ADELANTE SOFTWARE LTD

Adelante ConnectIncome (formerly SmartPay) - Income Management and Cash Receipting

Our Income Management Solution offers comprehensive income management and cash receipting for Local Government and Higher Education, includes PCI Compliant card payments, a flexible report writer, and an optional bank reconciliation module. Users can customise and create validation rules, funds, imports, exports, and more. Branded web payments and APIs

Features

• Internet payments and shopping basket
• PCI DSS Compliant call centre payments
• Automated telephone payments
• Income management and cash receipting
• Pay By Link
• Staff mobile app
• Bank Reconciliation Tool
• Import and export file management
• Recurring payments management
• Flexible Report Writer

Benefits

• Secure payment methods keep council transactions PCI-compliant and data protected
• Streamline cash handling processes, reducing manual errors and discrepancies
• Support multiple payment methods for diverse resident and business preferences
• Reconcile all income and expenditure across multiple channels
• Application tools to define and manage import and export files
• Automate reporting tasks, saving time and resources for administrative staff
• Facilitates seamless movement of income via transfers, journals and allocations
• Ensures data accuracy through validation mechanisms, minimising discrepancies
• Handle exceptions promptly, creating new import rules on the fly
• Simple user friendly user interface

£59,800 to £250,000 a unit

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at alisonr@adelante.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

609500120702870

Contact

Alison Rodwell
01628 820600
alisonr@adelante.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: ConnectIncome requires that the browser supports a minimum of TLS 1.2 cryptographic protocol
• System requirements:
  • Users require a currently supported browser to access ConnectIncome
  • Users require a compliant mobile device to access mobile apps

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Standard Business Hours: Mon - Fri 09:30 to 17:30. We strive to acknowledge all tickets withing 30 minutes.; ; P0 - Mission Critical; Follow Up - 1 hr; Target Resolution - 8 hrs ;; ; P1 - Business Critical; Follow Up - 1.5 hrs; Target Resolution - 16 hrs ;; ; P2 - Serious; Follow Up - 2 hrs; Target Resolution - 40 hrs ;; ; P3 - Normal; Follow Up - 4 hrs; Target Resolution - 80 hrs ;; ; P4 - Minor; Follow Up - 4 hrs; Target Resolution - 160 hrs or Case by Case Basis
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Standard ; Helpdesk support during working hours and essential system maintenance. ; £10,780 (Year 1); ---------; Premium ; Standard support plus: ; - Free merchant account changes ; - Free Web branding changes ; - Free receipt template changes and additions ; £13,475 (Year 1); ---------; Premium+ ; Premium support plus: ; - Free ATP call tree changes ; - Free import and export file modifications ; - Free Technical Support for API integrations (up to 10 days per annum) ; £18,865 (Year 1)
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We initially create a ConnectIncome instance for customers to use in test mode. This allows them to test the operational and functional aspects of the system as well as important processes like import and export routines, reports etc. As issues are identified they are corrected and made available to for retesting. Once testing is complete a date is agreed for the system to go live. At this time either we or the customer can arrange for staff to be trained on how to use the system. Typically this is carried out by the customer though as their key staff will have a full working knowledge of ConnectIncome and the training will usually include usage policies specific to the customer.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Data can be exported as a csv file. This can be done by the customer who have access to all of the data with the exception of credit and debit card numbers and anything restricted by PCI DSS.
• End-of-contract process: If a customer wants to carry on using the software at the end of the minimum contract period they can simply renew their support agreement and carry on using the software.; If a customer does not want to carry on using the software at the end of the contract period they can extract their data in standard export formats and the original hosted data will be expunged.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The main application is designed to be responsive, to be usable on mobile devices as well as PCs.; ; A staff mobile app is also available, enabling users to access basic features of the main application in a cut-down version, designed specifically for mobile telephones.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The service interface allows users with the appropriate permissions to manage the configuration of fund codes, user settings, branding for receipt templates, VAT rules, report generation, file import and export definitions, import rules etc. API's allow for integration to third-party systems or forms. It allows for the import and export of information and provides for manual data entry via batches and movement of funds all ready in the system.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: N/A
• API: Yes
• What users can and can't do using the API: Users can utilise our API to seamlessly integrate secure hosted card payment web pages into their customer and staff-facing web forms, or CRMs facilitating access to our payment services. This integration ensures a smooth payment experience while maintaining the highest security standards in our PCI DSS-compliant environment.; ; Through the API, users can configure various aspects of the system such as specifying payment options and methods and setting up notifications for successful transactions. They can also retrieve transaction details and generate reports to track payment activities.; ; While our API offers extensive customisation and functionality for integrating payment services, it does have certain limitations. Users cannot bypass the redirection to our secure payment pages for card data submission, as this is crucial for maintaining compliance with PCI DSS standards and ensuring the security of cardholder data. Additionally, certain advanced customisation options may be subject to restrictions or require approval from our support team to ensure compatibility and security.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: ConnectIncome can be customised to support customer validation routines (including Modulus Checks) and undertake balance lookups.; ; It is also possible for customer to create their own forms or to integrate with forms applications so that the look and feel of the user interface remains consistent for users.; ; The public-facing pages of the application are branded to the customer's requirements.; ; File import and export definitions are designed to customer requirements as part of the implementation project.; They can be created and edited by Administrators of the system, as well as by Adelante.; ; Receipts are designed to customer requirements as part of the implementation project.; They can be created and edited by Administrators of the system, as well as by Adelante.; ; Automated telephone messages are developed to customer requirements as part of the implementation project.; Administrators of the system are able to define which funds are included and in what order, from within the main application.

