Security Solutions

- Confidential -

Bluetooth bracelets can be found on Alibaba cost around $6 FOB or Rs. 1000 to import Security app creation Rs. 40 Lakhs Price between Rs 2000 and 15000 numbers 50,000 to over 500,000 at these prices Retailer Commission Rs. 400 Margins Rs. 600 Time to execution 3-5 months Feature set can be reduced see last for Minimum Viable Product Sales can be online Promotions to be PR and digital based only

Figure 1.0

1.1

Product Component Description

1. A Wearable Trigger which would wirelessly pair with a smartphone and can be used to initiate specific actions through a linked smartphone application. The main use case is to easily trigger an SOS alarm when under attack or threat. The Wearable Trigger would send a signal to the smartphone with which it has ben paired.

Security Solutions

- Confidential -

would be responsible for procuring the Wearable Trigger. The Vendor is expected to work closely with the Wearable Trigger manufacturer identified by X at its own cost and provide the relevant technical inputs and expertise to ensure that the Wearable Trigger works seamlessly with the App as contemplated. The Vendor is expected to deliver the features set out in Appendix 3 after accommodating the technical limitations of the Wearable Trigger identified by . Please refer to Appendix 3 E for an understanding of the device specifications and the level of customization required. 2. A Smartphone Application (hereinafter the App) which can trigger an SOS alert to predesignated guardians. This application should be able to trigger the SOS alert with the latest GPS coordinates on receiving a wireless signal from the Wearable Trigger and from the phone itself.

The Vendor is expected to provide X with a white labeled application as per the specifications of this RFP.

3. An optional Portable Alarm that can be carried by the user on her person or in her handbag. This is expected to produce a very loud audio alarm which will alert people nearby on receiving a wireless signal from the phone.

X would be responsible for procuring the Portable Alarm. The Vendor is expected to work closely with the Portable Alarm manufacturer identified by X at its own cost and provide the relevant technical inputs and expertise to ensure that the Portable Alarm works seamlessly with the App as contemplated. In case X decides to launch the Portable Alarm at a later date and not as part of the initial launch, the Vendor shall ensure that provision is made for the installed base of the App to work with the Portable Alarm.

4. A Computerized System (hereinafter the SOS Server) which would be utilized to render the services proposed which would include but is not limited to user onboarding, service activation, provisioning and receiving and processing the SOS alert from a user.

The SOS Server setup must be physically located in India and all data must be stored within the sovereign territory of the Republic of India. Vendors must be open to hosting the system in the X data center.

Security Solutions

- Confidential -

1.2

Proposed Sales and Service delivery Process

The Wearable Trigger shall be sold through a variety of channels including but not limited to mass retail, online and institutional sales channels. The box shall include the Wearable Trigger and an activation key as well as instruction on how to download and install the App from the relevant operating system linked application store such as iTunes or Google play in addition to other relevant material.

The user is expected to register himself/herself with the relevant details and input the correct activation key for the services to be provisioned. The subscription period for the services rendered by the proposed product shall be one (1) year from the time of activation of services. The services can be renewed by the user at the end of the subscription period on the payment of a fee and by inputting an authentication key at one of the account management interfaces.

In case of an emergency, the user can trigger an alarm by pressing the button. The guardians configured by the user will receive an automated call triggered by the SOS Server informing them about the details of the alert. The guardians can stay informed of the last known location of the user by returning a call to the number from which the automated call originated. This would be supplemented by SMS, e-mail and social media linked information.

An overview of the proposed processes involved can be found in Appendix 7. The Vendor is at liberty to propose amendments to the process or a new process entirely provided the rationale is provided as well.

The Vendor is expected to propose a solution which can enable the above.

1.3

Strategic Alignment

The security product is expected to be the first of a new service line under the brand. This service line would include security and M2M based services covering family and asset tracking and security, but is not limited to the mentioned products. The App is expected to be one of the consolidated touch points through which these different services would be delivered to the customer. The vendor is expected to have the capabilities to enable 3rd party inputs to be received by the App. This capability is not expected to be present in the App for the current product but the Vendor must have the capability and willingness to enable it as per Xs request.

