Swiftly Transitime: Real Time Passenger Predictions and Rider Alerts

Service scope

Software add-on or extension: Yes, but can also be used as a standalone service
What software services is the service an extension to: Swiftly’s Products are offered for purchase on a modular basis across three product lines: Transitime, Insights, and Metronome. Transitime gives riders the best in vehicle tracking, precise and accurate arrival predictions, providing timely and accurate real-time rider alerts. All module functionality and API access are included with the module license.
Cloud deployment model: Private cloud
Service constraints: The Swiftly system is the only hardware agnostic dynamic management tool that is fully interoperable through standard APIs. Swiftly’s operator-facing software is designed to work on commercially available hardware, and on most makes and models, for maximum flexibility. Swiftly reserves the right to perform regularly scheduled maintenance of the platform during the hours of 8:00am to 12:00pm (Greenwich Mean Time) (“Scheduled Downtime”). Swiftly may schedule additional Scheduled Downtimes outside of the standing scheduled maintenance window by providing notification to the agency at least three business days in advance.
System requirements: There are no system requirements.

User support

Email or online ticketing support: Email or online ticketing
Support response times: Swiftly reserves the right to perform regularly scheduled maintenance of the platform during the hours of 8:00am to 12:00pm (GMT) (“Scheduled Downtime”). Swiftly maintains a standing scheduled maintenance window of 8:00am to 10:00am (GMT) every weekday morning. Swiftly may schedule additional Scheduled Downtimes outside of the standing scheduled maintenance window by providing notification to the agency at least three business days in advance; this notification will be provided via the agreed upon Communication Protocol to designated support representatives.

Swiftly does not provide live web chat support. However, we do provide email support with a 1-business day-response Service Level Agreement.
User can manage status and priority of support tickets: No
Phone support: Yes
Phone support availability: 24 hours, 7 days a week
Web chat support: No
Onsite support: No
Support levels: Swiftly provides a support system that has been reviewed by our customers as industry-leading, with a Net Promoter Score (NPS) that is consistently above 65 (deemed “excellent”), reflecting confidence in Swiftly’s quality of service. Swiftly’s high-quality support system involves a combination of telephone, email, and Zoom video conference communication, and comes at no additional cost. Additionally, during the product implementation period, there will be regularly scheduled check-in calls between agency staff and the project manager, which will be held weekly to update and communicate the progress of implementation.
Additionally, each of the new features and modules we develop is based on deep and detailed consultation with our transit agency partners. This partnership, and the feedback that agencies like yours can offer at each stage in the process, are essential to our understanding of what to build next and how best to solve challenges for transit agencies.
Please see the Software Service Definition document for a description of our support levels.
Support available to third parties: Yes

Onboarding and offboarding

Getting started: Swiftly prides itself on providing an intuitive, easy-to-use design that makes training a valuable addition, but not a required part of each user’s onboarding. Training is conducted by our team of highly experienced Customer Success staff and will be led and coordinated by the designated Implementation Manager. We provide a variety of training resources:
One-on-one and group trainings conducted via video conference, with live screen sharing, on user’s own computers
Presentation-style trainings via video conference to large groups
Ad hoc training support for new or returning users on an ongoing basis
Project or objective-based trainings for specific users or teams based on their needs
Recorded video trainings that can be shared or hosted internally
Lastly, the Swiftly Dashboard contains a Help Center resource library, with dozens of how-to and FAQ articles, as well as instructional videos.
We highly recommend training for internal “trainers” and staff who will be supporting other users, including responses to common issues that may arise. Training and on-site sessions will be coordinated and led by the Implementation and Customer Success Managers, assisted by other members of the Swiftly team.
Service documentation: Yes
Documentation formats: PDF

Other
Other documentation formats: User and training guides are provided via Google Slides

User and training guides are provided via pdfs via Zendesk.
End-of-contract data extraction: Clients may export their data as a CSV file prior to the contract end date.
End-of-contract process: At the end of the contract, Swiftly will remove account and API access for all individuals to the buyer's data on Swiftly. From that point forward, the buyer will no longer be able to access any of Swiftly's products, unless a special arrangement is agreed upon (at additional cost). Swiftly will also conduct an "exit interview" with the buyer to gather feedback and input about why the buyer chose not to renew the contract.

