Mastercard

GeoInsights - geographic spend data and geographic spend insights

The Mastercard GeoInsights platform delivers spend insights and data trends. This helps policy makers understand and assess customer journey and support. Provided across macro and micro-geographies over extensive periods of time up to the present and across various industries, it supplies a view into the micro-economics of an area

Features

  • Location planning based on sales, ticket size, accounts, and growth
  • Flexible timeframes, with daily, weekly or monthly data available
  • Performance benchmarking across multiple industries with granular data analytics

Benefits

  • Area performance analysis by comprehensive transaction data and industry research
  • Customer journey mapping with spend analysis from defined geographic locations
  • Demographic profile analysis and origins of regional spend

Pricing

£35,000.00 a licence a year

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at josh.berle@mastercard.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

4 6 4 7 9 7 0 0 8 5 6 4 9 4 1

Contact

Mastercard Josh Berle
Telephone: +44 2075575057
Email: josh.berle@mastercard.com

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
Service support is during normal office hours only i.e. Monday - Friday 0900-1700. Scheduled outages and maintenance will be communicated to clients no less than 48 hours beforehand. These tend not to occur more than once every six months and last for no more than three hours.
System requirements
Ability for receipt of datasets by email, API or SFTP

User support

Email or online ticketing support
Email or online ticketing
Support response times
Service support is during normal office hours only i.e. Monday -Friday 0900-1700. Responses will be provided via email within 48 hours.
User can manage status and priority of support tickets
No
Phone support
No
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Standard arrangements are for 48 hours response times on service questions, initial training, and data delivery on a monthly, quarterly or annual basis.
Support available to third parties
No

Onboarding and offboarding

Getting started
On-boarding is a simple process. Mastercard will agree with the client where the dataset should be sent to, and delivery is undertaken against the agreed cadence. Delivery channel is via email, API or SFTP, subject to the client’s preference.

This process can be completed within five working days and is led by our product team with support from your account manager. It will normally include a kick off meeting to set out what the client can expect in terms of deliverables and support. The dataset is very easy to use and understand.

In addition, each client has a right to two hours training with the Mastercard’s product team
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Clients have a right to their data even following contract termination. The service consists of data provision on a regular basis and this can be kept within the customer's domain even once the service has lapsed. Clients can extract data from whichever means they put in place to store it following contract end.
End-of-contract process
At contract end, new datasets will no longer be delivered and support will no longer be available for data already provided.

Using the service

Web browser interface
No
Application to install
No
Designed for use on mobile devices
No
Service interface
No
User support accessibility
None or don’t know
API
Yes
What users can and can't do using the API
The API is straightforward and simple in that it allows for direct access and download of the dataset in CSV format.
API documentation
Yes
API documentation formats
  • PDF
  • Other
API sandbox or test environment
No
Customisation available
No

Scaling

Independence of resources
Our service is already scaled to global levels of demand

Analytics

Service usage metrics
No

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations
No
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least every 6 months
Penetration testing approach
In-house
Protecting data at rest
Other
Other data at rest protection approach
Data centres are fully air-gapped and accessible only to authorised personnel. For users working remote from office locations, VPN access is mandatory. Further detail is available upon request however is limited due to the sensitive nature of the assets and infrastructure we must safeguard.
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
Data is delivered within CSV file format so export is not relevant to this service
Data export formats
CSV
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
Other
Other protection between networks
We can deliver via password protected email, API or SFTP, to the client's preference
Data protection within supplier network
Other
Other protection within supplier network
Data will be protected in transit when delivered via password protected email, API or SFTP, to the client's preference

Availability and resilience

Guaranteed availability
Standard arrangements are for 48 hours response times on service questions, initial training, and data delivery on a monthly, quarterly or annual basis.
Approach to resilience
Available on request
Outage reporting
Information will be provided to clients by email prior to any planned service outage and on a reasonable endeavours basis if unplanned. Planned maintenance on average denies service for three hours every six months.

Identity and authentication

User authentication needed
No
Access restrictions in management interfaces and support channels
This is not relevant to this service
Access restriction testing frequency
At least once a year
Management access authentication
Other
Description of management access authentication
We are happy to agree an appropriate delivery mechanism with each client. Usual access is via password protected email, or API or SFTP.

Audit information for users

Access to user activity audit information
No audit information available
Access to supplier activity audit information
No audit information available
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
Yes
Who accredited the PCI DSS certification
Accredited by payment regulators across multiple territories we operate in
PCI DSS accreditation date
01/01/2022
What the PCI DSS doesn’t cover
Mastercard is fully accredited against PCI DSS requirements across the territories we operate in around the world.
Cyber essentials
No
Cyber essentials plus
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
Other
Other security governance standards
– Center for Internet Security (CIS) Critical Security Controls for Effective Cyber Defense (CIS Controls)
– American National Standards Institute/International Society of Automation (ANSI/ISA)-62443-2-1 (99.02.01)-2009
– International Organization for Standardization (ISO)/International
Electrotechnical Commission (IEC) 27001
– NIST Special Publication (SP) 800-53 Rev. 4 - NIST SP 800-53
Information security policies and processes
– Center for Internet Security (CIS) Critical Security Controls for Effective Cyber Defense (CIS Controls)
– American National Standards Institute/International Society of Automation(ANSI/ISA)-62443-2-1 (99.02.01)-2009
– International Organization for Standardization (ISO)/International
Electrotechnical Commission (IEC) 27001
– NIST Special Publication (SP) 800-53 Rev. 4 - NIST SP 800-53

