Automated telephone call handling. Our systems are used for Customer Relationship Management (CRM), virtual call centre, credit card payments, voicemail, voting and information services. Voice interface using telephone keypad or Speech Recognition to connect to databases and APIs. Call centre overflow and routing. VoiceXML support for design and service management.
- Secure Voice interface to access database and web API services
- Real time PCI DSS credit card payment processing
- Telephone keypad (DTMF) and Speech Recognition
- Process 2000 landline and 10000 VOIP simultaneous calls
- Secure web interface to manage Real Time Reporting and payments
- Secure web interface for remote access setup and monitoring
- 24 / 7 365 day support
- UK based in High Security Tier 4 Hosting Centre
- Fully audited by Deloitte and BBC
- All hardware and servers owned and operated
- Low cost access to high inbound capacity voice services
- Remotely manage secure voice services
- Automatically handle 2000 landline calls at the same time
- Easily edit services such as voice messages and menus
- Reduce PCI DSS compliance costs
- Allow voice only access to database information
- Allow voice credit card payments
- Reduce call centre and line rental costs
- Automatically handle 10,000 VOIP calls at the same time
£0.10 per transaction
Temple Interactive Media
|Email or online ticketing support||Email or online ticketing|
|Support response times||
Response levels are determined by SLA chosen for a particular service. Normal response times are 1 to 3 hours in UK working hours.
24 / 365 Out-of-hours response is available at additional charge
|User can manage status and priority of support tickets||No|
|Phone support availability||24 hours, 7 days a week|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
We offer two levels of support:-
1. General service support included at no additional charge
Issues that may be disruptive, but do not require immediate response aim to be resolved the next working day.
2. Telecoms issues, calls / messages not being handled, engaged tones or service failure aim to resolve in 4 hours
Critical issues during a live TV broadcast. Ongoing real-time response and support Ongoing real-time response and support Ongoing real-time response and support. Cost from £500 per hour including network support engineers.
|Support available to third parties||Yes|
Onboarding and offboarding
We provide onsite training, online training and user documentation.
We provide a development server environments allowing users to develop and test services before deploying to the live production environment.
We provide full development of services therefore we can assist with questions and queries as to the design of services. We support the VoiceXML 2.0 services standard allowing users to build their own IVR services.
We can also provide voice over artists for message prompts and menus.
We offer full testing services from multiple phone networks including VOIP.
|End-of-contract data extraction||Users can download their data at any time during the contract.|
At the end of the contract the services will be disabled and data will be retained in line with EU GDPR.
The are no termination fees or additional charges to store data on our systems in line with EU GDPR and Data Protection rules.
Data will be at all times available to download during the contract and for up to two years following the termination of the contract.
Using the service
|Web browser interface||Yes|
|Using the web interface||
1. Setup services including chose type of service, voice messages and set time of day options. We support VoiceXML and provide a development server to test services.
2. Manage services change voice messages and menus through web interface.
3. Monitor services and payments. Download voice messages and reports.
1. Users cannot access payment modules so cannot access Merchant ID
2. Phone number allocation will be issued manually on request to support
|Web interface accessibility standard||WCAG 2.0 A|
|Web interface accessibility testing||Our systems have been designed to be fully managed using a telephone|
|Command line interface||No|
|Independence of resources||Our platform is used to provide shared high availability services to TV Broadcasters including the BBC. Our systems regularly operate under high load conditions whilst maintaining secure sand boxing between applications. We have developed policies and procedures to manage high load events. Where users expect a particularly high response we have a Mass Event policy and we work with the networks to minimize any adverse effects. Where required we can maintain dedicated minimum capacity for each service.|
|Infrastructure or application metrics||Yes|
|Reporting types||Real-time dashboards|
|Supplier type||Not a reseller|
|Staff security clearance||Conforms to BS7858:2012|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||At least every 6 months|
|Penetration testing approach||In-house|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Backup and recovery
|Backup and recovery||Yes|
|What’s backed up||
Backups occur in real time to multiple servers in remote locations.
