National Entitlement Card Scheme Information … · Dataflow Diagrams Page 2 of 41 Document Control...

National Entitlement Card Scheme

Information Architecture

Data Flow Diagrams v.1.0 FINAL

October 2016

Dataflow Diagrams of 41

Document Control

Document Title Dataflow Diagrams

Issue Status Version 1.0 FINAL Issue Date 15/07/2016

Author David Laughlin Title NEC Information Assurance Officer

Tel: E-Mail [email protected]

Security Classification Public Retention

Period

Per policy

Review Period Annual

Version No Date Summary of changes

0.1 DRAFT 11/11/2014 Initial issue for comments

0.2 DRAFT 16/03/2016 Revised whole document diagrams

0.3 DRAFT 07/07/2016 Revised and expanded diagrams

0.4 DRAFT 18/07/2016 Incorporate internal review after completion of

diagrams

0.5 DRAFT 20/07/2016 Issue as draft to Scottish Government/Improvement Service

0.6 DRAFT 21/09/2016 Incorporate revisions from SG/IS review, remove

national sQuid

1.0 FINAL 18/10/2016 Add missing NEC Number to Hotlist, issue

Review

Name Organisation

Stephen Peacock Scottish Government

Robert Clubb Improvement Service

Brenda Robb NECPO

Elena Brown NECPO

Stuart Law Scottish Government

Authorisation

Document Approvals

Document

Authorisation

Title/Organisation Signature Date

Paul Carroll SIRO, Dundee City Council


Contents Introduction.............................................................................................................................................. 4

Internal Data Flows ................................................................................................................................. 6

National Entitlement Card Application ................................................................................................. 6

National Paper Application Form ..................................................................................................... 7

Data File Application ........................................................................................................................ 9

Agent Direct Input Application to CMS .......................................................................................... 11

NEC Online Application ................................................................................................................. 13

National Entitlement Card Update ..................................................................................................... 15

NEC Update via Agent ................................................................................................................... 16

NEC Online Update ....................................................................................................................... 18

NEC Online Update Photo ............................................................................................................. 20

NEC Replacement Card via Agent ................................................................................................ 21

NEC Online Replacement Card ..................................................................................................... 22

NEC Hotlist Card ............................................................................................................................ 23

External Data Flows .............................................................................................................................. 24

Regular .............................................................................................................................................. 24

X1 Local Authority Extracts ............................................................................................................ 25

X2a myaccount – Card Create ...................................................................................................... 27

X2b myaccount – Personal Details Change .................................................................................. 28

X2c myaccount – Contact Details Change .................................................................................... 29

X2d myaccount – Hotlist Card ....................................................................................................... 30

X2e myaccount – Sign-in/Register ................................................................................................ 31

X3 Transport Scotland ................................................................................................................... 33

Ad hoc ................................................................................................................................................ 36

X4 Police Enquiries ........................................................................................................................ 36

Appendix A – Proofs ............................................................................................................................. 38

Appendix B – Validation Points ............................................................................................................. 38

Glossary of Terms ................................................................................................................................. 39


Introduction

This document contains details of the internal data flows associated with the National Entitlement

Card scheme. It is intended to assist the reader with understanding how data is used within the

scheme, and can be read in isolation, or to supplement the National Entitlement Card Scheme

Privacy Impact Assessment document.

The National Entitlement Card is a multi-application smartcard available on request for all Customers

of Scotland over the age of three to allow access to a range of services. The National Entitlement

Card Programme Office (NECPO), based in Dundee City Council, acts on behalf of all Scottish Local

Authorities in the supply and production of the card itself, with the Scottish Local Authorities

authenticating and processing the NEC applications.

The current Terms and Conditions for the National Entitlement Card scheme can be found at

http://www.entitlementcard.org.uk/nec-terms-and-conditions.

Applications can be initiated by contacting a Local Authority or an organisation authorised to act on

their behalf (e.g. SPT). Alternatively the Customer can apply for the NEC using the self-serve NEC

Online process. To access NEC Online the Customer will first register and then login to the Scottish

Government’s myaccount service, which is designed to help public sector organisations deliver

secure online services to the right person. The myaccount service will then allow access to NEC

Online. The interaction between myaccount and NEC Online is described in this document; a

corresponding document exists for the myaccount service itself.

The current Terms and Conditions for myaccount can be found at https://signin.mygovscot.org/home.

The areas where information is processed internal and external to the NEC scheme are listed below

Business Function Potential internal dataflows Potential external dataflows

NEC Application

Paper Application Form Datafile Application Application via Agent NEC Online Application

X1 Local Authority X2a myaccount - Card Create X2e myaccount – Sign-in/Register X3 Transport Scotland

NEC Update

NEC Update via Agent NEC Online Update NEC Update Photo via Agent NEC Online Update Photo NEC Replacement Card via Agent NEC Online Replacement Card NEC Hotlist Card

X1 Local Authority X2a myaccount - Card Create X2b myaccount - Personal Details Change X2c myaccount - Contact Details Change X2e myaccount – Sign-in/Register X3 Transport Scotland

http://www.entitlementcard.org.uk/nec-terms-and-conditions

https://signin.mygovscot.org/home


Police Enquiry X4 Police Enquiries

Data items within each flow are described below each diagram.


Internal Data Flows

In the following diagrams, descriptions of data flows commencing “X” refer to External Data Flows.

