TECHNOXANDER LTD

Confirmation of Payee

TechnoXander's Confirmation of Payee (CoP) solution is a name-checking service designed to reduce misdirected payments and provide greater assurance that payments are being sent, and collected from, the intended account holder. It aims to enhance customer confidence, mitigate APP Fraud risks, and assist financial institutions in fulfilling their regulatory obligations.

Features

• Conforms to Pay.UK specifications
• Fully hosted, FAPI compliant Security Framework
• Real-time analytics from the user Dashboard
• Payer and Payee Name checks
• Easy One API Integration

Benefits

• Helps mitigate Authorised Push Payment (APP) fraud
• Financial institutions can meet their regulatory obligations
• Increases customer confidence with bank transfers
• Reduce costs for financial institutions

£0.20 a transaction

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sonalbomb@technoxander.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

716541870915317

Contact

Sonal Bomb
07448319596
sonalbomb@technoxander.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: TechnoXander SaaS platform is available 24/7 with no downtime for upgrades or maintenance. Any required technical work is scheduled outside business hours to avoid disruptions. As a cloud-based API service, clients are isolated from infrastructure constraints. We also operate full disaster recovery facilities to maintain service resilience. In the rare event of planned maintenance, advance notification is provided and timing is chosen to minimize impact on our clients.
• System requirements: No third party licencing requirements

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: TechnoXander Client Assistance Center (CAC) team is available 08:00 - 18:00 on Business Days for immediate help. Out of Hours team is available 24/7.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Onsite support
• Support levels: TechnoXander's Client Assistance Center (CAC) can provide end-to-end support depending on the severity of the Ticket. A dedicated technical associate is available throughout the support journey to help with queries related to technical, availability, performance, etc.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: TechnoXander has dedicated account managers to help the users with their queries, technical know-how, etc. TechnoXander provides a Sandbox environment which can be used by users to build and test their applications. Account Managers can explain to the users about the onboarding process and how to use the Sandbox environment. For the installation and setup, quick and simple API calls are made for which the documentation is available in the Sandbox. When going live, the Account Managers and other technical members provide end to end support to users.; ; The user onboarding can be ; ; Users can get started by
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: TechnoXander CoP application does not store any user data so there is no need for data extraction.
• End-of-contract process: TechnoXander's contract has a smooth exit process where there is no end-of-contract price.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Communication between the backend application and the frontend is orchestrated via an API so there is no difference between mobile/desktop.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: WCAG 2.1 AA or EN 301 549
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: TechnoXander uses AccessiBe and SortSite tools to perform accessibility testing,
• API: Yes
• What users can and can't do using the API: TechnoXander APIs can be used by users and applications to perform name verification checks with participating financial institutions.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • PDF
• API sandbox or test environment: Yes
• Customisation available: No

Scaling

• Independence of resources: TechnoXander has deployed 24/7 monitoring systems that monitor application performance and resource capacity that are scaled automatically depending on the demand. Performance and capacity alerts are pre-configured to inform support teams. The systems are configured for high availability and high-performance delivery.

Analytics

• Service usage metrics: Yes
• Metrics types: TechnoXander provides a user-friendly management portal with real-time dashboards with various service metrics.
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: TechnoXander CoP application has a user friendly management portal in which the user can review and export the data required. The portal is secured by IP whitelisting and user credentials.
• Data export formats:
  • CSV
  • Other
• Other data export formats: PDF
• Data import formats:
  • CSV
  • Other
• Other data import formats: Excel

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: 99.5% availability excluding downtime required for planned upgrade and maintenance.
• Approach to resilience: TechnoXander supports Multi-Region, Multi-Availability Zone approach as part of the cloud hosting to ensure maximum resilience.
• Outage reporting: TechnoXander notifies its customers by a message on the portal and also via email in advance of any scheduled maintenance. For critical outages that could impact customer-facing services, TechnoXander automatically notify key contacts by email. Notifications include details such as the start time, impacted services, scope of impact and resolution status. They are sent within 5 minutes of declaring a critical incident.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Access restrictions in management interfaces and support channels: Any access to TechnoXander portal requires the end user to enter their Username and Password. Any access to TechnoXander APIs requires users to provide TLS client certificate.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Intercert Inc
• ISO/IEC 27001 accreditation date: 02/04/2024
• What the ISO/IEC 27001 doesn’t cover: Everything from systems, premises, software applications, business processes and operations are covered.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: TechnoXander follows an Information Security Policy which is compliant with ISO 27001:2022 standard. This policy covers all TechnoXander information security practices across all departments and business units. All workforce members, including third parties, are required to comply with this policy.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: TechnoXander follows a Change Management Policy which is compliant with ISO 27001:2022 standard. This policy is followed by all workforce members and third parties who work on TechnoXander IT systems and infrastructure. Changes to systems that are used for development, testing, or staging are included in this policy. TechnoXander develops, implements, tests, maintains a Change Management Plan that covers changes to all IT infrastructure and applications. Any identified potential change is evaluated and details are noted in a change management ticket (CM). All changes are approved in a Change Authorisation Board (CAB) meeting before being assigned to the implementer.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: TechnoXander follows a Vulnerability Management Policy which is compliant with ISO 27001:2022 standard. Annual penetration testing and vulnerability scanning is undertaken by approved 3rd party vendors. Any vulnerability is dealt with effectively and efficiently where risk levels are unacceptable. A timeline to react to potentially relevant technical vulnerabilities is based on the Severity.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Annual penetration testing and vulnerability scanning is undertaken by approved 3rd party vendors. Any vulnerability is dealt with effectively and efficiently where risk levels are unacceptable. A timeline to react to potentially relevant technical vulnerabilities is based on the severity.
• Incident management type: Supplier-defined controls
• Incident management approach: TechnoXander follows a Incident Management Policy which is compliant with ISO 27001:2022 standard. This policy address security incidents that may affect the confidentiality, integrity, or availability of sensitive information. Any security-related incidents are reported immediately through the established channels after the incident is discovered to the Information Response Team. An incident response plan establishes Service Level Agreements (SLAs) to guarantee the timely detection, reporting, assessment, and resolution of security incidents.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  TechnoXander's emissions in terms of travel are tackled effectively by flexible WFH policies and by reducing unnecessary client visits. We plan to minimize unnecessary travel whenever possible; ; TechnoXander actively encourages staff to limit printing to essential documents, opting for the electronic distribution of board papers instead of traditional postal methods. These practices collectively contribute to our commitment to reducing our environmental impact.

  Covid-19 recovery

  Covid-19 recovery is important for the entire staff well being and safety,

  Tackling economic inequality

  TechnoXander provides Internship opportunities to young people thereby providing them with real-world experience.

  Equal opportunity

  TechnoXander is an equal opportunity employer, and we do not discriminate based on religion, race, religion, caste, sex, marital status, ethnicity, sexual orientation, or any other status protected by law. Moreover, we urge that all employees treat each other with respect and professionalism.; ; TechnoXander makes reasonable accommodations for employees with special needs to work comfortably.; TechnoXander offers training and programs to support diversity and inclusion in the workplace. ; TechnoXander promotes employees solely based on merit.

  Wellbeing

  TechnoXander takes an active approach to supporting the well-being of our employees in various essential aspects like financial, physical, mental & emotional, and social. We consistently offer information and guidance, directing individuals to additional resources and support to ensure their overall wellbeing

Pricing

• Price: £0.20 a transaction
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: A time-limited option is available to try our services.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sonalbomb@technoxander.com. Tell them what format you need. It will help if you say what assistive technology you use.