Attachment-V-Response-Template (word)
advertisement
RFQ ATTACHMENT V: RESPONSE TEMPLATE REQUEST FOR QUALIFICATIONS FOR Payment Gateway Services RFQ#TTX2015-07 CONTACT: Ricardo S. Cordero, ttx.rfp@sfgov.org, 415-554-4509 Before getting started, please ensure your Response meets the Minimum Qualifications in Section B so that it will be evaluated. Responses received under this RFQ that fail to address each of the requested items in this Attachment V, Response Template in sufficient and complete detail to substantiate that the Respondent has met the City’s Minimum Qualifications, will be deemed non-responsive and will not be considered. Note that responses of “To be provided upon request” or “To be determined” or the like, or that do not otherwise provide the information requested (e.g. left blank) are not acceptable. Instructions are provided in blue and may be deleted. Please complete your Response in the template provided, using as much space as needed. Indicate clearly where separate documents are provided. In order to receive the maximum amount of points, please be sure to follow this format and thoroughly (but concisely) address each section. Note that documents under this RFQ process may be subject to public disclosure in accordance with RFQ Attachment I, Section 26. A. Executive Summary 1. Prime Respondent Information and Partner(s) Prime Respondent’s Firm Name Prime Respondent’s Firm Address (Principal Place of Business) Location of Prime Respondent’s Lead Office to Perform Services under this RFQ Prime Respondent’s Website Address Prime Respondent’s City Vendor ID Note: Possession of this number serves as partial verification that the Respondent has completed the City’s administrative requirements (see Attachment III, Section A for more details). Prime Respondent’s Partner and Subcontractor Name(s), if applicable Payment Gateway Services RFQ Attachment V – Page 1 of 11 (July 2015) RFQ ATTACHMENT V: RESPONSE TEMPLATE 2. RFQ Contact Identify the person that will serve as your RFQ contact. This contact will receive e-mail notifications regarding the RFQ process. Name Title Email Phone 3. How did you find out about this RFQ Opportunity? Insert response here. 4. Letter of Introduction and Executive Summary of Response Attach a letter of introduction and executive summary of the Response. Include a summary of your proposed partnerships, as applicable. The letter must be signed by a person authorized by your organization to contractually obligate your organization to perform the commitments contained in the Response. Submission of the letter will constitute a representation by your organization that your organization is willing and able to perform the commitments contained in the Response. In addition, please acknowledge any attachments in this letter, if applicable. B. Minimum Qualifications Instructions: Insert a “Y” or “N” in every cell adjacent to each Minimum Requirement. In order to be considered for inclusion in the list of qualified firms, a Respondent must respond with a “Y” to all of the Minimum Requirements. NO. REQUIREMENT 1 Respondent has minimum Shareholder Equity of $2 million. 2 Respondent is available to accept payment instructions from City clients 24 X 7 X 365/366 per year with a minimum uptime of 99.9% Respondent has minimum of 3-years of experience providing payment gateway services to municipalities or other governments. Respondent will deliver 3-years audited financial statements by paper, on CD or by URL link. Respondent will, at the City’s request, deliver periodic audited financial statements on no more than a quarterly basis by paper, on CD or by URL link. Respondent agrees that the City will be the Merchant of Record and own all Merchant IDs. 3 4 5 6 Payment Gateway Services RFQ Attachment V – Page 2 of 11 (July 2015) YES/NO RFQ ATTACHMENT V: RESPONSE TEMPLATE NO. 7 8 9 10 11 12 13 14 REQUIREMENT Respondent meets all statutory and regulatory standards for data security (PCIDSS, Gramm-Leach and any other federal and state laws and regulations). Respondent has no current negative regulatory actions pending against it (limited to the Respondent’s payment gateway services). Respondent will accept card payment transactions for cards branded Visa, MasterCard, Discover and American Express, contingent on the card companies’ willingness to participate and the City’s agreements. Respondent will support the City’s participation in Visa’s and MasterCard’s Bill Pay, Government Tax Payments and any other special pricing programs for which the City is or may be eligible. Respondent will direct credit/debit card entries to the City’s contracted debit/credit card processing vendors: Bank of America Merchant Services (“BAMS”) for Cardholder-Present Transactions First Data Merchant Services (“FDMS”) for Cardholder-Not-Present Transactions Respondent to direct E-Check (with the exception of kiosk, cardholder-present providers) entries to the City’s contracted Automated Clearinghouse (“ACH”) Originating Depository Financial Institution (“ODFI”) which is Bank of America. Respondent to compute and present the full amount owed by a City client including, when required, a Service Fee to the customer at “check-out.” For transactions on which Service Fees are to be applied, Respondent will apply the following rules: The paying client will be clearly advised of the Service Fee to be applied to the transaction amount The Service Fee will be processed as a separate transaction to the paying client’s credit card statement Each month, the Respondent will charge its fees to the City’s designated bank account(s) into which the Services Fees have been credited. 