National Entitlement Card Application

Customers can apply for a National Entitlement Card in various ways and the Customer’s data is

transferred to the national Card Management System (CMS) in the following ways:

Paper Application Form: the Customer completes the appropriate national application form

(Elderly, Young Person, Disabled) which is then presented at a Local Authority location, an SPT

office (SPT acting on behalf of the relevant LA), or at a Post Office (in areas where they accept

Elderly forms only on behalf of the LA). At each, personal details are verified, and the validated

application sent securely by Royal Mail to the processing Bureau.

Data File Application: the Customer’s verified personal details are extracted along with other

details from an existing local authority system; with the consent of the Customer they are added

to a file with a prescribed format for secure transmission to the Card Management System.

Agent Direct Input Application to CMS: the Customer attends a Local Authority location or SPT

office for personal detail verification, their details are manually entered into the Card Management

System by the Local Authority Agent. Local Authorities may use local paper application forms as

part of the data collection process.

NEC Online Application: the Customer is directed through the myaccount service to the NEC

online portal where name, address and photograph details are supplied. The Customer may then

be required to attend a Validation Point and provide personal verification to the Local Authority

Agent who then completes the application and requests the card.


National Paper Application Form

National Paper Application Form Explanatory Notes

1. The Customer requests and receives an appropriate national paper form for a National

Entitlement Card. These vary depending on the services the Customer is entitled to. There are

three main forms: one for the 60+ age group, one for the 11-25 age group, and one for Disabled

Persons aged 5+.

2. The Customer completes the application form by providing their details.

Form Data:

Title (optional)

Gender

First Name

Middle Initials/Middle Name (optional)

Surname

Date of Birth

Address

Phone number (optional)

Mobile number (optional)

Email address (optional)

Current school/college/university (if relevant)

Consent to data share

Young Scot (if relevant)

Volunteer (if relevant)

Photograph

Photo referee contact details (only if no photographic proof)

3. The Customer presents the completed paper application form and any required proofs of person,

residence, photograph and entitlement to a Validation Point. This could be a Local Authority

location, an SPT office, or a Post Office, depending on the type of application. See Appendix A –

Proofs; Appendix B – Validation Points.

4. The Local Authority Agent verifies the form content and checks the proofs shown to authenticate

the applicant’s details and will only approve the application if satisfied with these.

Proof Data:


Proof of person

Proof of residency

Proof of photo

Proof of entitlement

Validation stamp

5. The completed and verified forms are then batched together by the Validation Point and sent to

the Card Bureau via Royal Mail using an official pre-addressed, pre-paid envelope.

6. Forms received by the Bureau are scanned and transcribed electronically into the Card

Management System with date and time recorded to enable the monitoring of the application

through the process.

7. The personalised National Entitlement Card is produced and sent to the Customer; this also

results in external dataflows:

X1 – Local Authority

X2a – myaccount – Create Card

X3 – Transport Scotland.


Data File Application

Data File Application Explanatory Notes

1. In certain cases, the Customer’s Local Authority already manages a system which contains

information that has already been verified regarding the Customer.

2. The Local Authority asks the Customer to agree to the Terms and Conditions of the NEC. The

Terms and Conditions include permission to share data with the Local Authority in whose area the

Customer resides or is in school, and any Service Provider with whom the Customer elects to

transact. In addition, the Customer may choose to share data with other public sector

organisations.

3. Card application data is extracted from the local database in a prescribed format. A photograph is

not required for the Junior NEC, known as KIDZ card, which some Local Authorities offer to

children below secondary school age. The facility for certain Local Authorities to have barcode

and Library/Leisure system identifiers as part of the card that is produced means that these fields

can be populated, although this is restricted to a limited number of Local Authorities and is being

phased out.

Extract Data:

Title

Gender

First Name

Middle Initials/Middle Name

Surname

Date of Birth

Address

Phone number

Mobile number

Email

Current school/college/university


Young Scot

Volunteer

Photo

Photo referee contact details

Proof of person

Proof of residency


Proof of photo


Pupil ID (if supplied by LA, used to allow schools to associate NEC holders with education-based systems,

not visible within CMS but returned to Local Authority in dataflow)

Leisure ID (if supplied by LA, used to produce card and subsequent replacements, not visible within CMS)

Library ID (if supplied by LA, used to produce card and subsequent replacements, not visible within CMS)

Barcode ID (if supplied by LA, used to produce card and subsequent replacements, not visible within CMS

but returned to Local Authority in dataflow)

Legacy Reference Number (if supplied by LA, used to allow LAs to associate NEC holders with existing LA

systems, not visible within CMS but returned to Local Authority in dataflow)

4. This data extract is passed through format validation software locally that does not alter any of the

initial data. A secure file is generated.

5. The secure file is transferred to the Card Bureau via secure file transfer protocol where the data is

further validated; any errors result in the file being rejected, and the Local Authority is required to

correct it. Files passing validation are loaded into the Card Management System.

6. The National Entitlement Card is produced from the data held and sent to the Customer; this also






Agent Direct Input Application to CMS

Agent Direct Input Application to CMS Explanatory Notes

1. The Customer visits a Validation Point (this could be a Local Authority location or an SPT office

but NOT a Post Office as they have no access to CMS) to present proofs of person, residence,

photograph and entitlement. See Appendix A – Proofs; Appendix B – Validation Points. Some

Local Authorities will also provide a form to collect details in advance.

2. The Local Authority Agent at the Validation Point enters the Customer’s personal and other

details as presented directly into the Card Management System. A photograph is not required for

the Junior NEC, known as KIDZ card, which some Local Authorities offer to children below

secondary school age.

