HCLTech Biometric nominal check/ finger-print service solution
Nominal check biometric/finger-print service, integrated with Home Office BSG (Biometric Service Gateway) and performs a search in IDENT1 (UK national criminal biometrics system) and IABS (Immigration Asylum Biometric Database) fingerprint system. Based on Service Oriented Architecture (SOA) principles it enables officers to identify nominals, criminals and wanted suspects, etc.
Features
- Search nominal using fingerprint
- Searches across IDENT1 and IABS fingerprints collection
- Retrieve nominal references from IDENT1 and IABS systems
- Future proof - scalable and robust
- In depth auditing and logging
- Security compliance
- Multi-tenanted and Service Oriented
- Device and platform agnostic
- Comprehensive management dashboards
Benefits
- Retrieve nominal details from IDENT1 and IABS systems on handset
- Access to real time information at point of decision
- Saves time not returning to station/custody to establish identity
- May identify those trying to escape investigation
- Increase police visibility out of station
- Fewer arrests required to establish the identity
- Innocent parties dealt with quickly and less inconvenience
Pricing
£33.40 to £66.80 a unit
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
5 2 9 9 6 0 8 8 7 4 9 7 9 0 0
Contact
HCL Technologies UK LImited
Paul Montgomery
Telephone: +44 (0) 20 7105 8600
Email: CCSFrameworks@hcl.com
Service scope
- Software add-on or extension
- Yes, but can also be used as a standalone service
- What software services is the service an extension to
- Not Applicable
- Cloud deployment model
- Private cloud
- Service constraints
- None
- System requirements
-
- Webserver with Windows Server 2012 R2, IIS and 16GB RAM
- Hosting of web services and web interfaces of the application
- Application Server with Windows Server 2012 R2 with 16GB RAM
- Hosting of integration service components
- Database machines with Windows Server 2012 R2 to host databases
- Active directory and certificate authority servers
- To form domain and generate certificates for secure data communication
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
During business hours:
Severity 1 = 1 hour
Severity 2 = 2 hours
Severity 3 = 1 working day
Severity 4 = 2 working days - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Onsite support
- Support levels
- Level 3 - Software Support
- Support available to third parties
- No
Onboarding and offboarding
- Getting started
- Super User training sessions
- Service documentation
- Yes
- Documentation formats
-
- Other
- Other documentation formats
- Word
- End-of-contract data extraction
- The database is moved to the client's network and complete access to data is provided with a service interface.
- End-of-contract process
- The service is switched off completely, so as to avoid any misuse. Also the customer is provided with access to all the customer data.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Application to install
- Yes
- Compatible operating systems
-
- Android
- IOS
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- This service is designed to work on a mobile phone. Dashboard reporting is available on desktop computers.
- Service interface
- No
- User support accessibility
- None or don’t know
- API
- Yes
- What users can and can't do using the API
- Only enrolled users can access the service from the mobile application. The web service is accessible only from a mobile interface. The exposed service is accessible via proxy.
- API documentation
- Yes
- API documentation formats
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- Customers can pick and choose the functions they want. Also the business logic within those functions is fully customisable.
Scaling
- Independence of resources
- The scaling of the hosted service is performed based on the total number of users and peak time concurrency level. Each hosted virtual machine is configured to handle 350 concurrent user requests.
Analytics
- Service usage metrics
- Yes
- Metrics types
- Transaction history report, performance report, exception report, login logout report, offline report, geo fencing report
- Reporting types
- Real-time dashboards
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
-
- Physical access control, complying with another standard
- Encryption of all physical media
- Other
- Other data at rest protection approach
- The storage is protected with persistent key and encrypted further by strong encryption key (AES 256) format.
- Data sanitisation process
- No
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
- The user can export data by selecting the export function on the dashboard reports of the Admin application.
- Data export formats
-
- CSV
- Other
- Other data export formats
- Data import formats
-
- CSV
- Other
- Other data import formats
- XLS and XLSX
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Other
- Other protection between networks
- By associating the hosted web service withan SSL (Secure Sockets Layer) certificate. Also, the service is accessed over HTTPS protocol and data is encrypted by using AES 256 bit encryption, before transmitting over the air.
