Skip to main content

Help us improve the Digital Marketplace - send your feedback

Gaiasoft International Limited

Citizen ID

Suitable for health records. Proven at 50m+ user scale. CitizenID, a biometric enrollment for a 12-digit Unique Identification Number (UIN) that links to bank accounts aid financial inclusion, seamless Direct Benefits Transfer (DBT), Digital signatures, document storage, and multi-factor authentication ensure security. Piloting, monitoring, and continuous improvement drive nationwide rollout.

Features

  • Integrated universal banking with unique citizenID linkage
  • Credit scores based on citizenID data
  • Payments enabled directly via cell phones
  • Custom social benefits linked to citizen profiles
  • CitizenID streamlines tax and fine collection
  • Secure digital storage for critical documents
  • Digital access to government services and employment
  • Link health services to citizenID and track for capacity building
  • Biometrics-enabled voting via cell phones
  • CitizenID aids in monitoring government efficiency

Benefits

  • Enhancing financial accessibility for all citizens
  • Facilitating fair access to credit
  • Simplifing transactions, enhances payment convenience
  • Delivering targeted, effective social support
  • Increasing efficiency in revenue collections
  • Ensuring data integrity, security, consent to use
  • Reducing bureaucracy, improving service delivery
  • Streamling insurance claims and health services
  • New channels to promote electoral participation and convenience
  • Enhancing accountability and transparency in governance

Pricing

£24,985 to £84,985 a unit

  • Education pricing available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at morel.fourman@gaiasoft.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

5 6 1 3 3 2 4 4 9 4 6 2 6 2 5

Contact

Gaiasoft International Limited Morel Fourman
Telephone: 02076924035
Email: morel.fourman@gaiasoft.com

Service scope

Software add-on or extension
No
Cloud deployment model
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
Service constraints
CitizenID offers comprehensive solutions for identity management and citizen services. It represents a specialized system crafted to meet the distinct needs of government agencies and organizations engaged in citizen identification and service provisioning. Consequently, for potential implementations, one must recognize that CitizenID necessitates tailored initial setup and implementation according to their specific requirements of the country. This implies that customization, integration, and maintenance processes may differ country to country, depending on needs and infrastructure.
System requirements
  • Hardware Servers sizing based on rollout plans
  • Windows Licences
  • Biometric Devices
  • Firewall & Switches
  • Backup and Recovery mechanisms for data integrity and availability

User support

Email or online ticketing support
Email or online ticketing
Support response times
We have a Service Level Agreement based ticketing support.

Priority 1 tickets are responded to within 4 hours
Priority 2 tickets are responded to within 6 hours
Priority 3 tickets are responded to within 8 hours
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AAA
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
1 Chatbot & FAQ Access: Our web chat features an intelligent chatbot equipped with a comprehensive FAQ module. Users can query this system for instant information about navigating and utilizing the platform. However, the chatbot is limited to providing information available in its database and cannot offer personalized medical advice. We can provide support for WhatsApp for business as on-demand integration.
2. Human Assistance: If the query exceeds the chatbot’s capabilities or requires personal interaction, the chatbot is designed to triage and seamlessly escalate the issue by connecting the user to a human agent. This ensures that complex concerns are addressed with a personal touch.
3. Ticketing Option: For issues that require further investigation or are not immediately resolvable, users have the option to open a support ticket directly through the chatbot. This feature is intended for non-urgent queries and users will receive a follow-up response based on the order the tickets were received.
Web chat accessibility testing
NA
Onsite support
Yes, at extra cost
Support levels
We provide onsite training, installation, program build, program operate and program transfer support, if required
Support available to third parties
Yes