Screen Data:

Title

Gender

First Name

Middle Name

Surname

Date of Birth

Address

Phone number

Mobile number

Email address

Photograph


Young Scot

Volunteer

3. The Card Management System will prompt the Local Authority Agent to ask the Customer to

agree to the Terms and Conditions. Terms and Conditions include permission to share data with

the Local Authority in whose area the Customer resides or is in school and with any Service

Provider with whom the Customer elects to transact using the card.

4. The Customer is asked to confirm that they agree to the Terms and Conditions, and whether or

not they consent to share data with the wider Scottish public sector.


5. If the Customer agrees to the Terms and Conditions, the Local Authority Agent checks all details

are correct and verifies and completes the application with a request for a card to be produced,

otherwise the entry is cancelled deleting all Customer information gathered. Data is entered into

the system reflecting the proofs seen.

Proof Data:


Proof of person

Proof of residency

Proof of photo








NEC Online Application

NEC Online Application Explanatory Notes

1. The Customer goes to the ‘National Entitlement Card’ online web page.

2. The service requires the Customer to register or sign-in using the myaccount service, which

includes external dataflow:

X2e – myaccount Sign-in/Register.

3. The Customer will be directed back to the NEC online portal with the sharing of core details to

populate certain elements of the online application form and to allow partially completed

applications in NEC Online to be linked with the user that is signed in to myaccount.

myaccount Data

Username

Gender

First Name

Middle Name

Surname

Name

Date of Birth

Address

Email address

NEC Number(s)

SLoA

UCRN

Secure Visitor Token

4. The Customer is then required to complete other parts of the application providing additional

details and a photograph.

Form Data

Title

Preferred Name

Phone number

Mobile number


Photo


Agreement to Terms and Conditions (NEC)

5. The Customer confirms the details recorded by NEC Online are correct and are ready to be

transferred to the Card Management System.

6. The online application details are transferred to the Card Management System to await

verification of proofs and validation of the application by an LA Agent at a Validation Point.

7. The portal reference number for the application is shared with the Customer.

8. The Customer is advised to take required proofs to the Validation Point for their Local Authority

area. These are all listed on http://www.entitlementcard.org.uk/validation-points and may be a

Local Authority location or an SPT office.

9. The Customer brings the portal reference number and any required proofs of person, residence,

photograph and entitlement to the Validation Point for their local authority area for verification of

proofs and validation of the application.

10. The Local Authority Agent at the Validation Point completes validation of proofs, and then submits

the request for the card to be produced.

Proofs Data:


Proof of person

Proof of residency

Proof of photo







12. The online application data is deleted from the NEC Online portal after 30 days or once the

application has been validated if that is sooner.

http://www.entitlementcard.org.uk/validation-points


National Entitlement Card Update

Customers are able to request updates to their details held on the national Card Management System

(CMS), some of which may result in the hotlisting of their existing card and the option to have a

replacement card to reflect these updates in some instances.

In addition, if it is suspected that a card has been misused or its holder is otherwise no longer entitled

to one or all of the services it gives them access to (e.g. if they have moved away), it may be

hotlisted.

NEC Update functions are:

NEC Update via Agent: the Customer contacts their Local Authority or SPT office to make

amendments to personal details, contact details or photograph. This may or may not result in the

issue of a replacement card and the hotlisting of the old card.

NEC Online Update: the Customer is directed through myaccount service to the NEC online

portal where they can choose to update personal or contact details. For certain changes, the

Customer may need to present additional proofs to the Local Authority Agent at a Validation Point

who can then complete the update. This may or may not result in the issue of a replacement card

and the hotlisting of the old card.

NEC Online Update Photo: the Customer is directed through myaccount service to the NEC

online portal where they can choose to provide a new photograph; this is verified by the Local

Authority Agent and this may result in the production of a replacement card, and the hotlisting of

the old card.

NEC Replacement Card via Agent: the Customer contacts a Local Authority Agent to report

their card as lost, not received, stolen or damaged; this allows a new card to be produced and

dispatched, and the old card to be hotlisted. There may also be a need for Local Authority Agents

to follow this process if the card is issued with errors on, or there is a scheme change that will

render the current card unusable.

NEC Online Replacement Card: the Customer is directed through myaccount service to the

NEC online portal where they can report their card as lost, stolen or damaged; this allows a new

card to be produced and dispatched, and the old card to be hotlisted.

NEC Hotlist Card: the Customer’s card may need to be withdrawn without being replaced if, for

example, a Local Authority is notified that the Customer is deceased, or has moved away.

Alternatively, the card may have been reported as being used fraudulently by a Service Provider

(e.g. Transport Scotland). In each case, a Local Authority Agent may hotlist the card without

issuing a replacement.


NEC Update via Agent

NEC Update via Agent Explanatory Notes

1. The Customer makes contact with a Local Authority Agent to request changes to their personal

details, contact details or photograph in CMS.

2. The Agent will establish whether the changes require the Customer to attend in person to present

proofs relating to change of person or address or entitlement before processing the relevant data.

Change Data:

Title

Name

Date of Birth

Gender

Address

Phone number

Mobile number

Email address

Photograph


Young Scot

Volunteer


Verify proofs


Proof of residency

Proof of photo


3. The Local Authority Agent makes the changes requested, with external dataflows as appropriate:


X2b – myaccount – Personal Details Change

and/or X2c – myaccount – Contact Details Change.


4. If appropriate, the Local Authority Agent then requests a replacement card to be produced. This

will also result in hotlisting of the previous card and additional dataflow:

NEC Hotlist Card.







