Digital Badges / Certificates is a digital badging platform where you can design, create and issue badges to recipients in recognition of tasks completed, milestones and achievements.

Certified by the IMS Global Learning Standard, is a fully customizable platform that delivers digital badges in the way you want to.


  • Design, define and issue your own branded digital badges
  • Metadata built into each badge you create
  • Fully brand and customise the system as your own
  • Issue badges in a variety of ways
  • Report on the digital badges / certificates you issue
  • Free badge backpack for all Open Badges recipients
  • Issue badges based on rules you define
  • Share badges on social media
  • Create simple and complex badge pathways
  • Flexible API integrations available


  • Certified by IMS Global Learning Consortium Open Badges 2.0
  • Secure metadata verifies your badge e.g. issuer, recipient, issue reason
  • Customise and brand the platform and recipient badge backpack
  • Save admin time and define rules to issue badges automatically
  • Issue large volumes of badges with CSV file upload
  • Reporting to identify skills gaps, most issued badges and more
  • Recipients can share badges on LinkedIn, Facebook and other platforms
  • Create badge pathways to award badges at different milestones
  • Use data from external systems to award digital badges


£0 to £0.70 per person per year

Service documents


G-Cloud 11

Service ID

7 8 7 9 1 4 9 0 8 8 3 5 7 9 6



Rob Arntsen

01904 659465

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
The service has an extension for Google Forms and Sheets
Cloud deployment model
Public cloud
Service constraints
System requirements
Requires a web browser supporting HTML 5 functions

User support

Email or online ticketing support
Email or online ticketing
Support response times
We aim to respond to support tickets within 8 hours Monday to Friday.
User can manage status and priority of support tickets
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
Base support is included within the standard pricing and include 27/4 on-line logging and management of support requests.

Standard support hours are (9:00 – 5.00 Monday to Friday).

Premium and custom support packages are also available on request.
Support available to third parties

Onboarding and offboarding

Getting started
We provide a comprehensive range of implementation services that include on-site face-to-face training and workshops, as well as online and email consultancy during the implementation. The scale and scope of these services is tailored to meet your specific needs and requirements and we would work with your implementation team(s) and define the best approach and options for you.
Service documentation
Documentation formats
End-of-contract data extraction
All badge designs can be downloaded. Users who have been issued badges will retain FREE access to their Badge Backpack after the contract ends.
End-of-contract process
At the end of the contract you will still have access to the system but be unable to issue badges.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
Designed for use on mobile devices
Service interface
What users can and can't do using the API
The services supports several secure RESTful APIs
API documentation
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
Customisation available
Description of customisation
The application supports branding and email content customisation.


Independence of resources
Our systems make use of a number of different approaches, including: resource usage monitoring and alerts, allowing us to quickly respond to performance issues, allocating additional resources as required; resource isolation, ensuring that for specific customers get dedicated resources; regional isolation, ensuring that for specific customers in each region get dedicated resources; and automatic scaling when requested, allowing the system to automatically allocate additional resources up to a specified limit at times of high load.


Service usage metrics
Metrics types
Number of Badges Issued
Reporting types
Real-time dashboards


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
All badges can be exported and conform to the IMS Open Badges 2.0 standard.
Data export formats
Other data export formats
IMS 2.0 Open Badges Standard
Data import formats
Other data import formats
IMS 2.0 Open Badges Standard

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Standard availability is 99.9%.

Custom support packages offer increased availability and can also include a refund provision.
Approach to resilience
Available on request
Outage reporting
Any system outages would be notified by email.

Identity and authentication

User authentication needed
User authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
User access is control by role level security and support functions are provided only to authorised users.
Access restriction testing frequency
At least every 6 months
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
Between 1 month and 6 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
Between 1 month and 6 months
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
Other security governance standards
Cyber Essentials
Information security policies and processes
Adhere to the principles of Cyber Essentials and internally verified process and procedures.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
All changes are managed through our change control team who follow a process of assessment, test and validation prior to the implementation of any production changes. Application changes will follow our product quality assurance process. All changes are documented and audited.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Our services are frequently scanned on a schedule using Azure Security Center, which provides detailed vulnerability and security information for all our cloud services. Recommendations raised from this, including system patches, are fixed on a timescale depending on the severity of the raised issue.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Our systems audit all major events, including authentication failures and successes, configuration changes and item removal. These logs are monitored as part of Azure Active Directory Identity Protection, and alerts raised by this are reviewed weekly, with critical issues requiring resolution in 2 days.
Incident management type
Supplier-defined controls
Incident management approach
Reported incidents are assessed by our IT Services Manager and a course of action determined based on issue severity.  We use Microsoft Azure Security Center to record and manged the resolution of non-application incidents and our Help Desk to record and manage the resolution of any application incidents.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks


£0 to £0.70 per person per year
Discount for educational organisations
Free trial available
Description of free trial
The available features for the Free version can be viewed via the following link
Link to free trial

Service documents

Return to top ↑