Mastercard

Mastercard Tourism Insights Platform (MTI)

The Mastercard Tourism insights platform uniquely combines & displays multiple sources of data (Behaviour, Airline Booking, Spend, sustainability) for robust and actionable insights into the travel lifecycle, to optimise tourism management & marketing for a Destination Marketing Organisation (DMO) or any tourism related organism or administration.

Features

• Webplatform providing aggregated and anonymised crossborder spend insights
• Data mined from Mastercard, social media, pricing and booking data
• AI machine learning algorithms to translate behavioural patterns into insights
• Customised dashboard views according to local needs
• Spend insights by national, regional or city level
• Accurate, timely data updated monthly from multiple sources
• Modular pricing to fit any budget
• Behavioural patterns analysis
• Data delivered in a report format or a platform
• Actionable insights on sustainability & Benchmark

Benefits

• Map tourists journeys with views of spend
• Benchmark tourist journeys & spend with any competitor destination
• Make smarter investments and marketing campaigns by analysing trends
• Access multiple data sources through a single platform or report
• Extract insights to identify and attract the greatest value travellers
• Identify the trends affecting you and your destination competitors
• Get data based inputs to enhance visitor experience
• Manage seasonal & in-journey traffic to optimise required investment
• Identify needed changes to happen given strategy, segments and preferences
• Make sure tourism benefits local businesses and SMEs

£6,000 a licence a month

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at nabeel.irshad@mastercard.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

292192338413741

Contact

Nabeel Irshad
44 786 6165 112
nabeel.irshad@mastercard.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: Mastercard will support the Platform through regular maintenance procedures, such as monitoring of servers, review of disk space usage and database fragmentation, addition of commercially available security patches and upgrades, and review of event log files. Mastercard may update a Platform from time to time in its sole discretion as part of its ongoing mission to improve such Platform.
• System requirements:
  • Ability for receipt of datasets by email, API or SFTP
  • Internet connection

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Service support is during regular UK office hours only i.e. Mon-Fri 0900-1700. Responses are within 48 hours.
• User can manage status and priority of support tickets: No
• Phone support: No
• Web chat support: No
• Onsite support: No
• Support levels: Customers will be assigned an account manager for onward queries and service management. They will agree regular service updates at which provision can be reviewed to ensure the service is meeting the customers’ needs.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: A signed SOW and completed order form are required for delivery to be scheduled. On receipt of a newly signed contract for data delivery, the Mastercard delivery team will onboard the new customer and set up the training sessions, in accordance with the customer's preference
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Customers have a right to extract past data even following contract termination (downloads directly from the platform)
• End-of-contract process: At contract end, datasets will no longer be delivered and support will no longer be available for data already provided

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: User defines report type and the data to be shown. User modifies the parameters and runs the macro (clicking a button) to update the report.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • PDF
• API sandbox or test environment: No
• Customisation available: No

Scaling

• Independence of resources: Our service is already scaled to global levels of demand

Analytics

• Service usage metrics: Yes
• Metrics types: Insights on tourist spending patterns, insights on tourists sentiment (social networks), insights on booking (flights)
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest: Other
• Other data at rest protection approach: Data centres are fully air-gapped and accessible only to authorised personnel. For users working remote from office locations, VPN access is mandatory. Further detail is available upon request however is limited due to the sensitive nature of the assets and infrastructure we must safeguard.
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Data is delivered within CSV file format so export should be straightforward
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • Other
• Other protection between networks: The platform has several layers of security to protect the data and ensure that it is only accessible to authorised users-; - Access: using a unique user ID and password.; - Data: fully aggregated and anonymised.; - Transmission: fully encrypted.; - Storage: secured behind firewall.; More details can be provided on demand.
• Data protection within supplier network: Other
• Other protection within supplier network: We can deliver via password protected email, API or SFTP, to the customer's preference