NEC Online Update

NEC Online Update Explanatory Notes

1. The Customer signs in or registers with the myaccount service, which includes external dataflow:


2. The Customer will be directed to the NEC online portal with the sharing of core details to establish

a link to the correct account.

myaccount Data:

Username

Gender

Name

Date of Birth

Address

Email address

NEC Number(s)

SLoA

UCRN


3. If the Customer updates their contact details, these changes are made immediately; this also

results in external dataflows as appropriate:


X2c – myaccount – Contact Details Change.

Contact Data:

Phone number

Mobile number

Email address

4. The Customer may choose to update their preferred name and/or address; these are the only

personal details other than a photograph that can be updated using NEC Online.

5. If so, they will be informed that a Local Authority Agent will check name and address changes;

address and some name changes may require proofs to be presented.

6. When notified, the Local Authority Agent checks the name changes and address changes, and

contacts the Customer requiring proof if necessary.


7. If the name and/or address change is acceptable, the Local Authority Agent approves the request

and the Customer’s record on the Card Management System is updated to reflect this, with

external dataflows as appropriate:


X2b – myaccount – Personal Details Change.

Personal Data:

Preferred Name

Address

8. If appropriate, the Local Authority Agent then requests a replacement card to be produced. This

will also result in hotlisting of the previous card and the appropriate dataflow:

NEC – Hotlist Card.







NEC Online Update Photo

NEC Online Update Photo Explanatory Notes

1. The Customer signs in to or registers with myaccount service, which includes external dataflow:




myaccount Data:

Username

Gender

Name

Date of Birth

Address

Email address

NEC Number(s)

SLoA

UCRN


3. The Customer uploads a photograph and will be informed that a Local Authority Agent will need to

check the photograph.

4. The Local Authority Agent compares the new photograph against the original photograph to

ensure this is the same person and that the new photograph is suitable.

5. If the photo is acceptable, the Local Authority Agent approves the request and the Customer’s

record on the Card Management System is updated to reflect this; if the photograph is not

acceptable, the Local Authority Agent will contact the Customer to inform them so that any issue

can be resolved.

6. If appropriate, the Local Authority Agent then requests a replacement card to be produced which

will have the new photo on it.







NEC Replacement Card via Agent

NEC Replacement Card via Agent Explanatory Notes

1. The Customer makes contact with a Local Authority Agent to report that their card has been lost

or not received, stolen or damaged; there may also be a need to replace a card if it is issued with

errors or there is a scheme change that will render the current card unusable

2. The Local Authority Agent records the reason for a replacement card being requested, and

processes the request.

3. The old card is automatically hotlisted, as per dataflow:

NEC Hotlist Card.


results in dataflows over external dataflows:





NEC Online Replacement Card

NEC Online Replacement Card Explanatory Notes

1. The Customer signs in to or registers with the myaccount service, which includes external

dataflow:




myaccount Data

Username

Gender

Name

Date of Birth

Address

Email address

NEC Number(s)

SLoA

UCRN


3. The Customer reports that their National Entitlement Card has been lost, stolen or damaged and

this will create a replacement card action within the Card Management System. The type of card

issued cannot be changed online.

4. The old card is automatically hotlisted as per NEC Hotlist Card dataflow.







NEC Hotlist Card

NEC Hotlist Card Explanatory Notes

1. EITHER: National Entitlement Cards can be hotlisted manually if the Customer has moved away,

is deceased or there is a suspicion of misuse of the card.

2. OR: The majority of National Entitlement Cards that are hotlisted will be placed on the hotlist as a

result of a card replacement being issued, for whatever reason.

3. The Card Management System is updated with the fact that the card has been hotlisted, together

with the reason.

Hotlist Data

NEC Number

Hotlist date

Hotlist reason

This also results in the external dataflows:


X2d – myaccount – Hotlist Card



External Data Flows

External data flows fall into two broad categories – Regular and Ad Hoc.

Regular

As part of the day-to-day operation of the NEC Scheme, a number of different data flows to systems

outside of the CMS exist to ensure that data is correctly maintained in all systems underpinning the

Scheme:

X1 Local Authority Extracts: the data controller for the NEC Scheme is the Customer’s Local

Authority, and, to assist them in their obligations with regard to the scheme and data protection,

Customer data is shared with the Local Authority concerned.

X2a myaccount – Create Card: a new or replacement card issue results in data being used to

notify myaccount of the details.

X2b myaccount – Personal Details Change: an update to the Customer’s personal details on

CMS results in data being used to notify myaccount of the details; similarly, personal details

updated on myaccount, including notifications of death, are passed to CMS.

X2c myaccount – Contact Details Change: an update to the Customer’s contact details on

CMS results in data being used to notify myaccount of the correct details; similarly, contact details

updated on myaccount are passed to CMS.

X2d myaccount – Hotlist: hotlisting the Customer’s card on CMS results in data being passed to

myaccount with the details.

X2e myaccount – Sign-in/Register: the Customer who wishes to make use of NEC Online is

required to make use of myaccount. The myaccount service shares certain data with NEC Online

as part of the process of signing in the Customer.

X3 Transport Scotland: as all National Entitlement Cards have the potential to carry travel

concessions or tickets on behalf of Transport Scotland, some data has to be provided to

Transport Scotland systems.


X1 Local Authority Extracts

X1 Local Authority Extracts Explanatory Notes

1. On a daily basis, every new application, replacement card request or change of circumstance

recorded within CMS are included in a file that is provided to the Local Authority responsible for

the Customer concerned, which allows Local Authority services for these cards to be activated,

hotlisted, or updated as required. The Daily File extract contains data for that Local Authority only.

