Skip to main content

Help us improve the Digital Marketplace - send your feedback

Fujitsu Services Limited

Fujitsu Smart Ticketing Concessionary Portal

The Fujitsu Smart Ticketing Concessionary Portal provides a customer facing website for concessionary bus pass customers to apply, renew and replace their smart concessionary bus pass. It can be fully branded to complement a scheme and is fully responsive for mobile phones.

Features

  • Online new smartcard applications, renewals and replacements
  • UK government ITSO standard capable
  • Simple photo upload function
  • Save and return later application process
  • Tailored styling and branding
  • Payment processing and management (PCI accredited) for replacement
  • Interfaces to Fujitsu Smart Ticketing CMS service mandatory module
  • Remote web access over the internet via a web browser.

Benefits

  • Low total cost of ownership
  • Multi tenanted service platform
  • Manned UK Based ServiceDesk 5 days per week
  • Full hosted managed service
  • Concessionary scheme management and support
  • Central reporting
  • Delivers end user self-serve capability
  • Fujitsu's proven capability in smart management over 25 years.
  • Cloud platform supporting many UK transport schemes
  • Modules Analytics, ITSO HOPS, Remote POST and Account Based Ticketing

Pricing

£0.00 a unit

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at government.frameworks@fujitsu.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

5 6 2 5 4 0 0 3 2 0 4 4 4 2 0

Contact

Fujitsu Services Limited Sam Skinner
Telephone: 07867829234
Email: government.frameworks@fujitsu.com

Service scope

Software add-on or extension
Yes
What software services is the service an extension to
Fujitsu ITSO HOPS
Fujitsu Smart Ticketing CMS
Cloud deployment model
Private cloud
Service constraints
Subject to agreed planned maintenance for new releases and or bug fixes
System requirements
  • Fujitsu require domain owned certificate if hosting using domain-owned URL
  • Integrated Payment Service Provider facility required for online payment
  • Integrated end user verification facility required for new applications

User support

Email or online ticketing support
Email or online ticketing
Support response times
Varies depending on support arrangements.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Yes
Phone support availability
9 to 5 (UK time), 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
The Cloud Concessionary Portal support levels including: -

% Service Level Availability ranging from 99%
Service Desk availability is as follows: -
Mon - Friday 07:00 - 17:30,
Saturday 09:00 - 17:30 and
Sunday 10:00-16:00

Fujitsu also operates an optional 24/7 manned helpdesk which is available at an extra cost which is determined by client requirements.

Access to a Fujitsu Account Manager is available for contracted customers
Support available to third parties
No

Onboarding and offboarding

Getting started
User documentation will be available and onsite training available
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Data can be provided as part of a data extract service and provided in CSV format. This can be applicable to further charge.
End-of-contract process
Provision of a simple data file of customer owned data only.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Chrome
  • Safari
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
N/A
Service interface
No
User support accessibility
WCAG 2.1 AA or EN 301 549
API
Yes
What users can and can't do using the API
Fujitsu Smart Ticketing Concessionry Portal API can be provided as a RESTful and SOAP interface. The use of the API's use will be documented and configured as part of scheme customisation. API use controlled by an Fujitsu interface control document that will define the scope and usage of each API client connecting to the service.
API documentation
Yes
API documentation formats
  • Open API (also known as Swagger)
  • PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
The service can be customised by Fujitsu as follows: -

1. Service configuration to support scheme requirements.
2. Portal branding, colours, text and imagery are tailored to customer needs.
3. Can be hosted using customer owned domain URL

Scaling

Independence of resources
The Cloud Concessionary Portal is a virtual cloud service which can scale to meet customer demand. Fujitsu network monitoring ensures the Cloud Concessionary Portal capacity meets the agreed service capacity needed for the customer.

Analytics

Service usage metrics
Yes
Metrics types
Provided as standard end of month service performance report
Reporting types
Regular reports

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Data will be extracted by the Fujitsu service desk.
Data export formats
CSV
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
The Fujitsu Cloud Concessionary Portal is provided on a 99% service level availability with a service credit regime to compensate for poor performance.
Approach to resilience
The Fujitsu Cloud Concessionary Portal has a secondary (DR) services to provide service resilience in the event of a system disaster.
Outage reporting
The Fujitsu Service Desk will inform customers (by email and phone) directly in the event of an unplanned system outage.