15 Respondent will process both percentage based and fixed amount service fees and manage the presentation, disclosures, reporting and processing of Service Fees in accordance with the prevailing rules of the Card Associations. 16 17 Respondent will negotiate and execute a best practices service level agreement. Respondent has a complete Business Resumption Plan (“BRP”) and satisfactorily tested its BRB within the past 12 months. Respondent will verify and authenticate card and E-Check payors in accordance with the requirements of the Card Association Operating Rules and the Operating Regulations of the National Automated Clearinghouse Association. Respondent has procedures to resolve technical issues including system outages and will notify the City within one (1) hour of any disruption with an expected duration of more than three (3) hours and provide status update. Respondent will dedicate a customer service support team to respond to all telephone or e-mail inquiries from the City within one (1) business day. Respondent will dedicate a relationship support team to respond to all telephone or e-mail inquiries from the City within one (1) business day. 18 19 20 21 Payment Gateway Services RFQ Attachment V – Page 3 of 11 (July 2015) YES/NO RFQ ATTACHMENT V: RESPONSE TEMPLATE NO. REQUIREMENT 22 23 YES/NO Respondent uses a set of tools to track issues reported by the City. Respondent’s transaction reporting system allows the City to download daily and historical data sets and export the data to other tools such as Excel or Access. Respondent’s online reporting system allows the City to generate ad hoc reports and arrange data based on pre-established parameters established by the City. (Examples: reports that group data by department/agency, payment category, payment type). Respondent’s online reporting system operates with all popular web browsers on PCs and MACs. Respondent will provide system controls that prohibit access by unauthorized external and internal persons/system. Respondent will deliver all user and technical documentation required City employees. Respondent will test all systems and applications jointly with the City before they are made available to the public. 24 25 26 27 28 STOP: B. If you answered “YES” to all of the Minimum Requirements above, please proceed to the next sections and provide responses to the below questions relevant to your proposal in order to complete your submission. If you answered “NO” to any of the Minimum Requirements, please stop; your firm will not be considered for qualification in any of the Service Areas. SCOPE OF WORK QUESTIONS Demonstrated expertise is required in at least one of the following Service Areas. NUMBER SERVICE AREA 1 Debit/Credit Card and E-Check payment acceptance at an online customer interface 2 Debit/Credit Card and E-Check payment acceptance at an Interactive Voice Recognition customer interface 3 Debit/Credit Card and E-Check payment acceptance at a Customer Service Representative interface 4 Debit/Credit Card payment acceptance at physical machines: for example, point of sale devices (with pin pads where appropriate), kiosks and parking meters For the Service Area or Areas for which your firm is submitting a proposal, each Respondent should indicate below its intent to be a qualified vendor by placing a “ ” in the space associated with each of the individual requirements established for each of the four (4) Service Areas. Service Area 1: Debit/Credit Card and E-Check payment acceptance at an Online Customer interface The selected Respondent’s Internet solution must satisfy the following requirements: Accessibility – Vendor will ensure that all payment applications will be compliant with Section 508 of the Rehabilitation Act of 1998, as amended (29 U.S.C. 794d) (accessibility guidelines to ensure full accessibility to users with disabilities). Payment Gateway Services RFQ Attachment V – Page 4 of 11 (July 2015) RFQ ATTACHMENT V: RESPONSE TEMPLATE My firm satisfies this requirement: Payment Engine – Selected Respondent will host one or more payment gateways engines that can be integrated with any online application developed by City departments/agencies for the purpose of processing credit/debit card payments and E-Checks. My firm satisfies this requirement: ______ Visual Integration – Selected Respondent will seamlessly integrate its Internet payment solution with City department/agency websites ensuring that all applications adopt each department’s/agency’s design. All