LA Data

Applicant ID

Application ID

Application Status

Created By

NEC Number

Photo ID

Gender

Title

Name

Date of Birth

UCRN

Deceased indicator

Deceased date

Address

Postcode

UPRN

Local Authority

Telephone

Mobile

Email

Data Sharing indicator

Terms & Conditions indicator

Card Type

Proof of Identity

Proof of Residency

Disability/Disabilities type

Card Expiry Date

Card Type (Kidz/Not Kidz)

Mifare Number

ISRN Number

Encoded On Date


Printed On Date

Despatched On Date

Expired On Date

YP Bus indicator

YP Rail indicator

Ferry indicator

TS Ferry Voucher Number

Card Status

Barcode

Establishment Code

Replacement Date

Replacement Reason

Hot List Date

Hot List Reason

Legacy No.

Pupil ID

HE/FE indicator

YP/YS indicator

2. A Local Authority may request a file containing an extract of the records for all Customers that

they are responsible for. This request must be placed via NECPO. The Full File extract contains

data for that Local Authority only; data provided is as described in 1.

3. The Daily File is created overnight and is placed on a secure transfer (sftp) server to be collected

by an authorised Local Authority Agent (access rights are controlled dependent on operational

need).

4. If possible, the Full File is created close to the time requested by the Local Authority, and is

placed on a secure transfer (sftp) server to be collected by an authorised Local Authority Agent

(access rights are controlled dependent on operational need).


X2a myaccount – Card Create

X2a myaccount – Card Create Explanatory Notes

1. A Create Card (CC) record relating to every card created on CMS that day is added to a file to be

sent on a daily basis to myaccount to allow Customer and address information to be verified and

maintained within what is initially a dormant, ‘card only’ myaccount record which can

subsequently be activated by the Customer for use online. Note that the card may either be new,

or be a replacement.

CC Data

Applicant ID

NEC Number

Gender

Name

Date of Birth

UCRN

Address

Postcode

UPRN

Local Authority

Proof of Identity

Proof of Residency

Transaction Code

Preferred Name

Provenance (CMS)

Date of Event

2. A Data Integration Confirmation (DIC) record for every Create Card record successfully received

from CMS is added by myaccount to a file that is sent on a daily basis to CMS.

DIC Data

Applicant ID

UCRN

Postcode

UPRN

Transaction Code (ignored by CMS)

Preferred Name

Provenance (myaccount)

Date of Event


X2b myaccount – Personal Details Change

X2b myaccount – Personal Details Change Explanatory Notes

1. A Personal Details Change (PDC) record for each Customer record that has had changes to

relevant Personal Details on CMS that day is added to a file to be sent on a daily basis to

myaccount to allow these details to be verified and maintained within what is initially a dormant,

‘card only’ myaccount record which can subsequently be activated by the Customer for use

online.

PDC CMS Data

Applicant ID

NEC Number

Gender

Name

Date of Birth

UCRN

Proof of Person

Transaction Code

Preferred Name

Provenance (CMS)

Date of Event

2. Similarly, a Personal Details Change (PDC) record relating to each record in myaccount that has

had changes made to relevant Personal Details that day is added to a file to be sent on a daily

basis to CMS to allow these details to be verified and maintained within CMS. This data may

include notification that the Customer is now deceased.

PDC myaccount Data

Applicant ID

Gender

Name

Date of Birth

UCRN

Deceased indicator

Deceased date


Preferred Name


Date of Event


X2c myaccount – Contact Details Change

X2c myaccount – Contact Details Change Explanatory Notes

1. A Contact Details Change (CDC) record for each Customer record that has had changes to

relevant Contact Details on CMS that day is added to a file to be sent on a daily basis to

myaccount to allow these details to be verified and maintained within what is initially a dormant,

‘card only’ myaccount record which can subsequently be activated by the Customer for use

online.

CDC CMS Data

Applicant ID

NEC Number

UCRN

Address

Postcode

UPRN

Local Authority

Proof of Residency

Transaction Code

Provenance (CMS)

Date of Event

2. Similarly, a Contact Details Change (CDC) record relating to each record in myaccount that has

had changes made to relevant Contact Details that day is added to a file to be sent on a daily

basis to CMS to allow these details to be verified and maintained within CMS.

CDC myaccount Data

Applicant ID

Address (ignored by CMS)

Postcode (ignored by CMS)

UPRN (ignored by CMS)

Local Authority (ignored by CMS)

Telephone

Mobile

Email



Date of Event


X2d myaccount – Hotlist Card

X2d myaccount – Hotlist Card

1. A Hotlist Card (HC) message recording details of each card hotlisted on CMS that day is added to

a file to be sent on a daily basis to myaccount to allow these details to be verified and maintained

within what is initially a dormant, ‘card only’ myaccount record which can subsequently be

activated by the Customer for use online.

HC CMS Data

Applicant ID

NEC Number

Hot List Date

Transaction Code

Provenance (CMS)

Date of Event

Applicant ID


X2e myaccount – Sign-in/Register

X2e myaccount Sign-in/Register Explanatory Notes

1. When the Customer wishes to use NEC Online to see or modify their card details held in CMS, or

to make an application for an NEC, they must use the Scottish Government’s myaccount service

for secure access.

2. NEC Online redirects visitors wanting to use the myaccount service to the site automatically.

3. The myaccount service will ask the Customer to either sign-in if they have used the myaccount

service before, or to register.