Security Solutions

- Confidential -

Security Solutions

- Confidential -

APPENDIX 2 X intends to launch this product in urban areas in circles for which it currently possesses telecom licenses. Instructions for proposing commercials: 1. All rates have to be inclusive of all taxes, cess, duties etc. 2. All rates have to be in Indian rupees 3. Vendors have to fill the matrix given as is. 4. Cells with a completely black background should not be filled. 5. Activation refers to the point in time when a user's valid activation key inputted into the application is authenticated and services are provisioned 6. Renewal refers to the point in time when an existing user's valid renewal activation key inputted into the application or any other relevant user touch-point is authenticated and services are provisioned 7. Vendors must give their inputs in the attached excel file and submit the same to X in electronic format as well.

Security Solutions

- Confidential -

Commercial terms for security solution

Band Capex Lower limit Upper limit 1 5,000 5,001 10,000 10,001 15,000 15,001 20,000 20,001 25,000 25,001 30,000 30,001 35,000 35,001 40,000 40,001 45,000 45,001 50,000 50,001 55,000 55,001 60,000 60,001 65,000 65,001 70,000 70,001 75,000 75,001 80,000 80,001 85,000 85,001 90,000 90,001 95,000 95,001 100,000+ 100,000 Year 1 Cost per Activation Cost per Activation Year 2 Cost per Renewal Cost per Activation Year 3 Cost per Renewal Cost per Activation Year 4 Cost per Renewal Cost per Activation Year 5 Cost per Renewal

Security Solutions

- Confidential -

APPENDIX 3

This appendix discusses features of the platform with inbuilt analytics as well as mobile applications.

Legend: C = Fully compliant, NC= Not-compliant, PC= Partial compliant Note: For clauses that are marked as C or PC, its mandatory to provide explanatory remarks that will assist in evaluating the response.

A. Functional and Technical requirements - Overall

Feature/Capability

Description 1. Device agnostic rich client experience 2. In absence of Data connectivity, critical information transmission via SMS 3. Enterprise module supporting multitenancy Data is primary Channel with SMS as backup

Compliance (C, Remarks NC, PC)

Application Capability

Channels

Exposes standard APIs where by developer Application Developer community can use those APIs and create framework enterprise applications Partner shall have experience in integrating Partner Capability the solution with other applications such as OSS/BSS systems, etc. All smart devices running the following Devices Operating systems: Android, iOS, Blackberry OS, Windows Mobile OS Provide the users with features like single-sign on, authentication, personalization and User Sign and customization within all parts of the -owned Authentication piece including but not limited to the App and the website. Self Care, service The system shall be able to automatically provision and deprovision or de-provision services depending provisioning on business rules. 1. Manages subscription including scenarios where the device, phone number etc. without Subscription limitation are changed Management 2. Enterprise level licensing and subscription management

Security Solutions

- Confidential -

Charging/Billing

1. Yearly charging 2. Subscription renewal management Open Standards to facilitate interoperability and data exchange among different products or services and are intended for widespread adoption Applications are designed to virtually partition its data and configuration so that each client organization works with a customized instance User data information is not available to others unless authorized. The vendor should comply with the security policies set as per X. All critical information/data stored within the system should be encrypted. Application should be able to authenticate users based on MDN, UserID, Password. It should have encryption policies on data w.r.t. storage and transit processing. The platform shall be IPV6 compliant For testing of applications by developer community or before moving to production The platform shall provide reports as per business and technical requirements (Not limited to) 1. Usage report 2. Subscription report 3. SLA report The platform shall be capable of integrating with Telco grade systems including but not limited to 1. Billing 2. Online Provisioning 3. ITSM/NOC tools 4. CRM 5. SMSC 6. IVR

Open Standards

Multitenant architecture

Security Policy

IPV 6

Test Bed

MIS/ Reports

Integration

Security Solutions

- Confidential -

The complete application life cycle management process shall be provided by the partner 1. Discovery 2. Delivery Application Life Cycle 3. Install 4. Configure Management 5. Upgrade 6. Replace 7. Management 8. Uninstall Describe the typical version upgrade process when a new commercial release is available Partner shall be responsible for day to day operations or would introduce partners capable to do the same End to End operations management (not limited to) 1. Fault monitoring and alarms 2. Policy Management 3. Network Interfaces 4. Backup 5. Scalability 6. Availability

Version Management

Operation Support (24*7 )

Operations Management

Help Desk

Help desk services for servicing consumer and enterprise customers

Self-monitoring

Ability to check the entire app to guardian link for any impairment in quality of service and for system up-time

