Fujitsu Services Limited

Fujitsu PAYG and Account Based Ticketing

Fujitsu is a leader in smart ticketing across rail, buses, trams and other transport and modes. Our solution provides PAYG ABT back-office services that can scale from a single small operator to city-wide multi-operator, multi-modal scheme. We support a range of travel tokens, pre-pay and post-pay accounts.

Features

• Support for a wide range of travel tokens – barcode/ITSO/EMV.
• Pre-pay (e-purse) and Post-Pay (PAYG) accounts
• Scalable from single operators to large multimodal, multi-operator scheme
• Flexible rolling capping (of any duration) and best value tickets
• An inclusive ABT offer supporting the unbanked and concessionary groups
• Simple rules-based configuration
• Full compliance with rail and bus ticketing standards
• Open APIs for ease of integration
• Cloud hosted for rapid deployment
• Mobility as a Service (MaaS) ready

Benefits

• Simple access for citizens to public transport services
• No purchasing decision to make ahead of travel
• Best value ticketing with rolling caps of any duration
• Fully inclusive of non-banked customers with prepayment account options
• Configuring wide-ranging of concessions and entitlements to increase patronage
• Supports travel tokens from mobile barcodes, ITSO smartcards to EMV
• Fast deployment due to business rule and cloud stored pricing
• Already integrated with Ticketer Bus ETMs
• Protecting revenue through flexible rules to block/unblock services
• Integrate validators, web/apps and information reporting systems with APIs

£0.00 a unit

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at government.frameworks@fujitsu.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

153301824203044

Contact

Sam Skinner
07867829234
government.frameworks@fujitsu.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Our PAYG and ABT solution is built on our Actora transport management platform. It provides a range of services for digital ticketing, customer management and payment services. The platform is integrated with our range of HOPS and CMS solutions providing customers with a modern micro-service approach to transport operations management.
• Cloud deployment model: Public cloud
• Service constraints: N/A
• System requirements: N/A

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Varies depending on support arrangements
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Service and support can be tailored to your requirements. We provide service managers and a range of skilled engineers that work alongside our service desk. Service level agreements are defined and can include 24x7 service cover.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide a range of consultantive and deployment services depending on the customer need/requirements. We provide training and documentation along with a staging environment for testing and experimentation.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
  • Other
• Other documentation formats:
  • Training material in the form of MS Office documents
  • Videos to explain features of the service
• End-of-contract data extraction: Our APIs are available for customers to use to extract data, or we can provide a tailored data dump.
• End-of-contract process: We would hope to extend services in line with ongoing/future requirements. Services can then be tailored and adapted as necessary. If a customer choses to leave and stop using our services we will close the scheme and after a period of time securely remove the data from our service.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The mobile application is designed as a B2C companion app for end customers using the ABT services. It is available on iOS and Android and can be white labelled.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Customers interact with our service through a web portal where a scheme is administered to define business rules, products and mode/service definitions. Customers can also access our service desk through a web interface. All interactions use standard web browsers and are accessible from any internet connected device.
• Accessibility standards: None or don’t know
• Description of accessibility: Industry Standard Web interface
• Accessibility testing: None
• API: Yes
• What users can and can't do using the API: Our customers, and their partners, can access all our back office services via APIs. This can include integration of the PAYG/ABT services into a mobile app or web service for customers, or for reporting puposes.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Customers are given a secured scheme on our platform that can be customised with their own business rules, products, services and usage/payment tokens. Customisation is controlled through the admin features accessed through the web portal.

Scaling

• Independence of resources: Our system is deployed on the Microsoft Azure Cloud using a micro-service architecture. Each service runs on it's own set of virtual machines that can be scaled both in terms is performance and number as demand is placed on them. We also separate the computationally expensive back office features from services that customers interact with.