applications must be accessed exclusively from the City department’s/agency’s Internet sites. My firm satisfies this requirement: ______ Usability – Selected Respondent payment gateway solutions will adopt basic design usability principles such as clean design, consistent navigation and ease of use to ensure citizens the best possible online experience. Respondent’s user interface must enable use by broadly used PCs, MACs, and Mobile Devices (and the associated browsers). My firm satisfies this requirement: ______ ______ The following matrix shows the services for which the City currently intends to process payments via the Internet. It also indicates which applications may include Service Fees. It is not required that your firm be able to process every type of Application. Please advise by inserting, in the far right hand column of the below chart with: “YES” for the one or more Applications that you are able to support and “NO” for the one or more Applications that you are unable to support. The contracts between the City and the selected Respondent(s) shall allow the City to add additional applications and services in the future. In providing additional applications and services, the selected Respondents shall use the same pricing structure shown in Exhibit ___, Pricing Schedule. City departments have wide variations of transaction volumes and a broad range of average ticket amounts. Application Taxes Fines Fees Permits Reservations Parking Tickets Licenses Garnishments Donations Service Fees SERVICE AREA 1 Accept Debit/Credit Card X X X X X X X X X X X X X X X X X My firm satisfies this requirement: Payment Gateway Services Accept Echeck Yes/No X X X X X X X X X ______ RFQ Attachment V – Page 5 of 11 (July 2015) RFQ ATTACHMENT V: RESPONSE TEMPLATE Service Area 2: Debit/Credit Card and E-Check payment acceptance at an Interactive Voice Recognition customer interface The selected Respondent’s IVR/Phone solution must satisfy the following requirements: Custom Number – Selected Respondent, at its own expense, will utilize a toll free custom number provided by the City for City’s payment solution that will guide the cardholder or account holder through the payment process. Any associated fees to the cardholder or account holder must be clearly stated prior to confirming the payment transaction and allow the cardholder/account holder to discontinue and cancel the transaction. My firm satisfies this requirement: ______ Menu Design – Selected Respondent will work with the City to streamline IVR menus to improve customer experience including options to provide different language translations (i.e. Chinese, Spanish) and voice recognition capability if required. My firm satisfies this requirement: ______ Peak Support – Selected Respondent will provide a robust IVR solution that can handle thousands of phone calls simultaneously to adequately support citizens during tax deadline season. My firm satisfies this requirement: ______ The following matrix shows the services for which the City currently intends to process payments via IVR interfaces. It also indicates which applications will include Service Fees. It is not required that your firm be able to process every type of Application. Please advise by inserting, in the far right hand column of the below chart with: “YES” for the one or more Applications that you are able to support and “NO” for the one or more Applications that you are unable to support. The contracts between the City and the selected Respondent(s) shall allow the City to add additional applications and services in the future. In providing additional applications and services, the selected Respondents shall use the same pricing structure shown in Exhibit ___, Pricing Schedule. City departments have wide variations of transaction volumes and a broad range of average ticket amounts. Application Taxes Fines Fees Permits Reservations Parking Tickets Licenses Garnishments Donations SERVICE AREA 2 Service Fees Accept Debit/Credit Card X X X X X X X X X X X X X X X X X My firm satisfies this requirement: Payment Gateway Services Accept Echeck Yes/No X X X X X X X X X ______ RFQ Attachment V – Page 6 of 11 (July 2015) RFQ ATTACHMENT V: RESPONSE TEMPLATE Service Area 3: Debit/Credit Card and E-Check payment acceptance at a Customer Service Representative (TEL) customer interface The selected Respondent’s Customer Service Representative solution must satisfy the following requirements: Custom Number – Selected Respondent, at its own expense, will utilize a toll free custom number provided by the City for City’s payment solution that will guide the cardholder or account holder through the payment process. Any associated fees to the cardholder or account holder must be clearly stated prior to confirming the payment transaction and allow the cardholder/account holder to discontinue and cancel the transaction. My firm satisfies this requirement: ______ Menu Design – Selected Respondent will work with the City to streamline customer service representative dialogues to improve customer experience including