- Data protection within supplier network
- Other
- Other protection within supplier network
- Data within the network travels in binary format. Each request or response data is associated with a security token.
Availability and resilience
- Guaranteed availability
- 99.9%
- Approach to resilience
- The hosting site is physically divided into two sites. Each physical site contains an exact replica of servers and acts as failover of the other site. Data synchronisation happens via the "Always On" feature of the MS SQL Server.
- Outage reporting
- Monitoring tools (Microsoft SCOM) are configured to monitor hosted services and virtual machines. Disk coverage and capacity related configurations are performed to raise the alarm to mitigate any failure. An email is sent by the monitoring tool to all stakeholders before any failure happens. Transaction logs are maintained to generate a report on defined intervals.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- Public key authentication (including by TLS client certificate)
- Other
- Other user authentication
-
"1. User login is authenticated against the Mobile device IMEI and user email ID stored in the database.
2. On successful authentication, a security token is generated and returned back to the mobile application.
3. Each transaction is associated with the security token.
4. The security token session is maintained in the HCL Biometric database for a defined time period. " - Access restrictions in management interfaces and support channels
-
1. Each user is provided with an access role. The access to the system functionalities are directly linked with the access role permissions.
2. When the user logs into the application, only allowed functionalities are visible to the user. - Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- Username or password
- Other
- Description of management access authentication
- Users that are provided with Admin access are also authenticated against the HCLTech Biometric database. On successful login the security token is generated and maintained through out the session. The Biometric database maintains the authentication related entities.
Audit information for users
- Access to user activity audit information
- You control when users can access audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- You control when users can access audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- Bureau Veritas
- ISO/IEC 27001 accreditation date
- 21/06/2023
- What the ISO/IEC 27001 doesn’t cover
- Not Applicable
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- Yes
- Who accredited the PCI DSS certification
- Not Known
- PCI DSS accreditation date
- Not Known
- What the PCI DSS doesn’t cover
- Not Known
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- Yes
- Any other security certifications
-
- CISSP / CISM / CCSK (Various Employees)
- ISO 9001:2008 - Quality Management
- ISO/IEC 20000-1:2011 - Service Management
- ISO 14001 - Environmental Management
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
-
- ISO/IEC 27001
- Other
- Other security governance standards
-
ISO 9001:2008 - Quality Management
ISO/IEC 20000-1:2011 - Service Management
ISO 14001 - Environmental Management
ISO 27001 - Security Management
Cyber Essentials
Cyber Essentials Plus - Information security policies and processes
- HCLTech has adopted ISO/ IEC 27001: 2013 standard for ensuring protection from a variety of threats and minimizing the business damage in its endeavor to provide Mobile Application implementation and support services. HCLTech is also Cyber Essentials and Cyber Essentials Plus certified.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
Configuration Management tracks the IT environment.
A repository maintains all versions of individual work products to help/permit developers to revert to previous versions during testing and debugging.
Dependency tracking and change management covers relationships between enterprise entities and processes, parts of an application design, design components and the enterprise information architecture, design elements and other work products.
HCLTech tracks all the requirements, design and construction components and deliverables that result from a requirements specification.
An audit trail is maintained about when, why and by whom changes are made, with source information of changes as specific objects in the repository. - Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
Vulnerability management focusses on finding weakness that can be exploited. HCLTech performs quarterly and/or annual vulnerability scans to get a snapshot at that point in time. Regular scanning ensures new vulnerabilities are detected in a timely manner and are fixed before they occur. The HCLTech vulnerability management process consists of the following phases:
1. Preparation
2. Vulnerability scan
3. Define remediating actions
4. Implement remediating actions
5. Rescan. - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- Not Applicable
- Incident management type
- Supplier-defined controls
- Incident management approach
-
Incident management is designed with a goal to restore a normal service operation as quickly as possible and to minimise the impact on business operations. The incident management process follows these steps:
1. Incident identification and logging by the customer
2. Incident categorisation and prioritisation by the customer
3. HCLTech works on the incident response performing diagnosis and investigation followed by resolution and bringing the incident to closure
4. Corrective and preventive action are taken to avoid repeat or similar incident in future.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- Yes
- Connected networks
-
- Public Services Network (PSN)
- Police National Network (PNN)
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Covid-19 recovery
- Tackling economic inequality
- Equal opportunity
- Wellbeing
Fighting climate change
At HCL Technologies, we believe that we have got accountability to the future, as well as an imperative role to play in addressing global challenges, such as climate change and environmental sustainability.