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Change Control and Configuration Management will include a registered take back plan, a testing process, management approval, and updated documentation, in line with PCI DSS guidelines for the payment industry. More detail is available on request
Vulnerability management type
Undisclosed
Vulnerability management approach
Some limited further detail is available upon request but because of the sensitive nature of the business Mastercard conducts in the payment sphere we are not at liberty to provide detail publicly.
Protective monitoring type
Undisclosed
Protective monitoring approach
Some limited further detail is available upon request but because of the sensitive nature of the business Mastercard conducts in the payment sphere we are not at liberty to provide detail publicly.
Incident management type
Undisclosed
Incident management approach
Some limited further detail is available upon request but because of the sensitive nature of the business Mastercard conducts in the payment sphere we are not at liberty to provide detail publicly.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Social Value

Fighting climate change

Fighting climate change

Mastercard have committed to create a more sustainable and inclusive digital economy, with a pledge to reach net zero emissions by 2050.

This goal builds upon our existing Greenhouse Gas (GHG) commitments that align with the Business Ambition for 1.5°C pledge. As we fulfil this contract, Mastercard will work towards its SBTi-approved goal to reduce total Scope 1 and 2 emissions by 38% and Scope 3 emissions by 20% by 2025 from a 2016 baseline.

These targets reflect a long-term commitment by the company to monitor and implement best practices to reduce emissions across the business, drive operational energy efficiency, and further engage suppliers in value chain decarbonization. Progress already made towards these goals includes achieving 100% renewable electricity in 2020, reinforced by a commitment to RE100.

Mastercard is also mobilizing its technology, expertise, and trusted global partnerships network to lead on collective climate action, through innovative initiatives such as the Greener Payments Partnership and the Priceless Planet Coalition which respectively aim to reduce the carbon footprint of the payments cycle and harness the power of our network to invest in tree planting and forest restoration. The latter will aim to plant 100 million trees by 2025.
Covid-19 recovery

Covid-19 recovery

Mastercard products and services are being used every day to understand the strength of the retail recovery in the high street, both amongst private organisations and public sector agencies with responsibility for town centres and wider economic performance.

Key data users are local business improvement districts. Mastercard prepaid economic stimulus cards have been issued in Northern Ireland, Jersey and across various municipalities across the UK to boost high street spending. Meanwhile our tourism data is being used by DMOs to understand how domestic tourism has supplanted international travel whilst borders have been disrupted by the pandemic.

Mastercard recently launch its Strive UK programme aimed at providing support to small businesses who might be struggling to recover following the pandemic.
Tackling economic inequality

Tackling economic inequality

Mastercard is at the hub of movement to develop financial technology with a social purpose, and we support new fintech propositions that are seeking to push back the boundaries that stand in the way of access to financial services.

We take a firm stand on the theme of financial inclusion, whereby we will work as a priority with partners to ensure the digital economy, the ability to save and the ability to borrow are as widely available as possible. Indeed, such growth is an existential requirement for Mastercard, hence it is a business imperative we work in this way.

During the execution of this contract, Mastercard will offer training to women and girls on digital financial services, support to hard pressed SMEs impacted by the pandemic, and collaboration with and direct financial support to local fintech start ups across the UK to enable better access to good quality financial services for certain excluded communities.
Equal opportunity

Equal opportunity

Mastercard follows many elements of best practice in the UK, including the following:

- appropriate channels for effective voices, such as trade union recognition

-investment in workforce development

- no inappropriate use of zero hours contracts

- action to tackle the gender pay gap and create a more diverse and inclusive workplace providing fair pay for workers (for example, payment of the real Living Wage)

- offer flexible and family friendly working practices for all workers from day one of employment oppose the use of fire and rehire practices across its supply chain

- effort to ensure the development of innovative technologies and methods to modernise delivery and increase productivity

- ensuring all employees and contractors have equal access to organisational learning and continuous improvement such as apprenticeships

- rigorous training and support in respect of minimising exposure to cyber risks including phishing and spoofing.
Wellbeing

Wellbeing

We are committed to supporting our diverse and inclusive workforce across the globe.

As part of that commitment, we offer generous benefit programs that are designed using global standards to ensure the financial, emotional, and medical safety of all our employees and their loved ones.

We offer best-in-class benefits and programs to support the wellbeing of our employees, including quarterly meeting-free days; learning opportunities for leaders to manage their hybrid workforces; flexibility to work away from the office, and resources focused on mental and physical wellbeing.

Mastercard is clear about the impact of these actions in that we have consistently maintained a high rating on Glass Door for employee satisfaction and regularly poll highly on national favoured places to work surveys.

Pricing

Price
£35,000.00 a licence a year
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at josh.berle@mastercard.com. Tell them what format you need. It will help if you say what assistive technology you use.