Scaling

• Independence of resources: The application is served via a hosted infrastructure of clustered, load-balanced application and web servers.

Analytics

• Service usage metrics: Yes
• Metrics types: We provide a Reporting Module which can be used to generate service metrics (eg: number of transactions over a given period)
• Reporting types: Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: There is a facility built into the application to export any payment data contained within the ConnectIncome data base as text files. Customers have access to database views to allow them to select what data they want to export.; ; There are also tools to create specific file import and export definitions, to allow customers to transfer data from and to third party systems.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Fixed Length Text
  • HTML
  • PDF
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Fixed Length Text
  • XML

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: We operate within a tier 3 data centre with an expected up-time of 99.82%. If our levels of availability fall below 99% in a given month our SLA agreement contains a clause offering compensation to affected customers.
• Approach to resilience: ConnectIncome is located in a tier 3 data centre. Servers operate in a virtual environment which means they are not dependent on a single piece of hardware. Application and Web servers have a fail-over option in the event a virtual server fails or needs to be updated to ensure continued operation.
• Outage reporting: Service outages and any planned maintenance are reported by email. Browser screens and telephone message are also configured during the outage to provide messages to consumers looking to access the system to make payments.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: We employ role-based access control (RBAC), granting permissions based on job roles to restrict access in management interfaces and support channels. Two-factor authentication (2FA) is enforced for added security. Training programs ensure staff awareness. These measures guarantee only authorised personnel access management interfaces and support channels, enhancing security while users engage with the interface.
• Access restriction testing frequency: At least once a year
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: Pen Test Partners LLP
• PCI DSS accreditation date: 26/06/2023
• What the PCI DSS doesn’t cover: N/A
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: We are a PCI DSS level 1 service provider. To maintain this accreditation, we are independently audited by qualified security assessors once a year. Our hosting partner is ISO 27001: 2013 Accredited
• Information security policies and processes: Adelante is part of the ClearCourse Group. ClearCourse prioritises robust information security policies and processes to safeguard our assets and maintain trust with our stakeholders. Under the leadership of the Group Operations Director, who reports directly to the CEO, we ensure comprehensive coverage of IT security measures.; ; Our foundational document is the Group IT Security Policy, accessible on our Intranet, outlining protocols, standards, and procedures. To enforce compliance, all employees undergo mandatory training on IT security, including PCI DSS requirements. Additionally, regular Cyber Security training sessions are conducted to keep our workforce updated on emerging threats and best practices.; ; Each year we are externally audited by an independent QSA to maintain our PCI Level 1 Accreditation.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Change requests are reviewed and verified by a separate employee, and then implemented in accordance with PCI DSS requirements. Every change can be rolled back in the event of problems. Changes are implemented in Development, Test and Staging environments, before being applied to the Production environment.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Our managed service environment is scanned in accordance with PCI DSS requirements. These scans are both automated and manual and undertaking using either PCI DSS accredited tools or suitable qualified external security personnel. Any vulnerabilities found are rectified and retested in accordance with PCI DSS requirements.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We have PCI DSS approved controls to manage monitoring. These controls include the actions required to respond to potential compromises.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: In the event of incidents, we rely on our published Group Incident Response Plan, providing a structured approach to mitigate risks and minimise disruptions. This plan outlines roles, responsibilities, and escalation procedures, ensuring a swift and coordinated response. It is a 3 step plan that ensures any incident is dealt with in a structured manner and covers detection, analysis reporting, and escalation to the correct incident response manager.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Equal opportunity
  • Wellbeing

