Boost AI AS

Conversational AI powered Virtual Agents (intelligent chatbots), Voice and IVR built on advanced NLU

The boost.ai conversational AI platform powers 350+ chatbots and voicebots worldwide in over 30 languages. Proprietary Natural Language Understanding algorithms allow it to handle 10,000+ intents while maintaining resolution rates above 90%, making it the choice for enterprises looking to automate customer service and internal support at scale.

Features

• Enables customer self-service and support through virtual agents (intelligent chatbots)
• Multilingual; Available in 30+ languages
• No-code conversation builder for easily building advanced conversational flows
• Virtual Agent Network connects chatbots; accessed through single chat interface
• Seamless handover from chatbot to human agent in same conversation
• Proprietary Automatic Semantic Understanding technology reduces false positive by 90%+
• Integrates with leading customer-facing platforms to create an omni-channel experience
• Supports voice by automating calls through conversational IVR (STT/TTS)
• Provides actionable analytics of conversation quality, feedback and other metrics
• Flexible hosting, cloud or on-premise; ISO27001 certified & ISO27701 compliant

Benefits

• Gives instant access to information and services 24x7x365
• Easy to Use + Unlimited Scalability = High ROI
• Self-learning AI trained by customer's own non-technical/support staff
• Correct and consistent responses every time; resolution rates above 90%
• Integrated towards more than 30+ different softwares
• Voicebots powered by Conversational IVR available for phone support
• Handles peak workloads without impacting speed, performance, prediction accuracy
• Chatbots can streamline internal processes - HR, IT and more
• Maximizes Customer Satisfaction while reducing expenditure
• Quick deployment through pre-built modules for most user cases

£0.85 a unit

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at lorraine.atkinson@boost.ai. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

796281678615556

Contact

Lorraine Atkinson
+44 7411 914247
lorraine.atkinson@boost.ai

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: We deliver SaaS hence no specific constraints identified.
• System requirements: When using our SaaS solution, there are no system requirements

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Our response times are in accordance with our Service Level Agreements
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Onsite support
• Support levels: AI Supervisor/Project Manager - client's single point of contact who will coordinate with internal/external resources to ensure successful overall delivery.; AI Trainer - if required; will respond to queries related to the product and solution; Technical Support - if required; will be decided on a need basis and very much dependent on project specifications
• Support available to third parties: No

Onboarding and offboarding

• Getting started: All projects are delivered by a Boost.ai AI Supervisor. All client resources who will be involved in the project are required to undertake mandatory AI Trainer Certification, provided by Boost.ai free of charge. The platform is designed to be operable without technical expertise, so no "technical" training is required beyond the Boost.ai online course material, which is designed for users of all levels. The AI Trainer Certification trains Client's customer personnel to a level where they can independently maintain and enhance the solution after its implementation. This e-learning course includes explainer videos, practical assignments and quizzes to give the client sufficient knowledge to build in-house competency on the platform and to be self sufficient. In addition, the Knowledge Base, available directly in the admin panel interface, have 400+ articles of how to's and best practices. The trainee will have an understanding of the elements in the solution, how to build intents, logic of the intent hierarchy, action, action overview, create action flows, context, tags, training and testing, cleaning training data, import/export, rules and best practice. In addition, the certification will also explain how the machine pre-process inquiries, stemming of words, synonyms and stop words.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: We offer data extraction utilities of the solution built on the boost.ai platform (intents, training data , content). This is done by the Operations team and is not to be considered a self-service solution.; For the conversational data , this can be exported in CSV format by those with Admin access. We also offer an Export API that enables you to fetch the information from your VA by returning a raw data dump with no further processing or analyzing done. The data is returned in JSON format.
• End-of-contract process: Boost.ai's Client Responsible initiates the client offboarding by performing the following tasks:; ; Initiates data retention/deletion and access removal: If Client wants to keep the model (intents, actions, training/test data, users, synonyms, etc), they have two options. They can request an export or they can ask Boost.ai to keep the data stored in Amazon Web Service (AWS). If they want to export it themselves, agreement on a due date must be in place so that the server can be decommissioned afterwards. If they want Boost.ai to keep it, the Client Responsible must remove the users first, as this contains sensitive data (mail, name, etc). Please note that the latter may incur some charges. Boost.ai does not retain chat logs, so if the Client wants to keep these, they need to export it themselves through the admin panel. If the Client wants to keep the chat logs, a due date for completing the export must be agreed with Boost.ai Client Responsible.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Mobile SDK available for apps. On mobile devices, the chat panel works in the same way as on desktop.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AAA
• Description of service interface: Chat panel for users to chat; Admin panel for those managing the solution; Optional- panel for handover to human chat
• Accessibility standards: WCAG 2.1 AAA
• Accessibility testing: Yes - for details, see https://www.boost.ai/company/chat-panel-accessibility
• API: Yes
• What users can and can't do using the API: The boost.ai Chat API is the client's toolbox for building virtual agent is front ends. It can be used to build client's own chat front-end or the client can utilise our pre-built front-end, which works seamlessly out of the box. We also have APIs for exporting data and getting statistical data. Changes to the solution is mainly done via the admin panel.
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
  • Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: For example, various details of the boost.ai built chat panel can be customized, such as colors, texts, avatar etc. Additionally, customers can also build their own chat panel if needed. Further customization of the solution can be done by changes in the admin panel.

