Amigoco

Identity Resolution Service

Amigoco Identity Resolution Service allows you to accurately associate data with people who interact with your business.

Successful enterprises automatically identify customers, partners and suppliers to help resolve identities across all data and applications.

Features

• Performs identity resolution across multiple configurable fields
• Flexible data seeding model
• Suitable for highly sensitive data, e.g. conviction information

Benefits

• Enhanced operational efficiencies by reducing manual effort
• Detect fraud
• Improved data analytics

£12,500 a licence a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@amigoco.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

985201409856683

Contact

Admin Team
07941155347
info@amigoco.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: Planned maintenance is undertaken out of business hours. Customers are provided a maintenance schedule and informed in advance if any downtime can be expected.
• System requirements: Cloud: An appropriately privileged account on AWS, Azure or GCP.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Based on our standard support hours, we aim to respond to 99.9% of all questions received within 1 hour.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Yes, at an extra cost
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: A dedicated messaging channel is created per customer which is accessible via all commonly used browsers. This is available on several platforms, including Microsoft Teams and Slack.
• Onsite support: Yes, at extra cost
• Support levels: Amigoco’s service levels are tailored to each customer. Key Performance Indicators (KPIs) are established with the customer prior to service commencement to ensure they are suitable and meet expectations.; Our standard support hours are outlined below.; • Business Hours (Monday to Friday, 9:00 – 17:00); ; A cloud support engineer will be assigned to your service, together with a technical account manager. Overall support charges will be based on the amount of support required. Further information is available in the pricing document,
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Amigoco works with its customers to define their onboarding and off boarding requirements and builds a support model to suit.; Starting to use this service typically involves a short call to understand the customer requirements and landscape, followed by a short demonstration.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: All data used by the service will be automatically backed up to customer’s cloud platform as part of the service. If the customer is using our cloud platform to host the service, they can also download reports at any time during the duration of the contract or at contract end.
• End-of-contract process: At the end of the contract, we ensure customers have downloaded reports of all their service usage for the contract duration.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems: Linux or Unix
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: No differences.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Web Interface.
• Accessibility standards: None or don’t know
• Description of accessibility: No accessibility is required for this service as it is typically consumed by other services written by the customer.
• Accessibility testing: No specific assistive technology testing has been performed.
• API: No
• Customisation available: Yes
• Description of customisation: Customers are able to perform custom data seeding and matching configuration.

Scaling

• Independence of resources: Each customer’s instance of this service is provided as a standalone service.

Analytics

• Service usage metrics: Yes
• Metrics types: We provide metrics on the number of times the services has been accessed over the previous month.
• Reporting types: Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Users can export their usage of the service and other reports at any time. Supported formats include SVG, PNG and CSV.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • PNG
  • SVG
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Prior to service commencement, Amigoco agrees compensation models that suit customer needs. This can include service credits or reduction in charges where we have failed to maintain a level of service within our KPIs.
• Approach to resilience: This information is available upon request.
• Outage reporting: An operational dashboard provides a real-time view of service availability. If the service is down, email, SMS and instant messaging alerts can be made available to configurable endpoints.

Identity and authentication

• User authentication needed: Yes
• User authentication: Public key authentication (including by TLS client certificate)
• Access restrictions in management interfaces and support channels: We utilise the principle of “least privilege” where users are assigned roles and privileges that allow them to perform their particular role and no more. Development and testing are separated from operations, with operation staff only allowed to make version-controlled changes using our standard change management processes.
• Access restriction testing frequency: At least once a year
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: CSA CCM version 3.0
• Information security policies and processes: The Amigoco Board of Directors has the overall responsibility to provide management direction and support for information security in accordance with the business requirements and relevant laws and regulations.; ; The Senior Information Risk Owner (SIRO) is the owner of the Amigoco Information Security Management System (ISMS) and all security policies, with all changes to ISMS and security policies being reviewed and approved by the SIRO. ; ; The Data Protection Officer is responsible for all data protection matters. This includes third party security, physical security and training, together with Cyber Security and training.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Our configuration and change management approach is based upon our DevSecOps principles, including:; ; • Shift security left – We incorporate security processes from the start of the development process. We aspire to the development practice of DevSecOps, whereby we not only secure the deployment pipeline, but also secure its operation.; • Automation of all regular activity – The delivery of all change is automated and version controlled to ensure seamless change delivery and avoid manual error.; • Guardrails for delivery – Delivery guardrails, including separation of duties and roles, with policies as code to allow strong access management.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Our vulnerability management approach is based upon our DevSecOps principles, whereby we not only secure the deployment pipeline, but also secure its operation. We undertake code reviews, Static Application Security Testing (SAST), Software Composition Analysis, Dynamic Application Security Testing (DAST) and regular penetration testing.; ; Patches and vulnerability updates are deployed via our standard change management approach, with all updates and patches reviewed and tested prior to deployment.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Our protective monitoring approach is based upon our DevSecOps principles, whereby we not only secure the deployment pipeline, but also secure its operation. In particular, we utilise the following;; • Logging and Audit – Application and service logs are created, together with audit trails of operations performed to the service. These are stored in a separate account to the service itself and monitored to detect unauthorised activities.; • Security Monitoring – A centralised security monitoring dashboard is created for each customer, where any attacks detected are automatically shown. Complete traceability from detection to response and recovery is made available.
• Incident management type: Supplier-defined controls
• Incident management approach: Our incident management approach is based upon our DevSecOps principles. Common incidents such as detection of a CVE, are provided via a dashboard on a daily basis, with the most critical being prioritised for delivery within 48 hours. Users are also able to report incidents via instant message, web chat or phone.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity

  Fighting climate change

  Transportation; Since 2017, Amigoco has sought to conduct all its business travel utilising public transport, including rail, tram and bus services where available. For consultants that are able, we encourage incorporating walking, running and cycling as part of any business commute or travel.; Promote Environmentally Friendly Ways of Working; Amigoco is a remote-first company. This means we encourage our consultants to work from home, a co-working space, café or wherever is suitable. Some of our engagements require on-premises work with clients and other third parties. We balance these commitments with the well-being of our consultants and our social responsibility to reduce CO2 emissions.; We do this by encouraging the use of remote meeting and collaboration tooling such as Teams, Slack, Confluence and Jira. Together with encouraging modern software development and delivery practises, such as DevOps and GitOps, we seek to increase overall productivity and efficiency.

  Equal opportunity

  Equal opportunity; ; Amigoco recognises that we live in a society where discrimination still operates to the disadvantage of many groups.; ; No employee, associate, job applicant, supplier or customer should suffer or experience less favourable treatment, discrimination or lack of opportunities on the grounds of:; • Gender; • Race; • Colour; • Nationality; • Ethnic Origin; • Age; • Health status; • Marital status; • Parental status; • Trade union memberships; • Religious or philosophical beliefs; • Responsibility for dependents; • Sexual orientation; • Class; • Political beliefs; • Physical attributes; • Ex-offender status*; ; *as defined by the Rehabilitation of Offenders Act 1974 [Ref.001]; ; Amigoco has an equal opportunities policy that is reviewed annually.

Pricing

• Price: £12,500 a licence a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Free trial includes setup of 1 data source, with customer providing seeding data.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@amigoco.com. Tell them what format you need. It will help if you say what assistive technology you use.