Using the service

Web browser interface: Yes
Supported browsers: Microsoft Edge

Firefox

Chrome

Safari
Application to install: No
Designed for use on mobile devices: Yes
Differences between the mobile and desktop service: The Swiftly dashboard, through which these modules are accessed, is a web-based platform that can be accessed on any modern browser (Chrome, Firefox, Safari, Microsoft Edge, etc) via desktop or mobile device.
Service interface: Yes
User support accessibility: None or don’t know
Description of service interface: Swiftly Dashboard contains a Help Center resource library, with dozens of how-to and FAQ articles, as well as instructional videos. This Help Center is provided via Zendesk.
Accessibility standards: WCAG 2.1 AA or EN 301 549
Accessibility testing: Swiftly prides itself on providing an intuitive, easy-to-use design that makes training a valuable addition, but not a required part of each user’s onboarding. Training is included as part of Swiftly’s software licence. Training is conducted by our team of highly experienced Customer Success staff and will be led and coordinated by the designated Implementation Manager. We provide a variety of training resources:
One-on-one and group trainings conducted via video conference, with live screen sharing, on users’ own computers.
Presentation-style trainings via video conference to large groups.
Ad hoc training support for new or returning users on an ongoing basis.
Project or objective-based trainings for specific users or teams based on their needs.
Recorded video trainings that can be shared or hosted internally.
Lastly, the Swiftly Dashboard contains a Help Center resource library, with dozens of how-to and FAQ articles, as well as instructional videos.
Swiftly's user Help Desk is provided via Zendesk. Zendesk provides the VPAT, or Voluntary Product Accessibility Template, which documents an audit of the system interface relative to WCAG 2.1 AA.
API: Yes
What users can and can't do using the API: Swiftly provides an introductory API guide overview, plus documentation for the Swiftly API, the ability to test your API key, and provides testing capabilities. The heart of the API Guide lives in the Reference section within the dashboard, which has in-depth documentation of all of our API options. The Reference section also provides testing widgets to make sure you know what information you will output from an API call. Swiftly's API Guide provides details on your API access. This is where you'll find your agency key, your API key, your API call limit, and the API calls you have permission to make. This is purely informative and gives you a high-level overview of your API access and permissions.

Reports may be exported via our APIs or through a CSV download. For each module, a cloud-based user interface, CSV downloads, and API export capabilities are included with the cost of the module.
API documentation: Yes
API documentation formats: Other
API sandbox or test environment: Yes
Customisation available: No

Scaling

Independence of resources: Swiftly's system allocates dedicated capacity for each customer's data processing to minimize resource contention between customers, and it uses a multi-tenant, auto-scaling design for data delivery services to ensure scalability under increasing load.

Analytics

Service usage metrics: Yes
Metrics types: Swiftly can provide service metrics such as: system uptime, data source quality reports, software usage and engagement within the buyer's organization, and prediction accuracy metrics.
Reporting types: API access

Real-time dashboards

Reports on request

Resellers

Supplier type: Not a reseller

Staff security

Staff security clearance: Staff screening not performed
Government security clearance: Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations: Yes
Data storage and processing locations: Other locations
User control over data storage and processing locations: No
Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency: Never
Protecting data at rest: Physical access control, complying with CSA CCM v3.0

Physical access control, complying with SSAE-16 / ISAE 3402

Encryption of all physical media
Data sanitisation process: Yes
Data sanitisation type: Explicit overwriting of storage before reallocation

Deleted data can’t be directly accessed
Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach: Data can be exported directly through the dashboard or through Swiftly's API.
Data export formats: CSV
Data import formats: CSV

Data-in-transit protection

Data protection between buyer and supplier networks: TLS (version 1.2 or above)

Legacy SSL and TLS (under version 1.2)
Data protection within supplier network: TLS (version 1.2 or above)

Other
Other protection within supplier network: Swiftly protects data between its cloud networks using TLS 1.2 or greater encryption. Some data within cloud networks is encrypted in transit, while all private systems and networks are protected using routing rules, virtual firewall rules, and identity & access control to prevent external access to private networks and data.

Availability and resilience

Guaranteed availability: A fuller description of Swiflty's SLA can be found in the Services Description document. Company provides customer access to the platform twenty-four hours a day, seven days a week (24x7) with a Monthly Uptime Percentage (defined below) of at least 99.9%. “Monthly Uptime Percentage” will be calculated as follows: the number of minutes the Services are accessible and not suffering from a Service Outage as reported to Company by Customer during each calendar month, divided by the total number of minutes in the calendar month. If Customer fails to report a Service Outage within five (5) days of the occurrence of such Service Outage, Customer shall not be entitled to any Service Credit for such Service Outage. For purposes of this Agreement, “Service Outage” means any event that renders the Services unavailable to Customer, other than Scheduled Downtime or Excluded Downtime. A Monthly Uptime Percentage of 99.9% means that we guarantee you will experience no more than 43 minutes and 49.7 seconds per month of Service Outage.
Approach to resilience: Swiftly's data delivery services are designed with a cloud-native architecture that auto-scales based on increasing load and auto-heals by automatically replacing failing hosts. Built-in caching for common requests reduces load on backend systems used to fetch data. More detailed information about Swiftly's resilient architecture is available upon request.
Outage reporting: Swiftly's service status is available at the following location, where clients can register for automatic email alerts if downtime is reported:
https://status.goswift.ly/

Identity and authentication

User authentication needed: Yes
User authentication: Username or password
Access restrictions in management interfaces and support channels: Swiftly's dashboard has a built-in permissioning system to only allow a subset of users access to management interfaces. Access to Swiftly’s data infrastructure and servers is allowed only for necessary Swiftly employees and requires VPN access protected by multi-factor authentication (MFA) on top of secure server access keys.
Access restriction testing frequency: At least once a year
Management access authentication: Username or password