HCLTech commits itself to confronting these challenges by assuming a leadership role in fostering a sustainable environment and responding appropriately to the risk posed by environmental degradation.
HCLTech will strive to achieve excellence in environmental management by:
• Integrating environmental considerations into our all areas of operations, considering our environmental risks, responsibilities and organisational capability
• Meeting all environmental compliance obligations applicable to the organisation
• Reducing our ecological footprint through optimised utilisation of natural resources, including land, water and by ensuring the responsible use of energy throughout our operations, including conserving energy, improving energy efficiency and giving preference to renewable over non-renewable energy wherever feasible
• Introducing more sustainable and green procurement approaches
• Preventing pollution and minimising all types of waste, including e-Waste by adopting a Reduce-Reuse-Recycle-Recovery philosophy
• Being an environmentally responsible neighbour in the community where we operate, and correct incidents or conditions that endanger the environment
• By committing ourselves to open and constructive engagement with communities surrounding our operations on environmental matters
• Providing a framework for setting and reviewing environmental objectives and targets
• Continually improving and learning from our efforts in working towards environmental sustainability
• Monitoring and reporting our environmental performance to key stakeholders
• Ensuring that environmental policy is communicated to all the concerned persons working for or on behalf of the organisation, to make them aware of their environmental responsibilities
• By making our environmental policy available to all stakeholders, including public on demand
• Maintaining appropriate controls, including periodic review of environmental policy, to ensure its applicability and relevance to the changing scenarios and stakeholder’s expectations.Covid-19 recovery
The outbreak of the COVID-19 pandemic and its ruinous effect on lives and livelihoods has been unprecedented in modern times. HCLTech has used its position as a global IT company to mitigate the effects where possible, supporting our clients to continue operating in these difficult times and providing help to those affected. We have developed rapid solutions to support our customers in returning to work during the pandemic with examples ranging for PPE stock management, workforce social-distancing solutions and the deployment of remote working technology.
Our HCLTech Foundation is a focal point for global programmes and has coordinated our support for COVID-19 affected communities.
As a result of the pandemic there have been many industries that have been heavily impacted economically and many job losses have been caused as government support is reduced, companies going into administration and many freelance/ self-employed prospects have simply disappeared.
Some of the people displaced by the pandemic will have transferable skills and just need limited support in cross-training.
We offer a number of opportunities to help semi-skilled staff enter the IT services world. Schemes such as our ‘Consultant in Training’ programme where staff are taken on and have a mix of formal training and on the job mentoring to give them the skills to continue on this path. The formal training can result in recognised qualifications, such as technology or project management certifications. Many alumni of this programme are taken on by HCLTech as the first rung on their new career ladder.
With regard to the less skilled people left stranded by the Coronavirus outbreak we provide targeted help in a similar way to how we support disadvantaged individuals.
We will work with our customers to understand the impact of COVID-19 and develop CSR plans to support these at a local level.Tackling economic inequality
HCLTech is committed to Corporate and Social Responsibility (CSR) to help equality/diversity, the economy, health/wellbeing and local communities. For local economies/communities, HCLTech creates and maintains positive industry partnerships, engaged employees (including a focus on staff behaviours) and a diverse workforce, working collaboratively to make work a great experience for all.
In the UK, HCLTech works in partnership with the Prince’s Trust to maximise our CSR activities relating to how technology can make a positive difference to the lives of people and organisations worldwide. We have developed an education programme called “Get Started with Technology” to upskill disadvantaged youth across the country.
In the UK, HCLTech runs a CIT (Consultant in Training) programme every year, whereby we hire fresh graduates with no prior corporate experience in the UK and train them on relevant technologies, then employ and mentor them to be Consultants. This has been run in conjunction with Manchester Business School and we are looking to expand this programme to include the other Higher Education establishments.