Scaling

• Independence of resources: Specific users/customers have their own database and own segregated services so will not be affected by other users activity.

Analytics

• Service usage metrics: Yes
• Metrics types: Service usage metrics can be viewed in the Analytics dashboard within the admin panel. A wide range of different metrics is available based on the data in the solution.
• Reporting types:
  • API access
  • Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: All the chatlogs are available in the admin panel. These can be downloaded directly from the admin panel in the form of CSV files, or alternatively exported through our Export API. The chat log from the Export API comes in a JSON format. The procedures for chat log export can be given upon request. Intents (including training/test data, actions, etc) can be imported and exported in the admin panel. In addition, it’s also possible to import/export synonyms in the admin panel. Both will be in JSON format.
• Data export formats:
  • CSV
  • Other
• Other data export formats: JSON
• Data import formats: Other
• Other data import formats: JSON for intent files and synonyms

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Other
• Other protection between networks: Our cryptographic controls policy mandates that all data in transit and data at rest must be encrypted. All traffic going over the internet to our services uses TLS certificates to establish secure connections.
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Other
• Other protection within supplier network: Our cryptographic controls policy mandates that all data in transit and data at rest must be encrypted. All traffic going over the internet to our services uses TLS certificates to establish secure connections.

Availability and resilience

• Guaranteed availability: Boost.ai has its own SLA document which explains the terms and conditions for availability. We can offer 99.8% uptime, refunds on SLA violations and 24/7 critical support.
• Approach to resilience: The solution is deployed across multiple Availability Zones within a region to ensure high availability and robustness. Additionally, boost.ai has a Business Continuity Plan and Disaster Recovery Plan that has been designed to prepare us to cope with the effects of a major or extreme incident that affects our business operations. The Business Continuity Plan can trigger the Disaster Recovery Plan.
• Outage reporting: We can set up a monthly SLA report which can be sent on e-mail.

Identity and authentication

• User authentication needed: No
• Access restrictions in management interfaces and support channels: Access to adminpanel is on need-to-know basis. Clients and authorized boost.ai employees log in to the adminpanel using their individual user ID and password. This is using Transport Layer Security (TLS) encrypted connection (HTTPS). Adminpanels are IP-allowlisted, so user needs to be on allowlisted IP address or VPN. 2FA and SSO is available. Clients can only access their own adminpanels. Only relevant users of boost.ai can securely access chat and admin panels. Root access is strictly restricted on a need-to-know basis.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: DNV
• ISO/IEC 27001 accreditation date: 28/04/2021
• What the ISO/IEC 27001 doesn’t cover: Ref. A.14.2.7 - Outsourced development. Not applicable as Boost.ai does not have any outsourced system development.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: Approved audit for ISO/IEC 27701. Certificate expected July 2022

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Audit has also been approved towards certification for ISO/IEC 27701. Expect to achieve certification evidence by July 2022.
• Information security policies and processes: Boost.ai has several security policies and processes aligned with ISO 27001 controls. Processes and policy rules are in place to require a minimum of yearly review. The reviews are logged. All employees and other relevant parties such as consultants are required to confirm to having read and understood policy rules. Evidence of acceptance to policy rules are monitored and verified. In addition, Boost.ai has a security awareness program in place aligned with internal policy rules that is mandatory for all employees and other relevant parties. All security policies and processes are easily available to all employees through company intranet.; ; Examples of security policies implemented:; -Information Security policy; -Acceptable Use policy; -Access Control policy; -Clear Desk Clear screen policy; -Cryptographic controls policy; -Mobile device, teleworking and BYOD policy; -Secure development policy; -Physical security policy; -Password policy; -Information classification policy; ; Examples of security process areas:; -Secure development lifecycle; -Asset Management; -Incident Management; -Risk Management; -Access Control; -HR Security; -Document Control; -IT Operations; -Legal & Contract Management

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Changes to the solution are controlled in accordance with our secure development lifecycle processes together with the secure development policy. Changes are logged together with security requirements. If any security and/or privacy risks are identified, this is controlled through the risk assessment conducted for each new release. Changes to company policies and/or processes are controlled through annual reviews or updated based on risk mitigation in accordance with the risk management process. Organisational changes are controlled through the organisational change management process.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Boost.ai conducts regular security testing both internally and by external parties. Penetration tests of the system are carried out by external parties on a minimum once a year. The penetration tests is based on OWASP Top 10. Tests are run on nightly builds. Vulnerability and security lists are actively monitored for CVE and other vulnerability disclosures. Vulnerability scanning implemented to identify security issues. Internal patch management processes are in place.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Boost.ai mainly uses AWS CloudWatch to monitor the solution, which allows us to observe detailed metrics.These metrics are used to trigger alarms when a pre-defined security or operational incident occurs. In addition to manual set up of logs, filters and alarms, AWS GuardDuty is also activated to analyse VPC flow logs and cloud trail event logs and DNS logs. Also, there is an audit log directly available in the admin panel of the Boost.ai solution. Incidents are responded to in accordance with internal incident management processes and response time is defined in the Customer SLA.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Incident Management processes are available and reviewed at least on a yearly basis. The processes includes the matrix used to classify incidents as either weakness, event or incident (minor, moderate, major, extreme). The incident management processes are again linked to the risk management processes and the Business Continuity Plan and Disaster Recovery Plans. When the client identifies any weakness, event or incident, they shall notify their dedicated AI-Supervisor or other means as agreed in SLA in case of critical incident. In case of data breach, this will be handled in accordance with guidelines from Norwegian data authority "Datatilsynet".