Web interface for B2B Customizable web interface deployable at an clients enterprises security control room All customer touch points must be customizable from a branding perspective and X usability guidelines

Touch point Customizability

Security Solutions

- Confidential -

VXML 2.0 based Integrated Voice Response (IVR) Application

Application to be developed and hosted at X Data Center for integrating with X IVR for providing location update to Guardians once SOS is initiated by customer. Text-to-Speech (TTS) functionality for streaming voice packets to application hosted on X IVR, and server for hosting VXML application to be provided by vendor

10

Security Solutions

- Confidential -

B. Functional and Technical requirements App Feature/Capability SMS Alerts from App Description Compliance (C, NC, PC) Remarks

SMS sent to pre designated numbers with a SOS message A button on the primary app screen One-touch SOS alert which will trigger the services SOS alarm with live Location tracking once the alert is GPS tracking online triggered Last know location included as part of Location info in SOS the SMS as an internet link or nearest SMS identifiable address App to send location data as part of SMS back-up in case of SMS to back-end server in areas no data connectivity without data connectivity Stop location tracking option Option to stop tracking location Non-GPS location Network triangulation based location Tracking identification Ability to activate alarm by vigorously Shake to activate shaking the phone Customizable shake Ability to adjust the intensity of the Feature shaking needed to trigger the app Ability to cancel a false alarm. This should include an alert being sent to activate the bands vibration feature Cancel alert feature whenever an alarm is triggered. Can trigger audio alarm through phone Siren using phone speakers to alert speakers passers-by to come to the user's aid Alert cancellations must be done at the Cancel alert at SOS SOS Server and not at the application Server level Geo-tag unsafe Ability to tag an area as unsafe on a locations/incidents map through the app e-mail Alert E-mail alert to designated e-mail ids Alert posted on users social media sites Social Media with location and SOS message Route map as part of SOS alert "Check on me alert" incase the phone Alert in case of forced is shut off when battery is not low and shut down of phone deviates from regular usage patterns Alert sent asking people to check on "Track me" feature user regularly SMS location update Sends location update through

11

Security Solutions

- Confidential -

for every 10 mt change SMS/USSD in areas without data post alarm if no data coverage if the phone moves 10 from link the last know location Alerts a guardian to call user to provide Call me and bail me an escape from an uncomfortable out feature social or other situation Ability to send content related to TG through the app. Eg. - Safety tips, Content through app health tips etc. Informs users if entering an area which Safety alerts and tips has designated as unsafe by other Location based users Number of phone numbers to which app triggers SOS calls Five (5) Number of phone numbers to which app triggers SMS Five (5) Number of e-mails to which app triggers SMS Five (5) App automatically starts and runs in Run at start-up the background Syncs with wearable trigger only at Syncs with Device at pre-set times scheduled - battery pre-set time(s) conservation Syncs with wearable trigger only for Syncs with Device for pre-set durations battery pre-set duration Conservation Set areas where the app will not be Set safe zones triggered Prioritize Bluetooth pairing with device in case of Bluetooth Over rides other Bluetooth devices in conflict pairing priority Alert user in case Unsafe zones would be decided basis entering unsafe zone user tagging Deviation from safe Alerts user/guardian if any deviations route alert from pre-set route SoS button should be available through SOS button available a locked screen without having to on lock screen unlock phone Block specific numbers from calling Block calls feature user's phone Allow only specified numbers to call White listed calls only user's phone when this feature is when active feature active

12

Security Solutions

- Confidential -

Block specific numbers from texting Block SMS feature user's phone SMS sent to pre designated numbers SMS Alerts from App with a SOS message Android IPhone Blackberry Devices supported (please specify all the Windows versions supported) Others (please specify) Indoor positioning Ability to locate a device inside a capability building, especially which storey A user must be able to record his/her spoken name in the application which Audio recording of must then be stored on the SOS customers name Server for retrieval during an SOS alert during registration outbound call Im Here notification Sends a "I'm safe" message on reaching to pre-loaded number a pre-designated location Alert on pro-longed If alert is triggered in no-network zone, signal loss in no app will send the SOS whenever a coverage areas network is detected User must be able to modify all User account customizable aspects of the product management from the app itself

13

Security Solutions

- Confidential -

C. Functional and Technical requirements SOS Server

Feature/Capability Communications from back-end Outbound call alert

Description Back-end server which will initiate and control all communications Outbound dialer to pre designated numbers with a SOS message and last known location Last know location to be easily accessible through an online map services Route to be mapped once alert has been raised, till alert has been resolved / switched off by user