We are mindful of our role to play in of supporting local businesses and generating additional economic development through our engagements. As such, we consider using local suppliers to meet requirements that we cannot fulfil ourselves. As an example, a significant proportion of the initial User Experience and Design work for new Manchester United app was undertaken by Manchester based Small/Medium sized Enterprises (SMEs).
HCLTech runs innovation labs, collaborating through global Hackathons or developing patents for new and emerging technologies. We share this knowledge via events and Webinars, as well as providing access to thought leadership in the guise of our Chief Information Officer (CIO) Council. Recent events have covered such diverse topics as Blockchain, Robotic Process Automation (RPA), Cognitive Systems and Artificial Intelligence (AI) and Internet of Things (IoT).Equal opportunity
HCLTech focusses on creating/sustaining a nurturing environment for all employees, irrespective of backgrounds, gender, nationality, culture, ethnicity, age or differing abilities of individuals.
Gender parity and inclusion at all levels of the hierarchy is our top priority, with a special focus given to increasing the representation of women leaders at key leadership positions. The female employee ratio is a crucial metric that is reported and reviewed quarterly in the company board meetings. All our recruitment teams carry a target on gender hiring and all our job specifications have been reviewed to make them gender neutral.
HCLTech is committed to Corporate and Social Responsibility (CSR) to help equality & diversity, the economy, health & wellbeing and local communities. We have initiatives running to support, nurture, develop and celebrate the successes of disadvantaged communities or individuals. We endeavour to make a positive impact in the lives of people within the communities we operate in.
For local economies/communities, HCLTech creates and maintains positive industry partnerships, engaged employees (including a focus on staff behaviours) and a diverse workforce, working collaboratively to make work a great experience for all.
The company implements and maintains a management system that sets targets to monitor and continually improve our social performance across the company. Also, we comply with all relevant legislative and regulatory requirements relating to be a responsible business, including, but not limited to, the Modern Slavery Act, the Equality Act, the Public Services Act and the Living Wage Act.
To propagate an inclusive culture at HCLTech, a virtual Inclusion Lab model has been designed in consultation with business and HR stakeholders. The objective was to design a systemic, top down approach where each leader was sensitised and given the necessary skillset, mindset and toolset to actively demonstrate and promote inclusive behaviours.Wellbeing
HCLTech is committed to employee overall wellbeing through.
Physical/Occupational
•Ergonomics Training; Employees have access to e-Learning based ergonomics training.
•Chiropractor consultations; Organised at the workplace to advise employees on correct sitting posture.
•Virtual General Practitioner; This allows employees to seek an appointment and follow ups with a GP to discuss medical issues.
•Gym Flex/Cycle to Work; This benefit allows employees to seek attractive discounts on gym memberships and purchase a bicycle.
•Health Check-ups; We organise for basic health check-ups, like Body Mass Index (BMI), glucose and cholesterol screening at the workplace for all our employees.
•Preventive Healthcare; Webinar on smoking cessation and good nutrition.
Mental/Emotional
•Employee Assistance Programme; Free, confidential counselling services available for employees and their families in the local language on areas of emotional health, family issues, financial and legal guidance and other work and personal matters.
•Wellbeing Webinars; Monthly workshops facilitated by clinical psychologists around various topics to have a better understanding on mental health issues and practical tips on how to deal with them.
•Mental Health Awareness; Campaign to create awareness on mental health, breaking stereotypes and proactive ways for employees to become more self-aware, mentally resilient and emotionally secure.
•Mindfulness and Yoga Workshops; To help employees overcome stress, anxiety and increase resilience and emotional intelligence, while improving communication.
Financial
•HCLTech Discount Scheme/Perks at Work; Employees and family access to avail attractive discount schemes on over 3,000 products
•Financial Wellbeing Workshop; To help employees understand the various financial instruments to enable them to make the right decision on investments, pension decisions and future savings.
Emotional/Psychological
•Chat sessions, culture and festive celebrations; This helps to bring various teams to interact and come together to create a livelier environment at the workplace.
•Part time and Flexi Working Policies to help people effectively manage their work life balance.
Pricing
- Price
- £33.40 to £66.80 a unit
- Discount for educational organisations
- No
- Free trial available
- No