Onboarding and offboarding

Getting started
We have multiple modes of training:
a) Onsite training in the form of "Train the Trainer" and provide them with adequate resources to train the rest of the staff.
b) Self Service through our Knowledge Base which has training videos on how to use the application.
c) Regular monthly training as a part of the monthly calendar to train new staff. (This is available on a chargeable basis.)
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
The data can be exported in Excel / CSV formats.
End-of-contract process
Off-boarding is carried out by our Service Management team and transition, termination and service closure can be determined upon request.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Mobile, iPad and tablets are compatible
Service interface
Yes
User support accessibility
None or don’t know
Description of service interface
The service accessible through the web interface with most browsers available in the market
Accessibility standards
None or don’t know
Description of accessibility
No
Accessibility testing
No
API
Yes
What users can and can't do using the API
1. API Authentication: Users need to authenticate using their API key and token to interact securely with our APIs.
2. Create Requests: To set up a new service or resource in our application, users can make a POST request to the appropriate endpoint.
3. Documentation and Endpoints: Documentation available to customers on request providing available endpoints and required parameters for setting up different services.
4. Update Requests: Changes to existing resources can be made through PUT requests.
5. Batch Updates: For bulk changes, we may support batch requests to update multiple records at once, depending on the specific needs and the API's capabilities.
--Limitations--
1. Rate Limits: We impose rate limits to ensure fair usage and server stability. Exceeding these limits may result in temporary blocks.
2. Permission and Roles: Users must have the appropriate permissions and roles assigned to perform certain actions through the API.
3. Data Validation: The API enforces data validation rules. Any attempt to send invalid data (e.g., incorrect data types or missing required fields) will result in errors.
4. Complex Transactions: Some complex business processes may require multiple API calls or are not fully exposed via the API, necessitating alternative methods or manual intervention.
API documentation
Yes
API documentation formats
PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
We offer customizations to develop new functionalities and features based on the business requirements document shared with us by the client. The assessments for implementations are provided after detailed requirements are received and accepted. Such customizations are chargeable hourly at agreed rates as mentioned in the contract.

Scaling

Independence of resources
1. Resource Isolation: Separating physical servers or employ virtualization technologies to isolate resources at the hardware or virtual machine level.

2. Load Balancing: Distributing incoming service requests evenly across multiple servers, preventing any single server from becoming a bottleneck.

3. Prioritization of Resources: Assign priority levels to different types of traffic and manage bandwidth allocation accordingly to ensure critical applications always have the necessary resources.

4. Rate Limiting: Implement rate limiting to control the amount of resources a single user or operation can consume, thus preventing overuse.

5. Performance Monitoring and Management

6. Redundancy and Failover Systems

7. Clear SLAs

Analytics

Service usage metrics
Yes
Metrics types
Service usage metrics for CitizenID include user enrollment and authentication rates, biometric enrollment completion, transaction volume, system availability, error rates, and user satisfaction scores. Additionally, tracking average transaction processing time, biometric match accuracy, and system response time is essential. Metrics also encompass enrollment center throughput, document verification rates, security incidents, and system downtime. Analyzing user demographics, usage patterns, and accessibility metrics provides valuable insights. Integration metrics gauge interoperability, while cost-effectiveness assesses implementation and operational expenses versus benefits.
Reporting types
Regular reports

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
1. Understanding the Data Requirements
2. Preparing for Export
3. Choosing the Export Method
4. Performing the Export
5. Post-Export Processing
Data export formats
  • CSV
  • Other
Other data export formats
MS Excel
Data import formats
  • CSV
  • Other
Other data import formats
MS Excel

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
SLA of 99.9% is based on those AWS currently provides for the underpinning services. Due to the rapidly evolving nature of AWS’s product offerings, SLAs are best reviewed directly on our website via the links below:
• Amazon EC2 SLA: http://aws.amazon.com/ec2-sla/
• Amazon S3 SLA: http://aws.amazon.com/s3-sla
• Amazon CloudFront SLA: http://aws.amazon.com/cloudfront/sla/
• Amazon Route 53 SLA: http://aws.amazon.com/route53/sla/ • Amazon RDS SLA: http://aws.amazon.com/rds-sla/ • AWS Shield Advanced SLA: https://aws.amazon.com/shield/sla/ Well-architected solutions on AWS that leverage AWS Service SLA’s and unique AWS capabilities such as multiple Availability Zones, can ease the burden of achieving specific SLA requirements.
Approach to resilience
At least every 6 months
Outage reporting
Email alerts

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
The measures implemented to manage and restrict access can be divided into six sub-categories:
1) Physical Access Control
2) Logical Access Control 3) Access Administration
4) Authentication and Authorisation
5) Data Access Control
6) Data Transfer.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Indraprastha SystemCert Private Limited
ISO/IEC 27001 accreditation date
06/05/2024
What the ISO/IEC 27001 doesn’t cover
The Registered Scope is as follows: Information Security Management systems applicable to tools & platforms for Healthcare, Animal Science, Citizen ID, Epigenetic, Information & Cyber Security, Net Zero, Climate Change Adaptation, Mitigation, Agriculture, Forestry, Renewables, Carbon Credits, Nature, Biodiversity & Social Impact Credits, Energy, Oil & Gas, Performance Management, Delivery Units, Monitoring & Evaluation, Reporting & Learning from above location.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
No
Cyber essentials plus
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
We follow the following processes:
1. Policy Development: Clearly defined objectives for information security, based on risk assessments and business requirements. Regularly review and update these policies to adapt to new threats and changes in our business environments.
2. Human Resources Security: We conduct basic pre-employment checks and ongoing security and awareness training.
3. Access Control: Managed access rights based on the principle of least privilege, regularly reviewing and adjusting these rights as necessary.
4. Physical and Environmental Security: Maintaining secure physical access to information systems and protecting against environmental hazards.
5. Operations and Communications Security: Implemented measures to protect against malware, ensure secure network services, and manage secure data handling and transmissions.
6. Incident Management: Maintain an incident response plan, including mechanisms for reporting and analysing breaches.