Compliance (C, NC, Remarks PC)

Online map provider integration for unsafe location alert Tracking subscriber route for duration of alert raised Alert to nearest subscribers with App enabled One-time emergency tracking code for others

Alerts other app users in the vicinity incase alarm is triggered Ability for guardian to track the user location for a single time and for a fixed duration even if an alarm is not raised by user. This feature has to be enabled by user. Outbound call in Outbound dialer in the language Vernacular selected by user with the address in an Indian accent Provisioning with Service should start only upon activation key receiving a one- time activation key or subscription renewal key as the case may be User behavior based Ability to analyze user behavior and auto alerts propose/raise alerts in case of deviations Web based interface Web based interfaces that can provide critical information to first responders 30 % buffer capacity Buffer capacity at each node from peak utilization 99.9% Uptime System availability Status update over IVR Guardians should be able to obtain the latest information on a user who has raised an alert by calling the number from which the outbound dialer originated Secure status update Guardians must be able to share the for non-guardians location of a user who has raised an

14

Security Solutions

- Confidential -

Opt out for guardians

Historical data Availability

Guardian number screening

Location in India

Reporting capabilities

alarm. This should be accessible to a non-guardian over e-mail, SMS and phone calls A guardian must be able to opt out of receiving calls related to this service for a unique user alone the first time he/she receives a call from a system pertaining to that user alone. User must be activated if a guardian opts out. Alarm details (including routes) to be available even beyond alert being closed / addressed for a specified duration System should to ensure that guardian numbers are private personal numbers of individuals and not that of the police or any public or govt. or any private concern or . All numbers have to be local numbers as well. The server hardware must be physically located in India and all personal information of the customer must be stored within the sovereign territory of India. Extensive report (summary / detail) producing capabilities. Example: 1. MDN wise list of subscribers 2. Expiration date wise 3. subscriber list 4. Report based on frequency of alerts raised 5. Report based on geography / circle from where alerts are raised 6. Multiple alerts from same location over a fixed time period (input for marking that area as unsafe) 7. Due for renewal list

Indoor positioning Capability

Ability to translate relevant inputs from the App to usable location information

15

Security Solutions

- Confidential -

Misuse tracking and Control

User account Management

Mechanism to monitor and control the usage of the service based on business rules User must be able to modify all customizable aspects of the product from the app itself

D. Functional and Technical requirements Customer Experience Compliance (C, NC, Remarks PC)

Feature/Capability CRM

Description Vendor to provide and enable X to interface with Vendor CRM systems. This CRM systems can be cloud based and should be accessible over the internet by X customer care representatives and should be configurable to handle both software and hardware related issues All aspects of the product except hardware issues with the Bluetooth bracelet on a 24/7 basis over phone, chat or e-mail. Relevant product documentation must be provided including but not limited to: 1. Training manuals for sales 2. Training manual for customer service 3. Product manuals for users Capability to integrate with X CRM so that complaint / query raised by subscriber (of service) can be routed to vendor issue resolution team automatically Capability to integrate with X ITSM tool for responding & resolving tickets raised within stipulated SLAs

L2 response

Product documentation

Helpdesk support

Incident Management

16

Security Solutions

- Confidential -

E. Customization and integration requirements Wearable Trigger Please refer to Appendix 5 for a detailed description of the existing features, proposed modifications and additional features that have to be created. The Vendor is expected to provide the technical expertise and project management expertise in coordination with X to ensure that the hardware vendor chosen to provide the Wearable Trigger supplies a device that is compatible with the App and which is optimized for the purpose contemplated in the RFP. For filling up the table given below, please follow the instructions hereunder C The Vendor has the complete set of skill sets and expertise required in-house to enable the function described in the table and can provide the support required PC The Vendor may have only partial levels of the set of skill sets and expertise required in-house to enable the function described in the table but can acquire or obtain the skill sets and expertise required to render support required by the time any commercial agreement that may result out of this RFP is executed NC - The Vendor has neither the complete or partial set of skill sets and expertise required in-house to enable the function described in the table nor can the Vendor acquire or obtain the skill sets and expertise required to render support required by the time any commercial agreement that may result out of this RFP is executed

Event

Action description
Press & hold for 12 seconds Quick press 1 time Vibrate 1 time for 1 second in every 3 seconds Press & hold between seconds and 4 seconds