options to provide different language translations (i.e. Chinese, Spanish) and voice recognition capability if required. My firm satisfies this requirement: ______ Peak Support – Selected Respondent will provide a robust customer service representative solution that can handle thousands of phone calls simultaneously to adequately support citizens during tax deadline season. My firm satisfies this requirement: ______ The following matrix shows the services for which the City currently intends to process payments via customer service representative interfaces. It also indicates which applications will include Service Fees. It is not required that your firm be able to process every type of Application. Please advise by inserting, in the far right hand column of the below chart with: “YES” for the one or more Applications that you are able to support and “NO” for the one or more Applications that you are unable to support. The contracts between the City and the selected Respondent(s) shall allow the City to add additional applications and services in the future. In providing additional applications and services, the selected Respondents shall use the same pricing structure shown in Exhibit ___, Pricing Schedule. City departments have wide variations of transaction volumes and a broad range of average ticket amounts. Application Taxes Fines Fees Permits Reservations Parking Tickets Licenses Garnishments Donations SERVICE AREA 3 Service Fees Accept Debit/Credit Card X X X X X X X X X X X X X X X X X My firm satisfies this requirement: Payment Gateway Services Accept Echeck Yes/No X X X X X X X X X ______ RFQ Attachment V – Page 7 of 11 (July 2015) RFQ ATTACHMENT V: RESPONSE TEMPLATE Service Area 4: Debit/Credit Card payment acceptance at physical machines: for example, point of sale devices (with pin pads where appropriate), kiosks and parking meters; The selected Respondent’s acceptance at physical machine solution(s) must satisfy the following requirements: Integration – Selected Respondent will integrate its payment gateway with physical hardware (kiosks and similar machines) and software applications chosen by the City. My firm satisfies this requirement: ______ Connectivity – Selected Respondent will integrate its payment gateway with the cardholder present payment processor selected by the City. My firm satisfies this requirement: ______ The following matrix shows the services for which the City currently intends to process payments via kiosk (or similar) interfaces. It also indicates which applications will include Service Fees. It is not required that your firm be able to process every type of Application. Please advise by inserting, in the far right hand column of the below chart with: “YES” for the one or more Applications that you are able to support and “NO” for the one or more Applications that you are unable to support. The contracts between the City and the selected Respondent(s) shall allow the City to add additional applications and services in the future. In providing additional applications and services, the selected Respondents shall use the same pricing structure shown in Exhibit A, Pricing Schedule. City departments have wide variations of transaction volume and a broad range of average ticket amounts. Application/Services Taxes Fines Fees Permits Reservations Parking Tickets Licenses Ticket Dispensers Parking Meters Garnishments Donations SERVICE AREA 4 Service Fees Accept Debit/Credit Card x x x x x x x x x x x x x x x x x x x x x My firm satisfies this requirement: Payment Gateway Services ______ RFQ Attachment V – Page 8 of 11 (July 2015) Yes/No RFQ ATTACHMENT V: RESPONSE TEMPLATE Respondents are required to provide answers to the following questions. GENERAL 1. Describe your company, its history, organizational structure and ability to support the needs of the Service Area(s) to which you are responding. 2. Explain how your firm plans to support the needs of each individual City department that elects to engage with your services. How do you manage implementation? How do you manage ongoing relationship management? How do you support on-going customer service? 3. Describe your payment gateway services (pictures, diagrams will be helpful). Be sure to explicitly portray preferred and optional flows of both information/data and dollars. a. Hosted Page Services? b. Secure Message API Services? c. IVR? d. Kiosk? e. Shopping Cart? 4. Explain how your gateway supports recurring payments. How do you manage and safe-keep all customer sensitive data? Do you rely on tokenization in support of recurring payment activities? If yes, describe how your service works. Please address the following payment categories: a. Fixed amount recurring payment: For example, fixed monthly payments for transportation passes or residential parking permits b. Variable amount subscriptions: For example, payments for variable use services such as taxi fees at the airport or annual business fees. c. Any other recurring fee programs that you support. 