INFOBIP LIMITED

Infobip - Moments - Omnichannel Customer Engagement Platform

Moments is an omnichannel customer engagement platform – omnichannel communication automation, event-based orchestration, personalized messaging, campaign analytics and customer data management. It helps enterprises to create personalized communications to deliver messages in the right moment and over the right channel - through the entire customer journey.

Features

  • Omnichannel communication
  • Behavioural analysis
  • Advanced segmentation
  • Smart automated campaigns
  • Data driven personalization
  • Event triggered automation
  • Integration with websites, mobile systems and CRM systems
  • Advanced customer data platform

Benefits

  • Improved business impact and ROI
  • Efficiency and time saving with automation
  • Integrations available with most popular platforms (ex. Salesforce)
  • Customer 360° view
  • Unified customer data
  • Advanced analytics for conversion cost and efficiency

Pricing

£910 a person a month

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at James.Stokes@infobip.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

6 7 1 3 5 4 5 3 2 5 2 6 0 7 1

Contact

INFOBIP LIMITED James Stokes
Telephone: +447825190315
Email: James.Stokes@infobip.com

Service scope

Software add-on or extension
No
Cloud deployment model
Hybrid cloud
Service constraints
Constraints depend on data center location and channel limitation.
System requirements
  • Appropriate web browser (for web based interface integration)
  • API integration - database for contacts and message
  • API integration - properly configured information systems

User support

Email or online ticketing support
Email or online ticketing
Support response times
Response time depends on Support Package.
User can manage status and priority of support tickets
No
Phone support
No
Web chat support
Web chat
Web chat support availability
24 hours, 7 days a week
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
Chat is accessible over Infobip web based interface.
Web chat accessibility testing
N/A
Onsite support
No
Support levels
We have 4 support levels: Basic (€ 0 per month), Advanced (€499 per month), Professional (€1499 per month) and Premium (€4999 per month).
Levels vary in response time, support channels and availability.

Dedicated Account Manager is included in Professional and Premium Packages. Dedicated Engineer is included in Premium support.
Support available to third parties
No

Onboarding and offboarding

Getting started
Appropriate documentation is available online and can be also provided by Sales Manager handling the client. Additional training can be provided by Presales Engineer as part of client onboarding.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Following the termination of the contract, Infobip complies with agreement made between Parties concerning return or deletion of Data.
End-of-contract process
Termination is defined by the Main agreement between the Parties.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
No
Service interface
Yes
Description of service interface
Service interface consists of multiple sections designed for:
communication management, account management, analytics and reporting, contact management, contact center (add on), bot building (add on),...
Accessibility standards
None or don’t know
Description of accessibility
Only authenticated users can log in the service. Additional access criteria can be set on user or group basis.
Accessibility testing
N/A
API
Yes
What users can and can't do using the API
Authenticated users can add users from internal systems and track their behaviour.
API documentation
Yes
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
No
Customisation available
No

Scaling

Independence of resources
Moments capacity and resources are extended. However, Moments is dependant on channel throughput and as part of the platform is shared, it can be affected by usage of others.

Analytics

Service usage metrics
Yes
Metrics types
Campign analytics, event (segmentation and funnel analytics) and channel analytics
Reporting types
  • Real-time dashboards
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
European Economic Area (EEA)
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least every 6 months
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Other
Other data at rest protection approach
This data is considered confidential and can not be shared without an NDA
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Users can export communication logs over service interface (.xsls, .cvs file).

For additional data, appropriate account manager should be contacted to coordinate the export based on the requirements.
Infobip as processor is fully GDPR compliant.
Data export formats
  • CSV
  • Other
Other data export formats
Xsls
Data import formats
  • CSV
  • Other
Other data import formats
Xsls

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
SLA is considered confidential, and as such can only be shared with NDA.
Approach to resilience
Infobip platform is designed as Multi Datacenter solution with geo redundant locations. Each Datacenter has internal redundancy, meaning clustering in place, redundant connectivity and backup solutions. Each Infobip service is deployed on multiple instance thus providing fully scalable and reliable solution.
Outage reporting
Outages are reported over email alerts.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels
Logical access to Infobip information assets; servers, databases, network and applications, is granted following the principle of least privilege (PoLP).When connecting to the production systems, employees are using VPN (2FA) connection and are required to request the access. Access has a maximum duration of 8h after which it is automatically revoked and when the person needs the access again, the procedure is repeated.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
Between 1 month and 6 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Bureau Veritas Certification Holding SAS - UK branch
ISO/IEC 27001 accreditation date
12/06/2017
What the ISO/IEC 27001 doesn’t cover
We can clarify the scope in a document once the NDA it's signed
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
Yes
Who accredited the PCI DSS certification
Advantio Ltd
PCI DSS accreditation date
8 July, 2019
What the PCI DSS doesn’t cover
Advantio Ltd has issued this certificate to indicate that Infobip has
been assessed against the objectives of the Payment Card Industry (PCI) Data Security Standards (DSS) security assessment procedures and were found to be compliant with the PCI DSS
V3.2.1, on the date of issue only, no other guarantees given.
Other security certifications
Yes
Any other security certifications
  • Cyber Essentials Certificate
  • ISO 9001:2015

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Appropriate Information security policies are in place. However, they are considered confidential and, as such, can not be shared.

More information can be reviewed at our "Technical Organisation Measures" document

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Infobip has defined, documented and implemented a set of policies and procedures in IT and Information Security domain in line with ISO 27001 for change management,

Infobip has formally defined and communicated change management policies, procedures and guidelines which define responsibilites and activities related to change management process.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Vulnerability Assessment scans are performed weekly for our Data Centers public IP address space using vulnerability scanning tool, which provides CVSS Base Score.

External penetration tests are conducted by renowned 3rd party companies on semi-annual basis using best practice methodologies: OSSTMM , OWASP , NIST penetration testing and audit methodologies, including automated and manual techniques designed to evaluate the security of our target systems.

Patches,updates are deployed in a time frame that is dependent on the severity of the vulnerability which is mitigated by it. Patches and updates are firstly tested on testing machines prior to deployment to production
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
All relevant information regarding our Platform is logged, being monitored and managed by our Support, Security and Networking teams.

Infobip has formally defined and communicated an Information Security Incident Management Policy and related procedures to encourage consistent approach and effective resolution of security incidents and ensure:
- recovery of functionality in a defined time interval;
- elimination of identified security threats;
- improving communication between different organizational units and gathering information throughout the incident;
- taking action to avoid repetition of similar events in the future.

Incidents are categorized, handled, documented and escalated towards responsible management levels as defined
Incident management type
Supplier-defined controls
Incident management approach
Infobip has formally defined and communicated an Information Security Incident Management Policy and related procedures to encourage consistent approach and effective resolution of security incidents and ensure:
recovery of functionality in a defined time interval;
elimination of identified security threats;
improving communication between different organizational units and gathering information throughout the incident;
taking action to avoid repetition of similar events in the future.

All reported incidents are entered in incident management application by responsible Security team employee or automatically via email or API. Incidents are categorized, handled, documented and escalated towards responsible management levels as defined in
ISIM Policy.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Pricing

Price
£910 a person a month
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
During trial period, service can be used over a shared test sender, which has limited functionalities and can only be used for functional testing. Additional PoC is possible with dedicated sender, but is not free of charge.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at James.Stokes@infobip.com. Tell them what format you need. It will help if you say what assistive technology you use.