ABCSys
ABC is an Artificial Intelligence platform providing real-time monitoring and management of a vast number of information sources (streams), detection of irregularities, detection of fraud or theft, flagging of risks, and enforcement of the chain of command & approval processes.
Features
- Connection to corporate databases
- Real-time monitoring of multiple data sources
- Pattern detection in data over time
- Real-time detection of irregularities
- Custom dashboards showing data flow and irregularities
- Alerts sent up the chain of command
- Approvals sent down the chain of command
Benefits
- Real-time detection of potential fraud, theft and other irregularities
- Learns automatically from real data flow in the business
- Upholds the chain of command for reporting and approval
- Automatic actions upon detected irregularities if ignored by humans
- Automatic validation and enforcement of data consistency
Pricing
£400,000.00 to £3,000,000.00 a licence a year
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
5 4 3 1 0 1 7 0 1 9 6 5 5 0 2
Contact
BRAINTREE LIMITED
JJ Giwa-Majekodunmi
Telephone: 07887242222
Email: j.giwa@braintree.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
-
- Public cloud
- Private cloud
- Community cloud
- Hybrid cloud
- Service constraints
- N/A
- System requirements
-
- Capacity depends on the size of the company
- Maintenance Plan requires access to Hardware for On-Site Installations
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Level 1 support operates 9-5 Monday through to Friday excluding national holidays, response SLA of 1 hour. Level 2 support operates 24x7, response SLA of 1 hour.
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 A
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- Web chat
- Web chat support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support accessibility standard
- WCAG 2.1 A
- Web chat accessibility testing
- We are using the tools from third party vendors that guarantee conformance to at least WCAG 2.1 A level
- Onsite support
- No
- Support levels
-
Level 1: 9-5 Monday to Friday excluding holidays 2nd level technical support.
Level 2: 24x7 2nd level technical support.
Level 3: 9-5 Monday to Friday excluding holidays end-user technical support.
Level 4: 24x7 end-user technical support. Pricing depends on the number of seats purchased. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
• Kickoff. This step is represented by a series of meetings with the goal of identifying and detailing the customer’s pains to be solved by implementing our solution.
• Integration Points. In this step, we collect the following information: initial list of end users, databases to be integrated with, document storage locations to be integrated with, email system in place, messaging system in place, etc.
• Planning. Here, we meet with the customer to discuss their priorities, and to develop a joint implementation and rollout schedule.
• Initial Download. In this step, we configure access to the customer’s data sources and start the process of fine-tuning of the deployment.
• Training. We provide training to the users, in one or several sessions. Separate training programs are available for the end users and for the customer’s IT department. Full documentation and training videos are provided as well.
• Soft Launch. We launch our solution to a limited number of select users and verify that the system works to their satisfaction. This step includes us making any necessary fine-tuning of the system.
• Full Launch. We make our solution available to the user base. Our tech support is available to answer questions. - Service documentation
- Yes
- Documentation formats
-
- HTML
- Other
- Other documentation formats
- Video
- End-of-contract data extraction
- Individual users have an option of (a) downloading or (b) erasing their data. The organization may control if such options are offered and to whom, vs reassigning the data the the user's immediate manager. At the end of the entire contract, the organization has an option of downloading the data, or having it erased.
- End-of-contract process
- There are no hidden/additional costs upon expiration of the contract, unless there is a custom contractual agreement states otherwise, or unless the there are past due payments. The cost of exporting the data with subsequent deletion of the data, if requested by the customer, is included into the price.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- Mobile version uses a different user interface, optimized specifically for mobile screen sizes and for a potentially lower transmission bandwidth
- Service interface
- Yes
- User support accessibility
- WCAG 2.1 A
- Description of service interface
- The user interface for the service is used in two ways: for fine-tuning configuration of the service, and for displaying alerts and dashboards. Configuration interface is web-based and is optimized for desktop. Alerts and dashboards are available web-based on both desktop and mobile, and also in a form of optional applications for iOS and Android, plus supports notifications via text and email.
- Accessibility standards
- WCAG 2.1 A
- Accessibility testing
- We are using the tools from third party vendors that guarantee conformance to at least WCAG 2.1 A level
- API
- Yes
- What users can and can't do using the API
- All functionality of the application that is available via the user interface, and all data feeds, are available in the form of an RESTful API. The main purpose of the API is to allow system integrators to build custom solutions around our platform. Mainstream installations do nor require any API access
- API documentation
- Yes
- API documentation formats
-
- Open API (also known as Swagger)
- Other
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- Customization is available to the users with special admin privileges. Customization includes integrations with the document and communication systems in place, branding of the UI, security setup including users and roles, and custom dashboards.
Scaling
- Independence of resources
- On-premise installations are physically segregated; installations to the customer's cloud account are segregated by the respective cloud provider; cloud SaaS installations are segregated logically (different databases, different computational nodes).
Analytics
- Service usage metrics
- Yes
- Metrics types
- Activity across all data sources, monitoring track-able activities, alerts and their history and frequency, capacity utilization, system health status
- Reporting types
-
- API access
- Real-time dashboards
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
-
- Physical access control, complying with SSAE-16 / ISAE 3402
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
- Explicit overwriting of storage before reallocation
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- The exportable data is divided into two categories: the user-supplied data (user profiles, configuration, etc) and the automatically learned data by our AI. The user-supplied data is exportable in CSV format. The combination of user-supplied data and AI data is exportable in a proprietary format for backup purposes.