Compliance (C, NC, PC)

Remarks

Modifications New features

Switching device off Silence vibration alarm Phone proximity alarm Custom signal to application (A)

Application response to custom Signal signal (B) Application activation alert (C) Pairing lost or disconnected Continuous vibration without break on receiving signal (B) till vibration cancelled Vibrate 1 time for 1 second in every 6 seconds

17

Security Solutions

- Confidential -

APPENDIX 4 Service Levels Service Level Agreements Severity Level-1 (Critical) issues will be attended to and service restored as per the SLA Severity Level-2 (High) issues will be attended to and service restored as per the SLA Severity Level-3 (Average) issues will be attended to resolved as per the SLA Severity Level-4 (Low) issues will be attended to resolved as per the SLA Application / System uptime Response time of application for providing current location update of customer to guardian should be less than 5 secs Illustration of Severity Categorization As per the attached Severity definition P1 to P4 document Timelines for Operations support (on 24x7 schedule) Severity Sev 1 Critical Sev 2 High Sev 3 Average Sev 4 Low Response 30 minutes 1 hour 1 hour 2 hours Workaround/ Restoration/Re solution 2 hours 4 hours 8 hours 24 hours Permanent Fix 2 working days 4 working days 6 working days 8 working days SLA 95% 90% 90% 90% 99.99% 99.80%

Please see addendum below for definitions on severity. Penalty clause Application/system uptime Rs. 1,00,000 per hour of downtime

Severity Sev 1 Critical

Sev 2 High

Response SLA breach penalty Rs. 50,000 per hour pro-rated for peak hours Rs. 30,000 per hour pro-rated for off-peak hours Rs. 20,000 per hour pro-rated for peak hours Rs. 10,000 per hour pro-rated for off-peak hours

Resolution SLA breach penalty Rs. 50,000 per hour pro-rated for peak hours Rs. 30,000 per hour pro-rated for off-peak hours Rs. 20,000 per hour pro-rated for peak hours Rs. 10,000 per hour pro-rated for off-peak hours

Peak hours till determined by empirical data can be considered to be the hours during which the probability of the services being used is very high.

18

Security Solutions

- Confidential -

19

Security Solutions

- Confidential -

Incident Management process addendum* Guidelines for categorizing incident: Incident priority Priority-1: Critical Description - Impacting Services in one or more circles and no workaround in place. - Anything which prevents users from raising an SOS alarm and/or Guardians from receiving an SOS alert with time stamp and location/address - Critical System, network or key application outage (or imminent outage) with critical impact on service delivery. - Business users or partners of one or more circles are unable to use IT Systems for business transaction. - Any incident that is directly impacting the revenue of impacts one or more service level commitments. - Any regulatory requirement. - Any Critical Service degradation (slowness) impacting one or more circles. - Impacting services in one or more circles with work around solution available till the problem is corrected. - Service degradation of non-critical services impacting one or more circles. - More than 10 % of subscriber base is affected in a particular circle. - Any event/customer activity that may lead to security related incident. - Critical data mismatch in MIS report. Priority-4: Low Impacting the critical services for individual customer that may lead to customer dissatisfaction. Any service disruption that will affect the productivity of individual business user. Data query on MIS report. Any other incident that affects directly or indirectly the quality of IT services to the end user. Individual user complaint with work around possible.

Priority-2: High

Priority-3: Average

* These definitions are subject to revision

20

Security Solutions

- Confidential -

APPENDIX 5

Device features and actions:

Event # 1 Event Switching device on Action description Press & hold for 3 seconds Press & hold for 6 seconds Info not available Quick press 2 times Vibrate 4 times over 30 seconds Vibrate 2 times in 1 second till call answered, rejected or dropped Vibrate 1 time after pairing sequence Press & hold for 12 seconds Quick press 1 time Vibrate 1 time for 1 second in every 3 seconds Press & hold between 2 seconds and 4 seconds Signal Continuous vibration without break on receiving signal (B) till vibration cancelled Vibrate 1 time for 1 second in every 6 seconds LED Status Blue - Flicker 3 times Blue Continuously glow for 6 seconds Info not available NA NA NA NA Blue - Flicker 12 times NA Device state Off Pairing state Not paired