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Other
• Other public sector networks: We can set up new connections upon request

Social Value

• Fighting climate change:

  Fighting climate change

  At Boost.ai, we are very conscious of our responsibilities to fight climate change and are constantly endeavouring to reduce our carbon footprint. Some examples showcasing our unwavering commitment to this are as below: ; *Boost.ai participates in the "Hjem-Jobb-Hjem" transportation scheme run by the local government and aimed at the corporate market in the district of Nord Jæren. The goal of this scheme is to reduce car traffic in urban areas by providing facilities for employees to walk, cycle or use public transport to and from work. Access to City Bikes is also included as part of the agreement for all employees regardless of whether they purchase the Hjem-Jobb-Hjem ticket.; ; *At the head office, we segregate waste and have implemented a scheme for recycling paper, plastic bottles and soda cans; the deposit thereby collected is donated to the Red Cross.; ; * As a digitally forward company, our administrative systems are available online to encourage employees to perform tasks digitally, thereby reducing paper waste. This includes contracts, payslips, service tickets, leave applications etc. ; ; *Our cloud host Amazon Web Services (AWS) takes numerous steps to run as environmentally friendly a business as possible, and facilitates for their customers to do the same, e.g. by using wind and solar parks for renewable energy to operate the server infrastructure, and measures to reduce water consumption in their data centres.
• Covid-19 recovery:

  Covid-19 recovery

  The COVID-19 pandemic created numerous challenges for many businesses including Boost.ai. However, we very quickly adapted to these challenges and introduced the following measures:; *Home office and allowing employees to take office equipment; *Switching from on-premises recruitment and onboarding to remote/online; *Managers taking an even more proactive approach when managing their teams remotely e.g., by checking in regularly with employees to ensure their wellbeing during the difficult times of remote working; *Creating a virtual coffee machine where everyone is able to grab a virtual cup of coffee whenever they feel the need; ; We are always looking for ways to further support our employees and will work continuously to achieve this goal.
• Equal opportunity:

  Equal opportunity

  Boost.ai has a strong and clear commitment to equality, diversity and inclusion. Our policy is that all eligible persons shall have equal opportunity for employment and advancement in the company on the basis of their ability, qualifications and aptitude for the work. Promoting and supporting Equal Opportunity has always played a very important role in boost.ai and has been a part of our strategy from day one. We believe that in a diverse workforce it’s vital to foster an inclusive environment where everyone feels able to participate and achieve their potential. We would not be where we are today if we had not taken this approach. As a company, we believe that an effective Equal Opportunity strategy goes beyond legal compliance and seeks to add value to an organisation, contributing to employee wellbeing and engagement.; Our commitment to Equal Opportunity is apparent from the following:; *We cooperate with the local unemployment agencies in Norway, to help people enter into the workforce and to build the necessary competencies:; *We make opportunities for training, development and progress available to all staff for personal development in order to help them to maximise the efficiency of the organisation; *When a new position is created, we first look at our current employees’ competencies in order to offer them the possibility for self-development; *We have an age diversity among our employees - the youngest is just over 20 and the oldest employee is over 60; *We have a comparatively high number of women employed for the tech sector - approx. 30%of our workforce; *We support work-life balance by allowing flexible hours ; *Our employees come from all over the world - 5 continents and 19 different countries.; *We always take seriously all complaints about unlawful discrimination, bullying and harassment and have relevant policies and process in place
• Wellbeing:

  Wellbeing

  To foster a psychologically safe and collaborative work environment and in accordance with Norwegian Labour regulations, Boost.ai has established a Working Environment Committee - with the primary task of working towards a fully sound working environment, and closely monitoring its development.; ; To reinforce wellbeing and social interaction in the workplace, Boost.ai arranges two social events per year and encourages all employees to participate in these. Also,as physical activity contributes to good physical and mental wellbeing, Boost.ai as an employer facilitates physical activity among the employees by offering good deals on various exercise arrangements, such as a free gym membership, access to in-house physiotherapist / chiropractor etc.

Pricing

• Price: £0.85 a unit
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: We offer a custom-built virtual agent in just 10 days at no cost.; This includes; *1 custom-built virtual agent, trained to understand thousands of intents unique to your organization for 30 days ; *The opportunity to rigorously test and evaluate this VA before buying; ; See https://www.boost.ai/plans for details
• Link to free trial: https://www.boost.ai/plans

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at lorraine.atkinson@boost.ai. Tell them what format you need. It will help if you say what assistive technology you use.