  Equal opportunity

  Adelante is a ClearCourse company, Diversity and inclusion drive innovation, foster creativity, and propel our business forward. ; ; Diversity extends beyond demographics, each employee brings unique perspectives, experiences, and talents. Everyone is valued for their differences and celebrated for their strengths, diversity breeds success.; ; Inclusion is demonstrated in the behaviours of our leaders. We create an environment where everyone feels a sense of belonging, voices are heard, and everyone is treated with respect.; ; Our FAIR values—Fostering Inclusion, Achieving Equity, and Inspiring Respect—are the principles that shape everything we do. These values represent our commitment to providing equal opportunities for all employees.; ; We invest in the development and growth of our employees. Through online training platforms and our Management Development Training program, we provide opportunities for continued learning and advancement.; ; ClearCourse Careers is a platform for employees to explore opportunities and further their careers within our group. We ensure fair pay and equitable treatment for all employees, by regularly conducting salary benchmarking exercises to address any disparities.; ; Open communication is valued and encouraged. Our inclusive intranet platform serves as a hub for dialogue, while quarterly group Town Halls provide opportunities for transparent communication and feedback.; ; Employee retention fosters a stable and motivated workforce. Our in-house management training academy equips line managers with the skills to keep their direct reports motivated, happy, and productive. Our review process ensures that every employee can set and track their progress toward career development.; ; Our recognition platform allows employees to give recognition to their colleagues, fostering a culture of appreciation and camaraderie, and reinforcing our commitment to creating an inclusive and supportive workplace environment.; ; Diversity and inclusion are not just values, they are integral to our success. We are dedicated to creating an environment where every individual thrives, differences are celebrated, and collaboration flourishes.

  Wellbeing

  Prioritising Comprehensive Well-being: Our Commitment; ; At our company, we understand that well-being encompasses more than just physical health—it is about nurturing emotional, financial, and social wellness, both in and out of the workplace. Our commitment to well-being reflects our recognition that work and personal lives are intertwined, and we strive to support our employees holistically.; ; We encourage open dialogue about well-being and provide multiple avenues for support. Whether experiencing poor well-being at work or outside of it, employees are encouraged to speak up. Line managers are available for confidential conversations, and we offer a range of resources to address various well-being concerns.; ; Through frequent awareness initiatives, we aim to reduce stigma around topics like mental health and menopause. By educating and encouraging conversations, we create a culture where individuals feel comfortable discussing sensitive topics and seeking support.; ; Our FAIR values underpin a culture of inclusivity, where individuals feel welcomed and empowered to be themselves. We maintain a zero-tolerance policy towards bullying, harassment, and discrimination, ensuring a safe and respectful workplace for all.; ; We provide access to Mental Health First Aiders trained across the company and Employee Assistance Programs (EAPs) offering confidential counselling and support. Additionally, we collaborate with external support charities and providers to offer comprehensive assistance tailored to individual needs.; ; Initiatives like well-being support for challenges such as menopause and partnerships offering free, independent mortgage advice are available. Eye tests are encouraged to safeguard visual health in our screen-centric world.; ; We empower individuals to prioritise their well-being by offering a range of resources and support options tailored to their needs. By promoting well-being in all its dimensions, we foster a healthier, happier, and more resilient workforce.; ; We are committed to supporting our employees' holistic wellness journey, ensuring they thrive both personally and professionally.

Pricing

• Price: £59,800 to £250,000 a unit
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at alisonr@adelante.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.