Our Information Security Officer or Manager oversee the ISMS and report directly to top management. A dedicated security team or committee supports ongoing compliance and reporting.

We conduct regular internal and external audits to ensure adherence to policies. Regular reviews with top management assess the effectiveness of the ISMS. Violations of policies are met with clear, predefined consequences, enhancing compliance and accountability.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Conforms to ISO20000-1 & ISO27001
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Conforms to ISO27001
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Conforms to ISO27001
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Conforms to ISO20000-1 & ISO27001

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Tackling economic inequality

1. Financial Inclusion: Use CitizenID to facilitate access to banking services and financial literacy programs, empowering marginalized communities to participate in the formal economy.
2. Direct Benefits Transfer (DBT): Implement DBT schemes linked to CitizenID to ensure targeted delivery of subsidies, welfare benefits, and financial assistance to those in need.
3. Skill Development: Utilize CitizenID data for targeted skill development programs, enabling individuals to acquire relevant skills for employment and entrepreneurship opportunities.
4. Job Matching: Leverage CitizenID to match job seekers with suitable employment opportunities based on their skills, qualifications, and preferences, reducing unemployment and underemployment.
5. Access to Government Services: Streamline access to government services such as healthcare, education, and social welfare through CitizenID, ensuring equitable distribution and utilization of public resources.
6. Asset Management: Use CitizenID to promote asset ownership among marginalized communities, such as land tenure rights and property ownership, fostering wealth creation and economic stability.
7. Monitoring and Evaluation: Continuously monitor and evaluate the impact of CitizenID initiatives on economic inequality, adjusting policies and interventions based on data-driven insights.
Public-Private Partnerships: Collaborate with private sector entities to leverage CitizenID for inclusive economic growth initiatives, such as microfinance, small business support, and supply chain integration for marginalized producers.

Equal opportunity

1. Universal Access: Ensure all citizens have access to CitizenID enrollment centers, regardless of location or socio-economic status, to prevent exclusion.
2. Education and Awareness: Conduct campaigns to educate citizens about the importance of CitizenID and how it can provide equal access to opportunities, including workshops and community outreach programs.
3. Affordable Enrollment: Offer subsidized or free enrollment for disadvantaged groups to remove financial barriers to obtaining CitizenID.
4. Digital Inclusion: Ensure CitizenID services are accessible through multiple channels, including online platforms and mobile applications, to accommodate citizens with varying levels of digital literacy.
5. Non-Discrimination: Implement strict policies and regulations to prevent discrimination based on race, gender, religion, or any other characteristic during CitizenID enrollment and usage.
6. Access to Government Services: Ensure that CitizenID enables equal access to government services, including healthcare, education, and social welfare, without discrimination or bias.
7. Monitoring and Accountability: Regularly monitor CitizenID usage and outcomes to identify and address any disparities or barriers to equal opportunity, and hold accountable those responsible for ensuring equitable access.

Wellbeing

1. Access to Healthcare: CitizenID can streamline access to healthcare services, including medical records management, appointment scheduling, and telemedicine, ensuring timely and quality healthcare for all citizens.
2. Social Welfare Programs: Use CitizenID to efficiently deliver social welfare programs such as food assistance, housing support, and unemployment benefits, targeting those in need and reducing administrative burden.
3. Environmental Wellbeing: Promote environmental sustainability and wellbeing through CitizenID initiatives, such as carbon footprint tracking, environmental education, and community conservation efforts.
4. Safety and Security: Enhance safety and security for citizens through CitizenID-enabled emergency response systems, crime reporting platforms, and neighbourhood watch programs.

Pricing

Price
£24,985 to £84,985 a unit
Discount for educational organisations
Yes
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at morel.fourman@gaiasoft.com. Tell them what format you need. It will help if you say what assistive technology you use.