Experian Data Management with JukeBox

Experian’s Jukebox service enables you to automate your Bureau Cleanse / Dedupe setup that include the following products:
Batch Web Service


  • UK address validation using either Royal Mail PAF or AddressBase
  • Robust and secure infrastructure
  • Addresses formatted to a standard you specify
  • Automatic data updates; Daily Royal Mail PAF updates
  • Experian's trusted secure data and privacy standards


  • Improved data integrity for better decision making
  • Accelerated processes for improved citizen experience
  • Decreased IT costs from using development resources
  • Improved operational efficiencies
  • Ease of use of the products above through simple UI
  • Risk-averse approach to data management


£12500 per licence per year

Service documents


G-Cloud 11

Service ID

9 5 7 1 1 6 1 2 9 8 6 8 1 9 3



Damian Kenny

+44 (0) 7976 702247


Service scope

Software add-on or extension
Cloud deployment model
Private cloud
Service constraints
Must be installed on a client environment.
System requirements
  • Windows Server 2008R2
  • IIS 6.0 or higher
  • .NET 4.0 Framework or higher

User support

Email or online ticketing support
Yes, at extra cost
Support response times
Professional Services - Jukebox service provides Solution Support assistance after the product has been setup and has been utilized in your live environment. Post project support will be available under your current first year agreement or for an additional consultancy charge for the years to come while you're utilizing the Professional Services Jukebox Service.
User can manage status and priority of support tickets
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
Professional Services Solution Support has only a single level of operation where all inquiries will be answered within 24 hours during the Monday - Friday working days.
Support available to third parties

Onboarding and offboarding

Getting started
Full user guides available, welcome product calls plus paid-for integration assistance available
Service documentation
Documentation formats
End-of-contract data extraction
Data is not held by Experian therefore data extraction is not necessary
End-of-contract process
At the end of the contract, the Buyer shall cease to use all Licensed Materials and Licensed Programs

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
Compatible operating systems
Designed for use on mobile devices
Service interface
What users can and can't do using the API
Full service functionality provided via Batch Web Service API, Match API or Unify API
API documentation
API documentation formats
API sandbox or test environment
Customisation available
Description of customisation
Clients can pick which plugin they would like to attach to Jukebox. One or more of the following:
Batch Web Service


Independence of resources
Full load balancing, multiple data centres


Service usage metrics
Metrics types
Usage metrics are partially available across software suite. the describe usage levels, click balance and service availability
Reporting types
API access


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance

Asset protection

Knowledge of data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Protecting data at rest
Physical access control, complying with another standard
Data sanitisation process
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
Data is not required to be imported by the Buyer to Experian's platform therefore data export is not required
Data export formats
  • CSV
  • Other
Other data export formats
  • Flat File
  • CSV
  • ODBC
Data import formats
  • CSV
  • Other
Other data import formats
  • Flat File
  • ODBC
  • CSV

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Other
Other protection between networks
To be installed on a client environment, hence the client has to make the connection secure between server(s).
Data protection within supplier network
Other protection within supplier network
Not Relevant, this is a hosted solution on client's end.

Availability and resilience

Guaranteed availability
We guarantee 99.9% service availability which is all pending on the environment setup of the hosted solution on client's end. Bear in mind, this has to follow Experian's recommendations by going through Install + Config / Training services as well as accreditation to guarantee the 99.9% availability.
Approach to resilience
N/A in house setup. Service restarts after a failover.
Outage reporting

Identity and authentication

User authentication needed
User authentication
Other user authentication
Secure token as this is installed on client's environment.
Access restrictions in management interfaces and support channels
N/A - Client has the ability to restrict access pending on their own infrastructure setup between different IT teams.
Access restriction testing frequency
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
No audit information available
Access to supplier activity audit information
No audit information available
How long system logs are stored for

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
DNV GL Business Assurance Ltd
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Who accredited the PCI DSS certification
PCI DSS accreditation date
What the PCI DSS doesn’t cover
Other security certifications
Any other security certifications
Cyber Essentials

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance approach
The product is transferred via FTP to the client's environment. The client is responsible for the security of it's infrastructure setup where Jukebox will be installed on.
Information security policies and processes
Experian have a comprehensive global security policy based on the ISO27001 standard which covers: Organisation and Management, information security, asset classification, physical and environmental security, communications and operations management, system access, systems development and maintenance, compliance, personnel and provisioning, business continuity management, third party management. The policy is owned by Experian's executive risk management committee which is an executive level body, and which assumes ultimate responsibility for Experian's risk position. Information security is a key component of the risk management framework. Experian management supports security through leadership statements, actions and endorsement of the security policy and implementing/improving the controls specified in the policy. The policy is available to all Experian employees and contractors on the intranet. Changes to the policy are announced on the company's intranet computer based information security and data protection training, and this is repeated on at least an annual basis. Compliance to policy is overseen by internal audit.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Experian have a change management policy which is underpinned by processes and procedures based on ITIL best practice. This is a mature process. We use a service management tool that integrates change management, incident management, problem management, configuration management and knowledge management. Our change management policy, processes, and procedures are regularly audited by independent auditors. Formal risk analysis is employed using an approved information risk analysis phase for developments/changes. Security requirements for the system are identified and continue to be considered throughout the life of the product.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
The incident management process incorporates a number of participants and contributors, including: Global Security Office - who facilitate and coordinate activities under the business security coordinator's guidance; Business Security Coordinator - a representative of the impacted business area, responsible for coordinating resolution activities; Incident Response Team (IRT) - IRT is made up of a membership that are empowered to make key decisions surrounding the actions to be taken to reduce impact, control actions, and impose corrective activities. A client report would be created, including: high level overview; facts; overview of events; actions taken.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks


£12500 per licence per year
Discount for educational organisations
Free trial available

Service documents

Return to top ↑