Analytics

• Service usage metrics: Yes
• Metrics types: Through an API
• Reporting types:
  • API access
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: No
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Our APIs are available for customers to use to extract data, or we can provide a tailored data dump.
• Data export formats: CSV
• Data import formats: Other
• Other data import formats: N/A

Data-in-transit protection

• Data protection between buyer and supplier networks: Other
• Other protection between networks: N/A
• Data protection within supplier network: Other
• Other protection within supplier network: N/A

Availability and resilience

• Guaranteed availability: Our services are designed to be always available with upgrades to the micro-services performed without system outages. Service Level Agreements are available to can be tailored to customers' requirements, which can include refunds/penalties for outages and availability target failures.
• Approach to resilience: Available on request
• Outage reporting: Outages are reported to our service desk and engineers via dashboards and alerts which include email, slack channel updates and text messages.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Access is via the following: ; - Fujitsu issued SSL certificate ; - Fujitsu issued User name and password ; - Support is provided to licenced customers via the Fujitsu Service Desk which operates 7 days per week
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Bureau Veritas
• ISO/IEC 27001 accreditation date: 06/01/2022
• What the ISO/IEC 27001 doesn’t cover: Anything that is not included within the scope of the ISO 27001 certification is not covered.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: The Fujitsu Group places ICT as our core business. Our corporate vision is to contribute to creating a safe, pleasant, networked society, we work to ensure and improve the level of information security throughout the Group.; In April 2016, we established the Fujitsu Group Information Security Policy in order to share this vision and encourage action by each employee. ; ; Complete text of the Fujitsu Group Information Security Policy (Global Security Policy); https://www.fujitsu.com/global/imagesgig5/InformationSecurityPolicy_en.pdf; ; Fujitsu Group appointed a Chief Information Security Officer (CISO) under the authority of the Risk Management and Compliance Committee to further strengthen security measures in the Group. Moreover, in aiming to strengthen our global information security governance we have appointed Regional CISOs around the world.; ; Regional CISOs report to the CISO on information security measures implemented by security teams at each group company. The CISO periodically reports to the Risk Management and Compliance Committee on the status of information security measures, and also makes additional reports whenever necessary.; ; To prevent information leaks, instead of simply informing our employees of the various rules and regulations, it is important to raise the security awareness and skill level of each individual employee. The Fujitsu Group holds information management training for employees.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Fujitsu and the client will record configuration changes on the in-scope devices or; applications via an agreed change control process. Change events include: outage; (network), service infrastructure modification (relating to the client), client; configurations and modifications etc.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Management responsibilities and procedures are in place to ensure a quick, effective, and orderly response to information security incidents.; ; Fujitsu has a hierarchical Information Security Organisation with a documented Incident Response and Forensic Investigation plan.; ; Information security incidents and events are reported through appropriate and defined management channels. All employees, contractors and third-party users of information systems/services are required to note and report any observed or suspected weaknesses in systems/services.; ; Security Incidents are logged on a restricted access platform which generates notification to management team. All incidents are compiled and periodically trend analysed for discussion at the monthly Security meeting.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: The service is monitored using a comprehensive suite of industry leading monitoring tools. All service components and the supporting infrastructure are monitored, any deviations from the standard baseline will generate alerts that are triaged, investigated, and resolved as appropriate. ; A data compromise occurs when there is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to data processed. A data breach is foremost a Security Incident and would be managed in accordance with the defined Security Incident Management process.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Management responsibilities and procedures are in place to ensure a quick, effective, and orderly response to information security incidents.; ; Fujitsu has a hierarchical Information Security Organisation with a documented Incident Response and Forensic Investigation plan.; ; Information security incidents and events are reported through appropriate and defined management channels. All employees, contractors and third-party users of information systems/services are required to note and report any observed or suspected weaknesses in systems/services.; ; Security Incidents are logged on a restricted access platform which generates notification to management team. All incidents are compiled and periodically trend analysed for discussion at the monthly Security meeting.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Fujitsu operates a Dual Delivery approach to Social Value (SV).; ; Our Responsible Business Programme, developed on the principles of the Public Sector (SV Act 2013) delivers our corporate employee and community programme. Running parallel to the corporate programme, we deliver bespoke client-facing SV programmes within each call off contract. Programmes are fully aligned to the requirements of PPN06/20. Using our co-creation process, we undertake local initiatives, jointly developed with clients and partners, that ensure Economic, Social and Environmental benefit to communities.; To align with the theme of Fighting Climate Change with a policy outcome, we co-ordinate our efforts via an environmental action plan, a green procurement policy and a responsible procurement charter. Our initiatives are based on the National TOMs Framework. The 47 metrics of the Fujitsu TOMs have been developed in consultation with the Social Value Portal (SVP). We will use this to manage, monitor, measure, evidence and report on implemented initiatives within G-Cloud 13. At the end of each year, we will provide an independently audited Social Value Report, outlining completed activities, quantifiable SV generated and how each initiative aligns to the SVM policy outcomes.; ; The G-Cloud Service initiatives may include:; ; Developing Environmental Action Plans focusing on societal challenges of climate change, resource circulation and living in harmony with nature.; ; Supporting local School’s Programmes i.e. the UK Trees to supporting biodiversity, environmental education & clean air.; ; Ensuring all projects utilise our secure logistics facility so that all IT assets are re-purposed before recycling or disposal through secure /accredited routes.; ; Continuing the installation of Solar Panels across our or customer sites, enabling self-generating renewable energy.; ; Fujitsu as a member of RE100, promotes global corporate initiatives driving towards 100% renewable energy.; ; Supporting customer efforts to collect information on measures to promote the resource-saving design of products.
• Covid-19 recovery:

  Covid-19 recovery

  Fujitsu operates a Dual Delivery approach to Social Value (SV).; ; Our Responsible Business Programme, developed on the principles of the Public Sector (SV Act 2013) delivers our corporate employee and community programme. Running parallel to the corporate programme, we deliver bespoke client-facing SV programmes within each call off contract. Programmes are fully aligned to the requirements of PPN06/20. Using our co-creation process, we undertake local initiatives, jointly developed with clients and partners, that ensure Economic, Social and Environmental benefit to communities.; To align with the theme of supporting Covid 19 recovery with a policy outcome, we focus on helping our customers, local communities and supporting our staff with the social and economic impacts. Our initiatives are based on the National TOMs Framework. The 47 metrics of the Fujitsu TOMs have been developed in consultation with the Social Value Portal (SVP). We will use this to manage, monitor, measure, evidence and report on implemented initiatives within G-Cloud 13. At the end of each year, we will provide an independently audited Social Value Report, outlining completed activities, quantifiable SV generated and how each initiative aligns to the SVM policy outcomes.; ; The G-Cloud Service initiatives may include:; ; Helping our customers move to a more home-based/mobile service.; ; Support to local communities and helping schools to ensure disadvantaged children are not left behind in terms of access and skills to learn remotely by supplying equipment and training.; ; Our volunteering refocussed on the transfer of digital skills to support schools and the unemployed.; ; Acceleration of our apprentice schemes to support employment initiatives, including tackling skills gaps.; ; Support to enable SMEs/VCSEs to develop in disadvantaged areas through gifting of our apprentice levy.; ; Initiatives such as DASH, Karma Nirvana, Manchester Women’s Aid to support the Home Office Domestic Abuse Charity, provided laptops and technical support.
• Tackling economic inequality:

  Tackling economic inequality

  Fujitsu operates a Dual Delivery approach to Social Value (SV).; ; Our Responsible Business Programme, developed on the principles of the Public Sector (SV Act 2013) delivers our corporate employee and community programme. Running parallel to the corporate programme, we deliver bespoke client-facing SV programmes within each call off contract. Programmes are fully aligned to the requirements of PPN06/20. Using our co-creation process, we undertake local initiatives, jointly developed with clients and partners, that ensure Economic, Social and Environmental benefit to communities.; To align with the theme of Tackling Economic Inequality with a policy outcome, we focus on creating employment and removing any barriers to employment, developing new skills, supporting our supply chain including SMEs and VCSEs. Our initiatives are based on the National TOMs Framework. The 47 metrics of the Fujitsu TOMs have been developed in consultation with the Social Value Portal (SVP). We will use this to manage, monitor, measure, evidence and report on implemented initiatives within G-Cloud 13. At the end of each year, we will provide an independently audited Social Value Report, outlining completed activities, quantifiable SV generated and how each initiative aligns to the SVM policy outcomes.; ; Tackling economic inequality:; ; The G-Cloud Service initiatives may include:; ; Providing employment opportunities for those facing barriers to employment, particularly those located in deprived areas.; ; Working with educational institutions and community groups to provide CV Skills/Mock Interview Workshops and STEM Schools career visits.; ; Creating apprenticeship/graduate opportunities within Fujitsu.; ; Training opportunities, for industries with skills shortages or high growth sectors i.e. Digital skills programmes.; ; Assisting Rock2Recovery helping Armed Forces Veterans and an increasing number of Blue Light staff and their families by providing coaching and support e.g. business advice and their fund-raising activities.; ; Supporting local SMEs/VCSEs with access to learning pathways to develop and learn new skills to enhance their offerings.
• Equal opportunity:

  Equal opportunity

  Fujitsu operates a Dual Delivery approach to Social Value (SV).; ; Our Responsible Business Programme, developed on the principles of the Public Sector (SV Act 2013) delivers our corporate employee and community programme. Running parallel to the corporate programme, we deliver bespoke client-facing SV programmes within each call off contract. Programmes are fully aligned to the requirements of PPN06/20. Using our co-creation process, we undertake local initiatives, jointly developed with clients and partners, that ensure Economic, Social and Environmental benefit to communities.; To align with the theme of Equal Opportunity with a policy outcome, we focus on reducing the disability employment gap, tackling workforce inequality and providing demonstrable value to society. Our initiatives are based on the National TOMs Framework. The 47 metrics of the Fujitsu TOMs have been developed in consultation with the Social Value Portal (SVP). We will use this to manage, monitor, measure, evidence and report on implemented initiatives within G-Cloud 13. At the end of each year, we will provide an independently audited Social Value Report, outlining completed activities, quantifiable SV generated and how each initiative aligns to the SVM policy outcomes.; ; The G-Cloud Service initiatives may include:; ; Our Work Your Way Programme, providing flexible working arrangements to all employees from day one.; ; Comprehensive digital skills training for disadvantaged people e.g. NEETs, minority, gender and ethnic groups, disabled, rehabilitating young offenders, or elderly people.; ; Employee Passport detailing all adjustments to fully supporting employees throughout their career.; ; Mandated accessibility standards are actively considered in Framework contracts throughout the solution/product/service lifecycle.; ; Opening up our supply chain to SMEs to share an ecosystem of alliances, expert partners and academic institutions and charities.; ; We build accessibility into Framework contracts via policies, processes and working environments to comply with legislation.
• Wellbeing:

  Wellbeing

  Fujitsu operates a Dual Delivery approach to Social Value (SV).; ; Our Responsible Business Programme, developed on the principles of the Public Sector (SV Act 2013) delivers our corporate employee and community programme. Running parallel to the corporate programme, we deliver bespoke client-facing SV programmes within each call off contract. Programmes are fully aligned to the requirements of PPN06/20. Using our co-creation process, we undertake local initiatives, jointly developed with clients and partners, that ensure Economic, Social and Environmental benefit to communities.; To align with the theme of Wellbeing with a policy outcome, we focus on the Health and Wellbeing of all our workforce including our supply chain. Our initiatives are based on the National TOMs Framework. The 47 metrics of the Fujitsu TOMs have been developed in consultation with the Social Value Portal (SVP). We will use this to manage, monitor, measure, evidence and report on implemented initiatives within G-Cloud 13. At the end of each year, we will provide an independently audited Social Value Report, outlining completed activities, quantifiable SV generated and how each initiative aligns to the SVM policy outcomes.; The G-Cloud Service initiatives may include:; ; We provide access to Wellbeing Programmes supporting mental and physical health, including:; Employee Assistance Programme; “My Healthy Advantage” app providing content and 121 Live-Chat support;  Mental Health First Aiders; ; Mental Health campaigns for all staff including subcontractors, to create community of acceptance around mental health.; ; Fujitsu and supplier volunteering to support local wellbeing projects initiatives to support older, disabled and vulnerable people to build a stronger community network.; ; Providing specialist skills to support “Creating Better Environments” project – creating a digital platform helping autistic people better navigate environments.; ; The BuddyConnect™ application created by Fujitsu to support neurodiversity and inclusion in the workplace.

Pricing

• Price: £0.00 a unit
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at government.frameworks@fujitsu.com. Tell them what format you need. It will help if you say what assistive technology you use.