- Data export formats
-
- CSV
- Other
- Other data export formats
- Proprietary format intended for backup/restore purposes only
- Data import formats
-
- CSV
- Other
- Other data import formats
-
- Proprietary format intended for backup/restore purposes only
- XML
- JSON
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
- Our SLA guarantees 99.8% uptime on monthly basis. The buyer is refunded with credits towards future usage. There are three kinds of credits: (1) for failures in range 99.5%-99.8% the credit per each incident received is equivalent of 1 day of operations, (2) for failures in range 99.0%-99.5% the credit received per each incident is equivalent to 3 days of operations, (3) for more serious failures the credit received per each incident is equivalent to 5 days of operations.
- Approach to resilience
- For on-premise installations, we rely on server redundancy and data replication, plus an off-site backup performed by the customer. For cloud-based installations and SaaS, we rely on high availability server-less computing in AWS cloud, on highly scalable and highly available cloud databases (AWS DynamoDB), and on replication across data centers (regions) for ultimate resiliency; continuous backup to AWS S3 for worst case disaster recovery.
- Outage reporting
- Customers are provided with a real time health monitoring dashboard, reflecting the status of their services (health and capacity utilization). Automatic alarms are set for all the critical KPIs. Some of the alarms are consumed internally, but any alarm that has a potential of affecting the end users is escalated via email, text and push notifications to the apps, and is reflected on the dashboards.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Username or password
- Access restrictions in management interfaces and support channels
- Our application supports role-based security. Every user is assigned a combination of roles, which control access to various parts of software. Access rights are checked in the user interface (usually by hiding the unavailable features), on the API level for internal and external clients to prevent access to undesirable server functions, and at the critical execution points within the software. Our security logic is rigorously tested to ensure it has no holes, including penetration testing by independent third party hacking experts.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- No
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
- The CEO of the company is responsible for the security of cloud and SaaS installations. There is a set of policies in place which govern all security aspects of the service. Security risks ae re-assessed no less than every 6 months, and any new discoveries are brought to the board's attention, as well as any security-related risks discovered outside of the recurring assessments. Our software and IT infrastructure are built in full compliance with CSA CM 3.0 and ISO 27001.
- Information security policies and processes
- Security policies are built into the product architecture and into the IT infrastructure, and are audited by an external independent entity every 6 months for compliance. The nominated board representative responsible for security of cloud services is the CEO of the company. For security governance, we follow ISO/IEC 27001 standard. Security and information security are part of our financial and operational risk reporting mechanisms; our board is always kept informed of security and information risk. We employ processes which identify and ensure compliance with applicable legal and regulatory requirements.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- All changes of the source code go through a security code review, independently from engineering quality code review, for the purpose of assessing the security impact. All historical versions of the software's source code are preserved in the version control system, every software deployment is audited by automatic tools on continuous bases. All security fixes to the operating system, third party software libraries, web servers, virtual machines, compilers and run-times are installed within 10 business days from the date the patch is officially released, and deployed within 30 days.
- Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
- We are currently relying on AWS Web Application Firewall service for detection and mitigation of common attack patterns, such as top 10 OWASP security risks, SQL injection, cross-site scripting, DDOS, etc. Threats detected by the Firewall are monitored by our engineers and by AWS personnel, and are stopped before they reach the software. Separately, the software is tested against all known threats as a part of the standard release cycle, or in case of newly discovered vulnerabilities or attack methods.
- Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
- We monitor several sources, such as firewall reports, incident reports from our services, and currently published information on the known exploits. This information is then used as specification requirements to software testing and quality control. The compromises that were automatically prevented are passed to our engineering team. The compromises that affect the stability of the service or the security of the data are passed immediately to the engineering team with the highest priority, and the nature and state of such issues are immediately communicated to the internal responsible parties and customers; continuous updates are delivered as the repairs make progress.
- Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
- Every incident ticket is classified as a specific type, which determins the internal workflow within the company. The three most frequently used workflows are (a) user requires assistance or needs training, (b) service outage, and (c) software malfunction (a "bug"). User-selected priority of the ticket control our internal escalation timelines. End users can report incidents directly from the application's user interface, via email, via chat, or via a phone call. Incidents open by our personnel are shared with the customer in the spirit of full transparency.
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- No
Social Value
- Covid-19 recovery
-
Covid-19 recovery
Braintree have taken a proactive approach in managing the impact of COVID-19 on our employees, their families and within our local community.
To provide additional support, we distributed covid lateral flow tests to our employees and their families and ensured all employees were able to work in a secure environment within our office in addition to promoting working from home for those employees unsure about coming back to the office.
Due to the pandemic, we escalated plans to deliver training for employees and customers online, therefore preventing the need of in person interaction, as our software is browser based, it doesnt require onsite visits to install minimising our effect on the environment.
Our service assists organizations of all sizes predict business, financial, ecological, and other outcomes in a rapidly changing environment. This helps to plot an appropriate response to disruptions in the workforce, supply chain, and customer base caused by Covid-19.
As a B2B service, and as such, we do not directly interact with individual consumers or consumer communities. Our job is to enable businesses and government organizations to provide such support through our software through our primary aim to improve wellbeing and life for users.
Braintree ensured that employees were provided with all the tools (office accessories/ working from home essentials) to make their "home office" environment as comfortable as possible. In addition, Braintree consulted its employees regularly - providing them with up-to-date information of relevant new guidelines throughout the pandemic lockdown, this helped reassured employees of the situation. And, above all, Braintree ensured each staff were fully paid and none were furloughed.
Pricing
- Price
- £400,000.00 to £3,000,000.00 a licence a year
- Discount for educational organisations
- No
- Free trial available
- No