Identity and authentication

User authentication needed
No
Access restrictions in management interfaces and support channels
The Fujitsu Cloud Concessionary Portal is a public facing website therefore restrictions to access is not required.
Access restriction testing frequency
At least every 6 months
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
Between 6 months and 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Bureau Veritas
ISO/IEC 27001 accreditation date
06/01/2022
What the ISO/IEC 27001 doesn’t cover
Anything that is not included within the scope of the ISO 27001 certification is not included.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
Yes
Who accredited the PCI DSS certification
NCC Group
PCI DSS accreditation date
03/11/2021
What the PCI DSS doesn’t cover
Certification covers Fujitsu portals and CMS platforms with integration of Payment Service Provider (PSP) service only, PCI does not cover any other system.
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
ISO 27001
ISO 9001
ISO 14001
PCI V3

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Fujitsu operates its own change management process, reviewed and assessed at a monthly Change Advisory Board (CAB). A change manager plans and tracks the new releases and changes over their lifecycle.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Fujitsu operates a continuous threat assessment process for its business from software security violation monitoring (using Nexus), network vulnerability scanner (using solar winds) and annual pen testing using external security agencies.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Fujitsu operations working closely with infrastructure monitoring and review identified security issues and weaknesses. These are graded against an agreed criticality scale and those items identified as critical are schedule for resolution and owned by head of department. For example identified software security vulnerabilities are automatically scanned, scored and addressed as part of the continuous improvement policies.
Incident management type
Supplier-defined controls
Incident management approach
Fujitsu has established predefined and documented incident management process, the Fujitsu Service Desk is available 7 days per week to enable customer to contact Fujitsu to report an incident. Incident reporting in managed via the incident manager and service desk and depending on the severity of the incident can be as frequent as hourly.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

Fujitsu operates a Dual Delivery approach to Social Value (SV). Our Responsible Business Programme, developed on the principles of the Public Sector (SV Act 2013) delivers our corporate employee and community programme. Running parallel to the corporate programme, we deliver bespoke client-facing SV programmes within each call off contract. Programmes are fully aligned to the requirements of PPN06/20. Using our co-creation process, we undertake both local and national initiatives, jointly developed with clients and partners, that ensure Economic, Social and Environmental benefit to communities.

Covid-19 recovery

Fujitsu operates a Dual Delivery approach to Social Value (SV). Our Responsible Business Programme, developed on the principles of the Public Sector (SV Act 2013) delivers our corporate employee and community programme. Running parallel to the corporate programme, we deliver bespoke client-facing SV programmes within each call off contract. Programmes are fully aligned to the requirements of PPN06/20. Using our co-creation process, we undertake both local and national initiatives, jointly developed with clients and partners, that ensure Economic, Social and Environmental benefit to communities.

Tackling economic inequality

Fujitsu operates a Dual Delivery approach to Social Value (SV). Our Responsible Business Programme, developed on the principles of the Public Sector (SV Act 2013) delivers our corporate employee and community programme. Running parallel to the corporate programme, we deliver bespoke client-facing SV programmes within each call off contract. Programmes are fully aligned to the requirements of PPN06/20. Using our co-creation process, we undertake both local and national initiatives, jointly developed with clients and partners, that ensure Economic, Social and Environmental benefit to communities.

Equal opportunity

Fujitsu operates a Dual Delivery approach to Social Value (SV). Our Responsible Business Programme, developed on the principles of the Public Sector (SV Act 2013) delivers our corporate employee and community programme. Running parallel to the corporate programme, we deliver bespoke client-facing SV programmes within each call off contract. Programmes are fully aligned to the requirements of PPN06/20. Using our co-creation process, we undertake both local and national initiatives, jointly developed with clients and partners, that ensure Economic, Social and Environmental benefit to communities.

Wellbeing

Fujitsu operates a Dual Delivery approach to Social Value (SV). Our Responsible Business Programme, developed on the principles of the Public Sector (SV Act 2013) delivers our corporate employee and community programme. Running parallel to the corporate programme, we deliver bespoke client-facing SV programmes within each call off contract. Programmes are fully aligned to the requirements of PPN06/20. Using our co-creation process, we undertake both local and national initiatives, jointly developed with clients and partners, that ensure Economic, Social and Environmental benefit to communities.

Pricing

Price
£0.00 a unit
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at government.frameworks@fujitsu.com. Tell them what format you need. It will help if you say what assistive technology you use.