5. If you are responding to Service Area #4, describe any hardware/software solutions you offer that provide for bill payment, fine/fee collections, permit purchases, transit or other ticket issuance, and any other functions that are available through your hardware/software products. 6. Explain any unique product features you offer to process the following services: a. Parking b. Transit Tickets c. Bill Payments d. Taxes e. Fees f. Fines g. Permits h. Reservations i. Insurance premiums (health, dental, vision) j. Donations k. Garnishments 7. Describe your experience and capabilities designing, building and interfacing with mobile applications. For example Payment Gateway Services RFQ Attachment V – Page 9 of 11 (July 2015) RFQ ATTACHMENT V: RESPONSE TEMPLATE a. If a City department already has a mobile application which includes payment functionality, explain how you would make your payment gateway services available. b. If a City department does not have a mobile application, are you able, either within your company or with a partner, to design and build a mobile application for the department and integrate your payment gateway into the mobile application? 8. If you are proposing a gateway for Point of Sale (POS) transactions (i.e. Service Area 4): a. Will you require the City to use specific pin pad devices and/or terminals supplied by you? Are the card swipe machines EMV compliant? b. Can your gateway support a variety of POS hardware that the City can purchase from other suppliers, such as its merchant acquirer? c. Do you support hardware that permits connectivity to computers and tablets through the USB port? 9. To which merchant card processors is your payment gateway certified? 10. Can your E-Check service support quality control functions that minimize customer bank account data input errors? For example, do you maintain routing/transit number verification tables or the ability to use a drop-down from which to select a bank? GATEWAY DESIGN 1. Do you provide a fully integrated service that includes (provide examples of each of the web pages and communications for each category): a. b. c. d. e. f. g. h. A hosted branded City department welcome & payment instruction webpage? Account Registration? Password/Account Authentication? An electronic bill presentment function? A shopping cart? A checkout and pay page? A payment confirmation page? An e-mail confirmation service? 2. Describe the level of customization you are capable of providing in your gateway design. Can your web pages be designed to meet the specific needs of City departments? Provide examples of your standard web pages and samples of pages customized to meet the unique needs of your customers. 3. Besides infrastructure, do you own all of your software code or do you license components of the code? If you rely on third party code, please describe which components you built and own and which components are owned by another party. 4. Do you provide a Virtual Private Network (or similar) service connected to a City hosted web site to accept, via a secure API, information needed to process a payment instruction from the customer? 5. How do you report the following to the City: a. Payments successfully authorized Payment Gateway Services RFQ Attachment V – Page 10 of 11 (July 2015) RFQ ATTACHMENT V: RESPONSE TEMPLATE b. c. d. e. f. Declined payment authorizations Settled payments Total daily, weekly, monthly, quarterly dollars processed and deposited Service Fee processed Returned/failed payments SECURITY 1. Do you host your product in your own data center or in a shared center? Is your service hosted on servers owned and operated by your firm or do you operate within a shared environment? 2. Who is responsible for managing and monitoring the security of your service? employees or employees of a third party? Your 3. Is your payment gateway fully PCI-DSS compliant? What SAQ Level has been assigned to your payment gateway? Was your compliance audit completed by a qualified assessment auditor? When was your most recent compliance audit completed? When is your next compliance audit scheduled? Will you commit to provide the City with a copy of your annual compliance certificate? 4. Has your firm undergone a SAS-70 (or equivalent) examination? If yes, was the outcome satisfactory or unsatisfactory? When was the last audit completed? If the City selects you to provide payment gateway services, will you supply the City with a copy of the SAS-70? 5. Does your service offer any special protections/controls for compliance with HIPAA requirements? 6. Describe: a. City employee access controls to your payment gateway services and data b. Your employee access controls to your payment gateway services and data. 7. Explain how your company confirms the identity and authority of cardholders and account holders who pay by card or E-Check at your payment gateway and/or IVR? FRAUD PROTECTION/CHARGEBACKS/RETURNED ITEMS 1. Describe the tools and procedures your firm offers to protect the City against fraudulent and unauthorized payment transactions. Payment Gateway Services RFQ Attachment V – Page 11 of 11 (July 2015)