4. The data entered by the Customer will vary depending on whether they need to register, or are

signing-in having registered with the myaccount service on another occasion. A Customer may

choose to register with their National Entitlement Card if they already have one which will reduce

the amount of detail required to be entered.

Sign-in Data

Username

Password

Register Data (without National Entitlement Card)

Title

Name

Date of Birth

Gender

Email

Address

Preferred Name

Telephone Number

Mother’s maiden name (if required)

Town of birth (if required)

Terms and Conditions agreement (myaccount)

Data share consent (NEC)


Register Data (with National Entitlement Card)

Date of Birth

Email

Postcode

Telephone Number

Terms and Conditions agreement (myaccount)

NEC Number

5. Once the Customer has successfully signed in or registered, the Customer data relating to the

Customer from myaccount is passed securely to NEC Online, along with a Secure Visitor Token

(SVT) which is a unique opaque identifier shared only between myaccount and the NEC Online

system to allow the Customer to have seamless access to their NEC details without these

needing to be shared with myaccount.

myaccount Data

Username

Gender

Name

Date of Birth

Address

Email address

NEC Number(s)

SLoA

UCRN


6. If the Customer is already identified by myaccount as holding an NEC and having a record on

CMS, using the information received from myaccount, NEC Online requests access to the card

details held on the Customer Management System for the Customer.

Request Data

NEC Number


7. The Card Management System returns details relating to the Customer’s NEC to NEC Online.

Card Data

Applicant ID

NEC Number

Name

Card Issue Date

Card Expiry Date

Card Status


8. Using the data supplied from CMS, NEC Online then proceeds to allow the Customer access to

their data.


X3 Transport Scotland

X3 Transport Scotland Explanatory Notes

1. The CMS sends data to specialist secure printers that produce each National Entitlement Card.

Each card produced is encoded to ITSO standards (see below) to allow it to be used for transport

purposes.

2. To ensure that the ITSO encoding on the card is correctly recorded on Transport Scotland’s back

office HOPS system, devices associated with the printers themselves securely transfer a record

of the cards produced to Transport Scotland’s ITSO HOPS daily.

Print Data

NEC Number

ISRN

Expiry Date

Title

Name

Address

Postcode

Phone

Mobile

Email

Date of Birth

Concession type

3. The CMS also records basic demographic information relating to each card produced and

securely transfers a file on a daily basis to Transport Scotland.

Demographic Data

NEC Number

Date of Birth

Gender

Postcode


Local Authority

Applicant Form ID

Applicant ID

Test Card indicator

Effective Start Date/Time

Effective End Date/Time

Card Status

Card Concession Type

Transport Scotland Concession Scheme

4. Daily, a file containing data relating to each card hotlisted within CMS is securely transferred to

Transport Scotland’s HOPS.

Hotlist Data

NEC Number

Date Effective From

Reason

ITSO Explanatory Notes

ITSO is the national Specification, or Standard, for smart ticketing. The copyright for this is owned by The Crown in Great Britain.

The Specification was developed with the aim of ensuring that public transport operators throughout Great Britain can develop compatible smart ticketing systems.

That means that, where necessary or desirable, different operators’ smart ticketing systems can ‘talk’ to each other so that a passenger can use just one smartcard no matter which operator is providing a service or what mode of transport they are using, rather than having to buy lots of different tickets or carry separate smartcards.

THIS section explains how an ITSO smart ticketing system currently works. However technology continues to evolve and this will change and adapt in future.

All ITSO-compliant systems rely on ISAMs (ITSO Secure Application Modules) which are secure electronic data processing modules, the size of a mobile phone SIM card. These check the card

https://www.itso.org.uk/the-specification/


holders’ permissions, authenticate and validate their electronic tickets, and store journey data for further processing.

The ISAM communicates with the back office system (HOPS or Host Operator or Processing System) through another security device called an HSAM (HOPS Secure Application Module).

The overarching security application module in a system is known as the Primary HSAM or PHSAM.

ISAMs are inserted into railway ticketing gates and machines, or on bus, tram or ferry ticketing machines. They can also reside within handheld ticketing machines used by bus or train ticket inspectors, or be used in toll systems such as on bridges or in transport tunnels.

When an operator sets up an ITSO system, the ISAMs are profiled using the ITSO Security Management System (ISMS) which is run by ITSO Limited. This is the central part of the ITSO Security Sub System which acts as the ‘keeper of the keys’, managing the provision of data access keys to the secure devices (ISAMs) in ticketing machines and barriers.

The electronic wallet within a smartcard that contains electronic tickets for ITSO-compliant schemes, similar to an ‘app’ on a smartphone, is known as a shell. The shell can be programmed to be read by machines to say ‘yes this person has enough money on the card to pay for this ticket’, or ‘yes this person is a railway season ticket holder for this route’. This is programmed by individual transport operators to reflect their individual tickets and prices.

ITSO Limited only provides the services of the ISMS. It does not offer smartcards, ticketing machines or HOPS services. These are provided by suppliers whose equipment is tested and certified by ITSO to ensure it can run ITSO-compliant schemes.

https://www.itso.org.uk/itso-explained/

https://www.itso.org.uk/itso-explained/


Ad hoc

Access to NEC scheme data is tightly controlled, and is normally only available to the Local Authority

associated with the Customer and organisations acting on the Local Authority’s behalf in

administering the NEC scheme or services associated with it. There is only one formalised data flow

which has been agreed as an exception to this:

X4 Police Enquiries: in exceptional and tightly controlled circumstances, data may be shared

with the Police Service of Scotland (Police Scotland) or the British Transport Police on request.