There is no user interaction required.
|Datacentre setup||Multiple datacentres with disaster recovery|
|Scheduling backups||Supplier controls the whole backup schedule|
|Backup recovery||Users can recover backups themselves, for example through a web interface|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
We provide 99.9% availability in our SLA based on monthly billing period excluded planned outages
Where we fail to provide the agreed level we offer credits on line rental equivalent to the time when the service failed to meet the availability standard.
|Approach to resilience||Due to security requirements this information available only on request.|
|Outage reporting||A public dashboard and email alerts|
Identity and authentication
|Access restrictions in management interfaces and support channels||
Access to the management systems is defined in our Information Security Policy in accordance with our privileges matrix. Access levels are defined on a need to know basis using role based access control.
Access is limited according to role. Unrestricted access will only be granted to staff and persons with the prior approval of senior staff in exceptional circumstances. Exceptional circumstances include PCI Audits or Criminal Investigations. No other unrestricted access is permitted or will be granted.
Access will be terminated according to the Information Security Policy on movers and leavers
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||2-factor authentication|
|Devices users manage the service through||Directly from any device which may also be used for normal business (for example web browsing or viewing external email)|
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users have access to real-time audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Who accredited the PCI DSS certification||Self Certified|
|PCI DSS accreditation date||1/9/2017|
|What the PCI DSS doesn’t cover||Card issuer controllers|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||
|Other security governance standards||PCI DSS|
|Information security policies and processes||
We have an information security policy which clearly outlines who is responsible for each action and how incidents can and should be escalated in the organization. All staff members are fully trained and kept up to date with security policies and are award that failure to comply is considered a serious disciplinary offence which may result in immediate dismissal. Our policies include Data Protection, Acceptable Use, Asset Control, Audit, Change Control, Access,Inventory Cryptographic Controls, Incident,Logical Access,Malicious Software, Operational, Password, Penetration Testing, Firewall,Physical Security, Privileges, Risk, Security Management, Security Patch, Software Development, Staff Selection, Systems, User Privilege,Linux Configuration, Security Management, Linux Hardening.
Copies of these documents are available on request.
|Configuration and change management standard||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Configuration and change management approach||We have configuration documents for our servers including Linux Hardening and Linux Server Configuration documents. We have Change Management Control Procedures document which outlines how changes are made to our systems. We can provide details of both documents on request. In summary our Change Management requires an impact assessment, prohibits changes that impact security, testing of any change before deployment and back-out procedures.|
|Vulnerability management type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Vulnerability management approach||
We have a Malicious Software Vulnerability Management policy document that details the use of anti-virus software and detecting and removing malicious software.
We have remote access logging to record and generate logs.
We use reputable outside sources not just the software vendor including new security alerts internally from rkhunter reports and externally via https://www.uscert.gov/ncas/alerts and http://www.centos.org
|Protective monitoring type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Protective monitoring approach||
We have a Security Management Matrix that defines the roles and responsibilities of staff in the monitoring of our systems to identify potential compromises. This includes monitoring and analyzing security alerts and distributing information to appropriate information security and business unit management personnel, creating and distributing security incident response and escalation procedures.
When a potential compromise is identified we have an Incident Response Plan that classifies the incident from 1 to 4 and outlines the correct procedure. The speed of response will depend on classification e.g. threat to life will warrant immediate response
|Incident management type||Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402|
|Incident management approach||
We have an incident response plan with pre-defined processes. The incident will be categorized into the highest applicable level of
one of the following categories:
1. Category one - A threat to public safety or life.
2. Category two - A threat to sensitive data –including Credit Card or Financial Information
3. Category three - A threat to computer systems
4. Category four - A disruption of services
The person who discovers the incident will call the Temple head office
The incident report will be distributed to all affected stakeholders and external agencies (e.g. Police)
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Separation between users
|Virtualisation technology used to keep applications and users sharing the same infrastructure apart||No|
|Price||£0.10 per transaction|
|Discount for educational organisations||No|
|Free trial available||No|
|Pricing document||View uploaded document|
|Terms and conditions document||View uploaded document|