Manual Process | Manual encrypt and upload process
Download from automated process and encrypt files as appropriate
Connecting to the government gateway
Upload files into government gateway and deleting the files once upload is confirmed
This service is supported 09:00 – 17:00 Mon to Fri - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
The main function of the Account Management team is to provide seamless communication, action, and organisation between the customer, users and illion DTS. Your Account Manager will be responsible for agreeing a project plan to onboard users with the required training both remotely and also onsite. Ongoing training will be available for all users to ensure they are comfortable with the service.
Ultimately the responsibility for your service levels, training, documentation and solution improvements reside with your Account Manager.
Your Account Manager is the dedicated day-to-day lead contact for the customer relationships.
On a day to day basis your Account Management team is supported by Project Management, Global Support and Technical Development teams. - Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
-
Illion DTS will strive to make sure that the partnership with the customer will be a lasting one. However, in the event of you wishing to transition services to another provider we would manage this in a professional manner within the commercial arrangements agreed. If required, we would use our Account and Project Management teams to liaise with you and the prospective provider to ensure a smooth handover.
Data is kept in line with GDPR rules and regulations, data extracts would be discussed and agreed in line with GDPR at that point.
Daily and weekly exports can be provided to the customer on an ongoing basis if required.
Data will be sent securely with the method agreed. - End-of-contract process
-
Illion DTS will strive to make sure that the partnership with the customer will be a lasting one. However, in the event of you wishing to transition services to another provider we would manage this in a professional manner within the commercial arrangements agreed. A meeting would be arranging to formalise and agree an offboarding approach and project plan alike.
If required, we would use our Account and Project Management teams to liaise with you and the prospective provider to ensure a smooth handover.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Firefox
- Chrome
- Opera
- Application to install
- Yes
- Compatible operating systems
- Other
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- Mobiles are just to provide a consumer with a digital, frictionless journey for either payments or communications.
- Service interface
- No
- API
- No
- Customisation available
- Yes
- Description of customisation
-
Illion DTS have a range of products and services available to their customers, Illion DTS recognise that not one size fits all and each solution is customised in line with the company vision and strategy.
Your illion DTS Account Manager will work closely with all relevant stakeholder to discuss and advise on the right solution for that particular business group.
The below products and services can be customised as required;
SMS Communications
Pay by SMS
Pay by Webpay
Webform
Voice of the customer
Interactive Voice Messaging
Interactive Voice Response
Your illion DTS Account Manager will engage a illion DTS Project Manager to confirm the requirements and produce the relevant documentation to be signed off for customisation to take place.
Scaling
- Independence of resources
- Operational demand is monitored and managed by the Support teams, most campaigns have steady throughput, so we are able to plan, provision and manage capacity to meet most workloads. We generally aim to maintain total demand within 30-60% of total capacity. Where a Customer anticipates an unusual or significant sized campaign they should discuss their requirements with our Account Managers to ensure we can provision for, or manage, their campaign appropriately.
Analytics
- Service usage metrics
- Yes
- Metrics types
-
We can provide metrics to measure activities and performance.
Metrics and reporting can be providing on each service we provide, exports can be agreed and customised in line with company goals and KPI's.
Metrics can be delivered daily, weekly and monthly. Your illion DTS Account Manager can provide a business reviews covering metrics and performance. - Reporting types
-
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2012
- Government security clearance
- None
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
- Explicit overwriting of storage before reallocation
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- Export data will be agreed and sent via the appropiate secure methof ( SFTP)
- Data export formats
- CSV
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
- Private network or public sector network
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Legacy SSL and TLS (under version 1.2)
Availability and resilience
- Guaranteed availability
-
The Hosted Services and other Services provided by illion DTS shall be available and accessible by the customer at all times with an availability and uptime level of 99.5%.
Maintenance of the hosting equipment, facility, Software or other aspects of the Hosted Services that may require interruption of the Hosted Services (Maintenance Events) shall not be performed during Normal Business Hours. illion DTS may interrupt the Services to perform emergency maintenance during the daily window of 10.00 pm to 2.00 am UK time. In addition, illion DTS may interrupt the Hosted Services outside Normal Business Hours for unscheduled maintenance, provided that it has given the Client at least three days' advance notice. - Approach to resilience
-
Services are set up and designed to maintain the highest level of security, protection and resilience. This covers the below areas;
Physical location and legal jurisdiction,
Data centre security,
Data at rest protection,
Data Sanitisation,
Equipment disposal and
Physical resilience and availability
Further and more detailed information is available upon request. - Outage reporting
-
Illion DTS provide the following severity levels when determining the extent of the problem, these are reported via phone or email depending on the severity.
Critical | Failure of the hosted service | Initial response - 30 Mins via phone then hourly updates sent via phone or email until resolved.