This process is managed by Transport Scotland, and is documented in a Memorandum of

Understanding designed to ensure that data is only shared when necessary, and is limited to

those directly implicated in the request.

X4 Police Enquiries

X4 Police Enquiries Explanatory Notes

1. Police officers determine that data relating to the NEC may be of help in relation to cases relating

to a serious crime, or preventing harm to life. The data requested is documented as precisely as

possible (e.g. dates and times required), and is authorised by a senior officer. The form

requesting information is submitted to Transport Scotland via secure e-mail.

2. In line with their Data Protection Act responsibilities, Transport Scotland will assess whether the

data requested can be disclosed without a warrant being requested. Depending on the request,

they may be able to retrieve information such as journeys from HOPS at this stage.

3. Assuming that the request is judged to be reasonable and also requires information from CMS,

Transport Scotland will pass the query to NECPO by secure e-mail.


4. Again, in line with their Data Protection Act responsibilities, NECPO will need to be satisfied that

the data requested can be disclosed without a warrant being requested. If so, requested data is

retrieved from CMS.

Card Data

Name

Address

Date of Birth

NEC Number

Photograph (if required)

Date of card replacement

Reason for card replacement

Card expiry date

Card type

5. Data from CMS, or indeed a refusal, is returned via secure e-mail to Transport Scotland by

NECPO.

6. Responses from Transport Scotland, which may comprise data from either or both HOPS and

CMS as well as full or partial refusals, are returned to the relevant Police Service (Police Scotland

or British Transport Police) via secure e-mail.


Appendix A – Proofs

As the National Entitlement Card can be used to give access to a number of different services and as

proof of age, etc., it is only issued when a person, their address, photograph and entitlement has

been verified by checking certain documentary or other evidence or proofs.

The up-to-date list of acceptable proofs of person, address and photograph can be found at

http://www.entitlementcard.org.uk/proofs.

The up-to-date list of acceptable proofs of entitlement for the Transport Scotland Concessionary

Travel Scheme for the disabled can be found at

http://www.transport.gov.scot/public-transport/concessionary-travel-people-aged-60-or-disability.

Appendix B – Validation Points

Across Scotland there are a number of locations Customers may visit to have their proofs verified and

their NEC application validated. These are operated by or on behalf of the Customer’s Local

Authority. Different Local Authorities may use Customer Service locations, Libraries, SPT offices, Post

Offices, etc. Locations vary by Local Authority and over time. Some locations may only accept certain

types of application as e.g. Elderly and Young People’s applications may be handled separately. A list

of Validation Points for each Local Authority can be found at

http://www.entitlementcard.org.uk/validation-points.

http://www.entitlementcard.org.uk/proofs

http://www.transport.gov.scot/public-transport/concessionary-travel-people-aged-60-or-disability

http://www.entitlementcard.org.uk/validation-points


Glossary of Terms

Term Meaning

Agent (Local Authority Agent) An official acting on behalf of a Local Authority who assists in managing National Entitlement Cards for their area. They are an employee either of the Local Authority or of an organisation acting on behalf of the Local Authority such as SPT, and will usually have access to the NEC CMS as their role requires. However, not all LA Agents will have access to CMS.

Applicant ID The Applicant ID is generated by the CMS as a unique system identifier for the record corresponding to an individual applying for an NEC. For a large number of Customers, there will be a single Applicant ID; however, individuals may have multiple Applicant IDs if separate applications have been made by the Customer over time. Only in very few cases are multiple Applicant IDs active at any given time for a single Customer and these are linked Applicant IDs; these are linked within the system to allow the Customer’s records to be managed effectively.

Application ID A unique Application ID is assigned by CMS to each application received. Paper forms have this identifier pre-printed on them, applications received directly into the system, or electronically either by datafile or via NEC Online are assigned an Application ID as the CMS record is created. The Application ID is shared with the Customer’s Local Authority and serves as an audit cross-reference to forms submitted.

Authentication The process of determining whether someone is who he or she is declared to be. This is usually carried out by presenting credentials e.g. supplying a username and password to a computer system. Authentication merely ensures that the individual is who he or she claims to be, but says nothing about the access rights of the individual.

Back-office Refers to processes which are not normally visible to be public, e.g. the re-ordering of stock for a shop.

Card Bureau A service provided under contract to NECPO that provides a facility to produce and dispatch cards.

CMS National Entitlement Card Management System which holds Customer data relevant for the production of the National Entitlement Card.

Credential Something that is verified when presented as part of an authentication transaction. For the myaccount service this will normally be a username and password combination although other information may be asked for where additional security measures are required

Customer A member of the public who is, intends to be, or has been an NEC holder. Hotlist A list of card numbers representing cards that are no longer valid for use

either due to being replaced through normal processes, or being reported as lost, stolen or used fraudulently.

HOPS Host Operator or Processing System, the system used for managing transport operator use of ITSO smart ticketing.

Identifier Something that names or identifies a piece of data. Improvement Service The Improvement Service works with Local Authorities and their partners

to help improve the efficiency, quality and accountability of local public services in Scotland by providing advice, consultancy and support. Amongst other roles, they are responsible for the management and development of the myaccount system and the extended use of the One Scotland Gazetteer and National Entitlement Card scheme.

ITSO ITSO Ltd is a Government-backed, non-profit distributing organisation which aims to make travelling on public transport throughout the UK seamless and easier by using smart ticketing technology. The company is the guardian of the ITSO Specification – a Crown Copyright open national standard for smart ticketing.