1st time pairing Pairing after device is on Reject incoming call Low battery Incoming call Successful pairing Switching device off Silence vibration alarm Phone proximity alarm Custom signal to application (A) Application response to custom signal (B) Application activation alert (C) Pairing lost or disconnected

Off

Not paired

3 4 5 Existing features 6 7 1 2

On On On On On On On

Not paired Paired Paired Paired Paired Paired Paired

Modifications

NA

On

Paired

1 2

NA NA

On On

Paired Paired

New feature

NA

On

Paired

NA

On

Not paired

21

Security Solutions

- Confidential -

Technical specifications: Bluetooth version Carrier frequency Through-put power Effective range Continuous operational time Operating temperature range Storage temperature range Charging voltage Charging period LED colour V 2.0 2401 MHz-2480MHz 0dBm 10m 90 hours -10C to ~+50C -20C to ~ +80C 5 to ~ 5.3V 2 hours Blue

22

Security Solutions

- Confidential -

APPENDIX 6

List of X assets that have to integrate with the Vendors proposed solution. Asset Name Converged voice platform Description Vendor comments HP Internet Usage Manager (IUM) based platform which handles outbound calls and inbound IVR calls IT Service Management Tool HP Openview is used by X to (ITSM) measure SLAs and to track operational incidents to closure. This tool is expected to used to monitor SLA adherence. Smart Sys tool Internal device service request management tool based on an ASP .NET platform.

23

Security Solutions

- Confidential -

Appendix 7

1. High level process map for onboarding a new user

User buys device User downloads application User provides validation details User tests device functionality User inputs activation key

User registers

User Onboarded

User Validated

User tests service

Guardian onboarding

User furnishes guardian details

2. Proposed high level outbound SOS alert call process

User Triggers alert Device provides vibration alarm Triggered by mistake No App triggers after cancel alarm window time out App sends location alert to server App sends SMS to Guardians Server initiates outbound IVR alert to Guardians

yes User cancels alarm

Server terminates call

Server provides last known location

yes

Did user trigger alarm

Server screens for user alarm in last 12 hours

Server identifies user mapped to guardians number

Guardian calls IVR number

Server terminates call to Guardian

No Server informs guardian that location cannot be provided for more than 12 hours from alert

3. Components of the retail package a. b. c. d. e. f. g. Bluetooth module Swappable bands in multiple colours Activation key User manual Charger and cable Customer care details Warranty card

24

Security Solutions

- Confidential -

Feature/Capability

------------ End of Document -----------Description 1. Device agnostic rich client experience 2. In absence of Data connectivity, critical information transmission via SMS 3. Enterprise module supporting multi-tenancy Data is primary Channel with SMS as backup

Application Capability

Channels

A. Functional and Technical requirements - Overall

Application framework

Exposes standard APIs where Developer by developer community can use those APIs and create enterprise applications Partner shall have experience in integrating the solution with other applications such as OSS/BSS systems, etc. All smart devices running the following Operating systems: Android, iOS, Blackberry OS, Windows Mobile OS Provide the users with features like single-sign on, authentication, personalization and and customization within all parts of the MTS-owned piece including but not limited to the App and the website.

Partner Capability

Devices

User Sign Authentication

The system shall be able to Self Care, service provision automatically provision or deand de-provisioning provision services depending on business rules. 1. Manages subscription including scenarios where the device, phone number etc. without limitation are changed 2. Enterprise level licensing and subscription management 1. Yearly charging

Subscription Management

Charging/Billing

25

Security Solutions

- Confidential -

Open Standards

2. Subscription renewal management Open Standards to facilitate interoperability and data exchange among different products or services and are intended for widespread adoption Applications are designed to virtually partition its data and configuration so that each client organization works with a customized instance User data information is not available to others unless authorized. The vendor should comply with the security policies set as per SSTL. All critical information/data stored within the system should be encrypted. Application should be able to authenticate users based on MDN, UserID, Password. It should have encryption policies on data w.r.t. storage and transit processing. The platform shall be IPV6 compliant For testing of applications by developer community or MTS before moving to production The platform shall provide reports as per business and technical requirements (Not limited to) 1. Usage report 2. Subscription report 3. SLA report The platform shall be capable of integrating with Telco grade systems including but not limited to 1. 2. Billing Online Provisioning