Major | Failure, degradation or the non-compliance of any of the illion DTS UK Ltd services(whether wholly or partly) | Initial response - 60 Mins via email with updated as appropriate.
Minor | Problem with one or more components of the Hosted Services and/or other Service(s) that has no immediate business impact and regular business remains operational | Initial response - 12 hours - Via email / incident reporting system
Enquiry | Support Enquiries – Not business critical in nature | Initial response - 24 hours via email / incident reporting system
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Username or password
- Other
- Other user authentication
-
All users, including privileged and service accounts;
Must be uniquely identifiable
Naming convention must be followed
Must be authenticated on each occasion that access is granted to a system
Are responsible for the activities performed by his/her User ID.
Compromised or misused IDs must be reported immediately by the ID owner to the individual’s supervisor or helpdesk.
A numerical passphrase (or personal identification number) is not to be used as the sole method of authenticating a user. - Access restrictions in management interfaces and support channels
-
Illion DTS solutions are hosted in a secure data centre with strict regulations on physical access to the hosting facilities. Each platform is protected by high – IOS Cisco routers on a segregated subnet from the corporate network and internet with stringent firewall and access control policy. Access to the platforms internally is restricted using windows authentication and platforms are only accessible to authorised staff members within relevant roles to carry out the necessary monitoring and administrative tasks.
illion DTS Log request with business justification and manager sign off for System access. As per PCI DSS requirement 7.1 - Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Dedicated link (for example VPN)
- Username or password
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- Yes
- Who accredited the PCI DSS certification
- Cianaa Technology
- PCI DSS accreditation date
- 18/12/2019
- What the PCI DSS doesn’t cover
-
Illion DTS's data management is compliant with the most stringent industry practices, with annual Level 1 Certification undertaken by an independent auditor for the Payment Card Industry Data Security Standard (v 3.2).
The PCI Security Standards Council, established in 2004 by major credit card brands, offers robust and comprehensive standards and supporting materials to enhance payment card data security. These materials include a framework of specifications, tools, measurements and support resources to help organizations ensure the safe handling of cardholder information at every step. The keystone is the PCI Data Security Standard (PCI DSS), which provides an actionable framework for developing a robust payment card data security process - including prevention, detection and appropriate reaction to security incidents. - Other security certifications
- Yes
- Any other security certifications
- Cyber Essentials
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- Other
- Other security governance standards
- Illion DTS data management is compliant with the most stringent industry practices, with annual Level 1 Certification undertaken by an independent auditor for the Payment Card Industry Data Security Standard (v 3.2). illion DTS has held this level of certification since 2011.
- Information security policies and processes
-
Illion DTS maintain an Information Security policy, based on PCI DSS & ISO 27001 standards. It is designed to meet the varying needs of illion DTS and illion DTS’s clients. illion DTS realise that information security is essential when seeking to maintain illion DTS's competitive edge, legal compliance and corporate image.
illion DTS’s Information Security Policy is available upon request.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
-
All changes to Production and Staging Environments are submitted for a Review process before deployment. This process ensures that changes have been Code reviewed (Secure coding practices), Protection of Personal Information has been reviewed, Testing has been reviewed and Passed, All Documentation relating to change has been updated, Deployment Steps have been validated, and Rollback produces are in place.
The illion DTS Change Control Document is available on request. - Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
-
Illion DTS performs an annual risk assessment in compliance with PCI DSS 12.2. This includes threat identification, vulnerability identification, existing controls, risk assessment, and risk rating (taking into account likelihood of threats, asset value, ease of exploitation). The risk assessment identifies critical assets - our latest assessment includes approximately 100 asset types categorized into areas; Information, People, Process, Systems: Network, Systems: Hardware, Systems: Software, Systems: Applications, Systems: Services.
As per PCI-DSS requirements. External scans are run quarterly.
Internal Pen testing and application testing is run annual at the moment.
Monthly patching process in place, Critical patches applied within 7 days. - Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
- Illion DTS adhere to PCI DSS requirements for our protective monitoring processes. Further and detailed documentation is available upon request.
- Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
-
Illion DTS has a Security Incident Response plan with defined roles and responsibilities with an annual drill as per PCI DSS requirements.
DTS has a Personal Data Breach Response plan with defined roles and responsibilities.
The Personal Data Breach plan overlaps with the Security Incident plan and does not have a separate drill.
Suspected incidents or internal investigations are logged in Zendesk tickets.
No live incidents have occurred.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- No
Pricing
- Price
- £0.02 an instance
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- Illion DTS will facilitate a trial /proof of concept where a new service is planned. The trial will be designed against agreed objectives /KPI’s, measured to establish the success of the trial through comparative data or controls. Trial services are priced as Business as Usual solutions in the pricing document.