KIDZ card An NEC scheme card issued by some Local Authorities to children younger than twelve years of age to demonstrate entitlement to e.g. Library membership, discounted leisure facilities. The card differs from other NEC scheme issues as they do not carry photographs.

Level of Assurance, Scottish Level of Assurance, SLoA

A value that reflects how much trust can be placed in a declaration of the Customer who claims to be a particular individual. The value is derived from checking both the validity of any proof presented and verification that it is controlled by or applies to the Customer. Scottish Level of Assurance refers to the specific standards that have been agreed for use within the myaccount service in the Scottish public sector


Local Authority, LA One of the 32 Scottish councils. myaccount A system developed and operated by the Improvement Service on behalf

of the Scottish Government and Local Authorities that allows the creation and maintenance of a secure account for accessing online public services in Scotland. The system also offers data management tools and processes to assist public services in offering secure access.

NEC National Entitlement Card. The National Entitlement Card scheme is a partnership between the Scottish Government, Scotland’s Local Authorities and others providing a multi-application smartcard scheme to make it quicker and easier to access services (such as transport, cashless catering, library/leisure membership, payments, concessions, proof of age) using one card.

NEC number A unique number used to identify a specific National Entitlement Card NEC Online A web-based system that gives the Customer secure access to a limited

subset of CMS data relating to their card or card application. NEC Online portal Specifically the web pages comprising the Customer access point to NEC

Online. NECPO NEC Programme Office. The NECPO is a service provided by Dundee City

Council on behalf of the Improvement Service and Local Authorities that administers the NEC scheme, managing the systems and suppliers involved and undertaking the development and expansion of the scheme. The NECPO is managed by a Board representing Transport Scotland, the Scottish Government, the Improvement Service and Scottish Local Authorities.

National Health Service Central Register, NHSCR

The NHSCR contains basic demographic details of everyone who was born, or has died, in Scotland plus anyone else who is (or has been) on the list of a general medical practitioner in Scotland. The Register exists mainly to allow the smooth transfer of patients who move between Health Board areas. Under the provisions of Section 57 of the Local Electoral Administration and Registration Services (Scotland) Act 2006 (also known as the LEARS Act), the Registrar General is given powers to share some data with Local Authorities, including the UCRN. http://www.nrscotland.gov.uk/statistics-and-data/nhs-central-register

National Records of Scotland, NRS A non-ministerial department of the Scottish Government. It is responsible for civil registration, the census in Scotland, demography and statistics as well as national archives and historical records.

One Scotland Gazetteer An address database made up of all 32 individual Local Authority gazetteers. All addresses are created in accordance with the national standard for addressing, BS7666:2006 and the Scottish Gazetteer Conventions.

Photo ID A reference that links to the electronic file containing the photograph of the Customer.

Proofs (of person, residence, photograph, service entitlement)

A document or some other evidence of a person, address or entitlement. See Appendix A.

Secure Visitor Token When the Customer uses myaccount to add access another online system (e.g. NEC Online) a Secure Visitor Token specific to that Customer and the system accessed is generated. This is an opaque identifier that can be shared between the myaccount system and NEC Online with no dependency on any other personal details or identifiers.

Service Provider An organisation that offers services to Customers. sftp Secure File Transfer Protocol/SS File Transfer Protocol, a means of securely

transferring data using authenticated, encrypted connections. SLoA Scottish Level of Assurance, see “Level of Assurance”. SPT Strathclyde Partnership for Transport is a public body which is responsible

for planning and coordinating regional transport in the Strathclyde area of western Scotland. On behalf of Local Authorities in their area they administer NECs issued to the elderly and the disabled.

Token, secure token A secure standards-based mechanism for sharing authentication details across different domains.

Transport Scotland, TS Transport Scotland is an Executive Agency of the Scottish Government responsible for all transport related issues across Scotland.

UCRN The UCRN is an opaque identifier (i.e. it has no semantic value of itself, containing no personal information) that is held in both myaccount and the CMS system for the purpose of data integrity. It is not held on the card. The UCRN is allocated by National Records of Scotland (NRS) as it forms part of the National Health Service Central Register (NHSCR). There are clear rules associated with the UCRN and how it can be used. These rules are covered

http://www.nrscotland.gov.uk/statistics-and-data/nhs-central-register


in agreements between National Records of Scotland (NRS), the Improvement Service and Service Providers. The rules are designed to ensure that the UCRN is used in a controlled way in line with the Scottish Government’s Privacy Principles http://www.gov.scot/PrivacyPrinciples.

UPRN Unique Property Reference Number, an identifier in wide use in the public and private sectors as a way of identifying specific land and property units (addresses) as held in the One Scotland Gazetteer. The NEC scheme uses the UPRN to identify the correct address for Customers.

Validation Confirmation that the Customer’s application for or changes to an NEC are valid.

Validation Point A place Customers visit to have their proofs verified and their NEC application validated. See Appendix B.

Verification Checks carried out to ensure that the person, address, photograph and service entitlement claimed are supported by the proofs presented.

Young Person, YP A reference to the Concessionary Travel Scheme for Young People administered by Transport Scotland.

Young Scot, YS National youth information and citizenship charity providing young people, aged 11-26, with a mixture of information, ideas and incentives to help them become confident, informed and active citizens.

http://www.gov.scot/PrivacyPrinciples

National Entitlement Card Scheme Information … · Dataflow Diagrams Page 2 of 41 Document Control...

Documents

Transcript of National Entitlement Card Scheme Information … · Dataflow Diagrams Page 2 of 41 Document Control...