Multitenant architecture

Security Policy

IPV 6 Test Bed

MIS/ Reports

Integration

26

Security Solutions

- Confidential -

Application Life Management

3. ITSM/NOC tools 4. CRM 5. SMSC 6. IVR The complete application life cycle management process shall be provided by the partner 1. Discovery Cycle 2. Delivery 3. Install 4. Configure 5. Upgrade 6. Replace 7. Management 8. Uninstall Describe the typical version upgrade process when a new commercial release is available Partner shall be responsible for day to day operations or would introduce partners capable to do the same End to End operations management (not limited to) 1. Fault monitoring and alarms 2. Policy Management 3. Network Interfaces 4. Backup 5. Scalability 6. Availability Help desk services for servicing consumer and enterprise customers Ability to check the entire app to guardian link for any impairment in quality of service and for system up-time

Version Management

Operation Support (24*7 )

Operations Management

Help Desk

Self-monitoring

Web interface clients

for

B2B

Customizable web interface deployable at an enterprises security control room

27

Security Solutions

- Confidential -

Touch point Customizability

All customer touch points must be customizable from a branding perspective and SSTL usability guidelines Application to be developed and hosted at SSTL Data Center for integrating with SSTL IVR for providing location update to Guardians once SOS is initiated by customer. Text-to-Speech (TTS) functionality for streaming voice packets to application hosted on SSTL IVR, and server for hosting VXML application to be provided by vendor SMS sent to pre designated numbers with a SOS message A button on the primary app screen which will trigger the services Location tracking once the alert is triggered Last know location included as part of the SMS as an internet link or nearest identifiable address App to send location data as part of SMS to back-end server in areas without data connectivity Option to stop tracking location Network triangulation based location identification Ability to activate alarm by vigorously shaking the phone Ability to adjust the intensity of the shaking needed to trigger the app

VXML 2.0 based Integrated Voice Response (IVR) Application

SMS Alerts from App One-touch SOS alert SOS alarm with live GPS tracking online Location info in SOS SMS Application

SMS back-up in case of no data connectivity Stop location tracking option Non-GPS location Tracking Shake to activate Customizable shake Feature

28

Security Solutions

- Confidential -

Cancel alert feature

Ability to cancel a false alarm. This should include an alert being sent to activate the bands vibration feature whenever an alarm is triggered. Siren using phone speakers to alert passers-by to come to the user's aid Alert cancellations must be done at the SOS Server and not at the application level Ability to tag an area as unsafe on a map through the app E-mail alert to designated email ids Alert posted on users social media sites with location and SOS message

Can trigger audio alarm through phone speakers

Cancel alert at SOS Server Geo-tag unsafe locations/incidents e-mail Alert Social Media Route map as part of SOS alert Alert in case of forced shut down of phone

"Check on me alert" incase the phone is shut off when battery is not low and deviates from regular usage patterns Alert sent asking people to check on user regularly Sends location update through SMS/USSD in areas without data coverage if the phone moves 10 mts from the last know location Alerts a guardian to call user to provide an escape from an uncomfortable social or other situation Ability to send content related to TG through the app. Eg. Safety tips, health tips etc. Informs users if entering an area which has designated as unsafe by other users

"Track me" feature SMS location update for every 10 mt change post alarm if no data link

Call me and bail me out feature

Content through app

Safety alerts and tips Location based

29

Security Solutions

- Confidential -

Number of phone numbers to which app triggers SOS calls Number of phone numbers to which app triggers SOS calls Number of e-mails to which app triggers SMS Run at start-up Syncs with Device at pre-set time(s) Syncs with Device for pre-set duration Set safe zones Prioritize Bluetooth pairing with device in case of Bluetooth conflict Alert user in case entering unsafe zone Deviation from safe route alert SOS button available on lock screen Block calls feature White listed calls only when active feature Block SMS feature SMS Alerts from App

Five (5)

Five (5) Five (5) App automatically starts and runs in the background Syncs with wearable trigger only at pre-set times scheduled - battery conservation Syncs with wearable trigger only for pre-set durations battery Conservation Set areas where the app will not be triggered Over rides other Bluetooth devices in pairing priority Unsafe zones would be decided basis user tagging Alerts user/guardian if any deviations from pre-set route SoS button should be available through a locked screen without having to unlock phone Block specific numbers from calling user's phone Allow only specified numbers to call user's phone when this feature is active Block specific numbers from texting user's phone SMS sent to pre designated numbers with a SOS message Android IPhone Blackberry Windows Others (please specify)

Devices supported (please specify all the versions supported)