Availability and resilience

• Guaranteed availability: This service does not have a guaranteed availability level but has suffered no unplanned outages in the past two years of operation. Refunds to be agreed by the account manager with the customer.
• Approach to resilience: Available on request
• Outage reporting: Information will be provided to customers prior to any planned service outage and on a reasonable endeavours basis if unplanned. Planned maintenance on average denies service for three hours every six months.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: This is not relevant to this service
• Access restriction testing frequency: At least once a year
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: We are accredited by payment regulators across the world
• PCI DSS accreditation date: 01/01/2024
• What the PCI DSS doesn’t cover: Mastercard is fully accredited against PCI DSS requirements across the multiple territories in which we operate around the world.
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: – Center for Internet Security (CIS) Critical Security Controls for Effective Cyber Defense (CIS Controls).; – American National Standards Institute/International Society of Automation (ANSI/ISA)-62443-2-1 (99.02.01)-2009.; – International Organisation for Standardisation (ISO)/International; Electrotechnical Commission (IEC) 27001.; – NIST Special Publication (SP) 800-53 Rev. 4 - NIST SP 800-53.
• Information security policies and processes: – Center for Internet Security (CIS) Critical Security Controls for Effective Cyber Defense (CIS Controls).; – American National Standards Institute/International Society of Automation (ANSI/ISA)-62443-2-1 (99.02.01)-2009.; – International Organisation for Standardisation (ISO)/International; Electrotechnical Commission (IEC) 27001.; – NIST Special Publication (SP) 800-53 Rev. 4 - NIST SP 800-53.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Change Control and Configuration Management will include a registered take back plan, a testing process, management approval, and updated documentation, in line with PCI DSS guidelines for the payment industry. More detail is available on request
• Vulnerability management type: Undisclosed
• Vulnerability management approach: Some limited further detail is available upon request but because of the sensitive nature of the business Mastercard conducts in the payment sphere we are not at liberty to provide detail publicly.
• Protective monitoring type: Undisclosed
• Protective monitoring approach: Some limited further detail is available upon request but because of the sensitive nature of the business Mastercard conducts in the payment sphere we are not at liberty to provide detail publicly.
• Incident management type: Undisclosed
• Incident management approach: Some limited further detail is available upon request but because of the sensitive nature of the business Mastercard conducts in the payment sphere we are not at liberty to provide detail publicly.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Mastercard is a global technology company in the payments industry. We are acutely aware of our carbon footprint. Hence we have committed to create a more sustainable and inclusive digital economy, with a pledge to reach net zero emissions by 2050. ; This goal builds upon our existing Greenhouse Gas (GHG) commitments that align with the Business Ambition for 1.5°C pledge. The first in the payments industry to gain Science Based Targets initiative (SBTi) approval for its GHG goals, Mastercard is currently working towards its SBTi-approved goal to reduce total Scope 1 and 2 emissions by 38% and Scope 3 emissions by 20% by 2025 from a 2016 baseline. ; These targets reflect a long-term commitment by the company to monitor and implement best practices to reduce emissions across the business, drive operational energy efficiency, and further engage suppliers in value chain decarbonisation. Progress already made towards these goals includes achieving 100% renewable electricity in 2020, reinforced by a commitment to RE100. ; Mastercard is also mobilising its technology, expertise, and trusted global partnerships network to lead on collective climate action, through innovative initiatives such as the Greener Payments Partnership and the Priceless Planet Coalition.

  Covid-19 recovery

  We’re building on our response to COVID-19 with a commitment to bring one billion people into the digital economy by 2025 – including 50 million small businesses and a direct focus on 25 million women entrepreneurs – expanding on the 500 million we’ve connected over the past 5 years.; On any average day, our network is helping you get the most out of daily activities, whether it’s buying a gift or stocking up on groceries; helping a small business get paid; or using data-powered insights to help businesses and governments make critical decisions. And, at the heart of all of that, we strive to make every transaction safe, simple, smart and accessible.; That continues in today’s uncertain world. That same technology is there to send money to friends and family or to access credit for medical care. Our network is the cornerstone to these activities. And, even in the face of this unprecedented event, our operations continue as normal.; We are working to support communities hit hard by COVID-19, matching employee donations to relief efforts and contributing to funds like the China Women's Development Foundation and local food banks in the U.S. Our employees are making an impact in their local communities, and we are helping them match their unique skills to volunteer opportunities that focus on health, human services and small business initiatives.

  Tackling economic inequality

  Our focus is on connecting people and businesses to achieve financial security, providing workers with the tools they need to thrive in a rapidly changing landscape, ensuring that economic development is inclusive and building up the field of data science for social impact. We recognise bringing more people into the digital economy strengthens the systems, empowers its users and leads to inclusive growth. That’s why we’re doubling down on our original global financial inclusion commitment to bring a total of 1 billion people into the digital financial system by 2025.; ; In Europe, Mastercard is also focused on supporting customers in engaging people in doing well by doing good, which has proved to be effective, sustainable and powerful. Maximising the transformative power of school meals, especially for girls, helps communities in need to thrive and prosper. Since 2012, Mastercard Europe has contributed 104 million school meals by collecting donations on our donations platform.

  Equal opportunity

  Mastercard has been on an inclusion journey for many years. While we’ve made great strides, we remain dedicated to expanding our efforts to create a diverse and inclusive culture where the best people choose to be.; Here are some of the ways we’re building a culture of Inclusion and Belonging at Mastercard, in our communities and in our world:; We are committed to gender equity and the principle of equal pay for equal work.; We are dedicated to recruiting and developing female leaders, and we have increased the representation of women in our workforce and in leadership positions.; We offer our employees compensation and benefits to support their entire experience both personally and professionally.; We work to provide a safe and healthy workplace that enables employees to achieve their full potential.; Meanwhile, in respect of employee relations, Mastercard follows many elements of best practice in the UK, including the following:; • appropriate channels for effective voice, such as trade union recognition,; • investment in workforce development,; • no inappropriate use of zero hours contracts,; • action to tackle the gender pay gap and create a more diverse and inclusive workplace,; • providing fair pay for workers (for example, payment of the real Living Wage),; • offer flexible and family friendly working practices for all workers from day one of employment,; • oppose the use of fire and rehire practices,

  Wellbeing

  During the nearly 18 months of constant anxiety, stress and fatigue, the pandemic has affected everyone in unimaginable ways. For millions, the line between work and life has been blurred, and there should be no shame in admitting that our wellbeing sometimes suffers.; Even before the pandemic, wellbeing was a priority for Mastercard. Once the lockdown hit, Mastercard recognised that keeping the workforce happy and healthy was a key priority, so we implemented meeting-free days to combat Zoom fatigue, shorter summer hours on Fridays and global benefits including COVID leave for employees to recover from the disease and to care for others.; The company also launched Live Well, an app that helps employees keep track of their physical health, and partnered with Thrive Global, Arianna Huffington's behaviour change platform, which helps users achieve wellbeing through a combination of data, stories and suggestions.

Pricing

• Price: £6,000 a licence a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at nabeel.irshad@mastercard.com. Tell them what format you need. It will help if you say what assistive technology you use.