Audit information for users

Access to user activity audit information: Users contact the support team to get audit information
How long user audit data is stored for: At least 12 months
Access to supplier activity audit information: Users contact the support team to get audit information
How long supplier audit data is stored for: At least 12 months
How long system logs are stored for: At least 12 months

Standards and certifications

ISO/IEC 27001 certification: No
ISO 28000:2007 certification: No
CSA STAR certification: No
PCI certification: No
Cyber essentials: Yes
Cyber essentials plus: No
Other security certifications: No

Security governance

Named board-level person responsible for service security: Yes
Security governance certified: No
Security governance approach: Swiftly performs an annual internal risk analysis review of its systems to identify potential vulnerabilities and build a threat model. The team factors in information from AWS Foundational Security Best Practices and CIS AWS Foundations Benchmark system scans to develop the model and uses the scans to confirm vulnerability remediation. Although reliability and system uptime are always risk factors, the Swiftly system accounts for these risks in a variety of ways, including complete redundancy, and automated updates and alerts.
Information security policies and processes: Swiftly maintains the following Information Security Policies:
Acceptable use of computer equipment.
Clean desk policy to protect data.
Data classification policy to ensure proper protections of sensitive data.
Email policy.
Password policy to ensure proper protection of accounts.
Remote work policy to protect infrastructure and data when accessed remotely.

Additionally, Swiftly maintains policies for acceptable encryption, change control, secrets management, web application security, and server security that are applied in the development of Swiftly's products. A security incident response plan is maintained and reviewed yearly to ensure preparedness in handling a security breach.

Operational security

Configuration and change management standard: Supplier-defined controls
Configuration and change management approach: Swiftly uses the following processes for change management:
A source control system storing software source code and customer configuration.
Code reviews for every change to configuration, software, and infrastructure, to ensure correctness of each change and consideration for security impact.
Automation of testing and deployment processes to guarantee reliability.
Ability to release changes to customers separately from deployment of software.
Vulnerability management type: Supplier-defined controls
Vulnerability management approach: Swiftly uses third-party tools to assess vulnerabilities in its systems. Detection of potential threats are reviewed by the Swiftly team with patches applied as appropriate.
Protective monitoring type: Supplier-defined controls
Protective monitoring approach: Swiftly uses an industry standard web application firewall to detect and proactively block suspicious traffic. Additionally, all system configuration actions are logged. If a potential compromise of the system is detected, Swiftly will respond immediately by notifying personnel on-call for security incidents. Those individuals will follow Swiftly's security incident response plan to isolate the potential breach and perform an analysis to determine if systems and/or data were breached and if there is an ongoing threat.
Incident management type: Supplier-defined controls
Incident management approach: Swiftly performs an annual internal risk analysis review of its systems to identify potential vulnerabilities and build a threat model.
Swiftly maintains an incident response plan with pre-defined playbooks for the most likely forms of incidents. It aims to restore system availability as quickly as possible, followed by an investigation into the root cause with the creation of a postmortem to identify future preventative measures. Most incidents are captured by internal monitoring and automatically notify on-call personnel. Swiftly also provides a method for customers to report critical incidents to our Customer Success team.

Secure development

Approach to secure software development best practice: Supplier-defined process

Public sector networks

Connection to public sector networks: No

Tackling economic inequality: Tackling economic inequality

Swiftly is Cyber Essentials certified and is committed to maintaining technical standards and best practices detailed by the National Cyber Security Center (NCSC).
Equal opportunity: Equal opportunity

Swiftly strongly promotes equal opportunity and purpose-driven management within our own operations. We do this to ensure equity and inclusion for all so that we can realise the Swiftly purpose to make the world more sustainable by building trust in society through innovation.
The equal opportunity commitments we make include:
Diversity & Inclusion
Compliance with Laws and Regulations
Swiftly has spent over $30,000 in the past year with diverse and small business suppliers. Swiftly aims to embed diversity and inclusion in its operations through encouraging its existing supplier base to embed supplier diversity and inclusion within their business; increasing opportunities for a more diverse range of suppliers which provide Swiftly with goods and services; and promoting engagement with social enterprises within its business. Through these actions, Swiftly is actively supporting traditionally underrepresented businesses and the employment of people in regions with entrenched disadvantages.
Swiftly also has a flexible working policy that enables our people to work from most locations, enabling people who live in regional areas to have the same access to opportunity as those in cities, where possible.

Pricing

Price: £7,588 a transaction
Discount for educational organisations: No
Free trial available: No

Swiftly Transitime: Real Time Passenger Predictions and Rider Alerts

Features

Benefits

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Pricing

Service documents

Cookies on Digital Marketplace

Swiftly Transitime: Real Time Passenger Predictions and Rider Alerts

Features

Benefits

Pricing

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Social Value

Pricing

Service documents