30

Security Solutions

- Confidential -

Indoor positioning capability

Ability to locate a device inside a building, especially which storey A user must be able to record his/her spoken name in the application which must then be stored on the SOS Server for retrieval during an SOS alert outbound call Sends a "I'm safe" message on reaching a pre-designated location If alert is triggered in nonetwork zone, app will send the SOS whenever a network is detected User must be able to modify all customizable aspects of the product from the app itself Back-end server which will initiate and control all communications Outbound dialer to pre designated numbers with a SOS message and last known location Last know location to be easily accessible through an online map services Route to be mapped once alert has been raised, till alert has been resolved / switched off by user Alerts other app users in the vicinity incase alarm is triggered Ability for guardian to track the user location for a single time and for a fixed duration even if an alarm is not raised by user. This feature has to be enabled by user. Outbound dialer in the language selected by user with the address in an Indian accent

Audio recording of customers name during registration

Im Here notification to pre-loaded number Alert on pro-longed signal loss in no coverage areas

User account management Communications from backend

Outbound call alert Online map provider integration for unsafe location alert Back-end Tracking subscriber route for duration of alert raised Alert to nearest subscribers with App enabled

One-time emergency tracking code for others

Outbound call in Vernacular

31

Security Solutions

- Confidential -

Provisioning with activation key

Service should start only upon receiving a one- time activation key or subscription renewal key as the case may be Ability to analyze user behavior and propose/raise alerts in case of deviations Web based interfaces that can provide critical information to first responders Buffer capacity at each node from peak utilization System availability Guardians should be able to obtain the latest information on a user who has raised an alert by calling the number from which the outbound dialer originated Guardians must be able to share the location of a user who has raised an alarm. This should be accessible to a nonguardian over e-mail, SMS and phone calls A guardian must be able to opt out of receiving calls related to this service for a unique user alone the first time he/she receives a call from a system pertaining to that user alone. User must be activated if a guardian opts out. Alarm details (including routes) to be available even beyond alert being closed / addressed for a specified duration System should to ensure that guardian numbers are private personal numbers of individuals and not that of the police or any public or govt. entity or any private concern or entity.

User behavior based auto alerts

Web based interface 30 % buffer capacity 99.9% Uptime

Status update over IVR

Secure status update for non-guardians

Opt out for guardians

Historical dataAvailability

Guardian number screening

32

Security Solutions

- Confidential -

Location in India

Reporting capabilities

All numbers have to be local numbers as well. The server hardware must be physically located in India and all personal information of the customer must be stored within the sovereign territory of India. Extensive report (summary / detail) producing capabilities. Example: 1. MDN wise list of subscribers 2. Expiration date wise 3. subscriber list 4. Report based on frequency of alerts raised 5. Report based on geography / circle from where alerts are raised 6. Multiple alerts from same location over a fixed time period (input for marking that area as unsafe) 7. Due for renewal list Ability to translate relevant inputs from the App to usable location information Mechanism to monitor and control the usage of the service based on business rules User must be able to modify all customizable aspects of the product from the app itself

Indoor positioning Capability

Misuse tracking and Control

User account Management

33

Security Solutions

- Confidential -

CRM

Vendor to provide and enable SSTL to interface with Vendor CRM systems. This CRM systems can be cloud based and should be accessible over the internet by SSTL customer care representatives and should be configurable to handle both software and hardware related issues All aspects of the product except hardware issues with the Bluetooth bracelet on a 24/7 basis over phone, chat or e-mail. Relevant product documentation must be provided including but not limited to: 1. Training manuals for sales 2. Training manual for customer service 3. Product manuals for users Capability to integrate with SSTL CRM so that complaint / query raised by subscriber (of service) can be routed to vendor issue resolution team automatically Capability to integrate with SSTL ITSM tool for responding & resolving tickets raised within stipulated SLAs Press & hold for 12 seconds Quick press 1 time Vibrate 1 time for 1 second in every 3 seconds Press & hold between seconds and 4 seconds Signal

L2 response

Support Product documentation Helpdesk support Incident Management Switching device off Silence vibration alarm Phone proximity alarm Custom signal to application (A) Application response to custom signal (B)

34

Security Solutions

- Confidential -

Application activation alert (C) Pairing lost or disconnected

Continuous vibration without break on receiving signal (B) till vibration cancelled Vibrate 1 time for 1 second in every 6 seconds

35