OTS - Build in-house or buy?

Options to integrate with the TOTSCo Hub for OTS compliance

At Sonalake, we have been involved in the evolution of OTS for several years and have had workshops with dozens of industry stakeholders and service providers, from the national to the regional and the micro.

In this blog, we describe the main technical options available to Retail Providers to integrate with the TOTSCo Hub, in order to achieve OTS compliance.

We also address the big question of the moment facing Retail Providers - whether to build a solution in-house or select a solution from a software partner or MAP (Managed Access Provider).

The most compelling answer to this question is purely commercial, given that the internal cost of development will most certainly far exceed the cost of purchasing a solution.

What’s the challenge?

It is common to underestimate the cost and ongoing distraction of developing the software needed to integrate with the TOTSCo Hub messaging platform. The reality is that the requisite software represents a sizable development challenge due to the following characteristics:

  • It comprises a complex set of APIs and security protocols, requiring extensive analysis and design
  • It is subject to strict performance guarantees
  • In addition to handling message interaction with the Hub, it needs to manage integration with internal CRMs, service inventory, customer billing, and potentially other IT systems
  • Rather than a single release, there will be several iterations (apart from GPLB) over a likely period of 1.5 to 2 years requiring ongoing engagement with TOTSCo, development and testing
  • Different technical approaches need to be considered through the lens of protecting customer data, which is paramount and easy to get wrong, thus representing a significant risk
  • In addition to meeting the minimum compliance requirements, there is the opportunity to add enhanced features, for example in the areas of security and business reporting

Aside from the cost advantage of purchasing a solution, there is also the distraction argument to consider. Surely it is more important for the IT organisation within a Retail Provider to focus on strategic revenue generating and cost saving projects in areas such as automation of customer experience, rather than committing a team to develop and maintain an internal OTS solution with no real economic return?

What are the options? 

There are three main technical options available to integrate with the TOTSCo Hub messaging platform:

  • Use an outsourced MAP (Managed Access Provider)
  • Adapt the in-house CRM system
  • Use a product such as pivOTS™ from Sonalake (an "In-sourced MAP")

Using an Outsourced MAP

This is an option, but our experience is that security-conscious Retail Providers do not wish to push out their most valuable asset - customer data - to third party OTS service providers. There is simply too much risk involved and it is challenging for security policies.

Adapting an inhouse CRM option

Requesting modification of the CRM by its vendor to integrate with the Hub is another approach. The rationale is based on the OTS process for Gaining customers being tightly integrated with the CRM. However, a concern relates to the opening up of such a mission critical system to unpredictable traffic loads, and potentially malicious actors to support the Losing-Role OTS processes.

Another consideration here is that the CRM modification will not be a one off. Both the OTS and imminent GPLB processes are subject to regular revision and change, leading to ongoing vendor engagement, change, testing and disruption to the core function of the CRM.

Using an Insourced MAP product - the Sonalake pivOTS™ option  

Driven by the issues highlighted above and demand from within the industry, Sonalake decided to develop a productised solution for Retail Providers to meet their OTS obligations with minimum overhead, while staying in control of their customer data and up to date with the latest TOTSCo developments.

pivOTS™ is deployed rapidly within a Retail Provider’s own IT environment, providing a high degree of protection from accidental or unauthorized attempts to access customer data. It abstracts the OTS challenge away from core systems including CRMs, while keeping them up to date with customer switch progress. pivOTS™ thus reinforces CRM’s central role as master of customer communications.

pivOTS™ is available at a price point that is significantly below the cost for a Retail Provider to develop and maintain a similar solution internally.


  • Fully compliant with TOTSCo OTS specifications
  • Customer data remains in-house and secure
  • Message retry
  • Multi-brand support
  • Simple service inventory ingestion APIs
  • Cloud deployment (AWS, Azure, GCP)
  • High-availability configuration
  • Horizontally scalable
  • Optional Front End module for manual actions


  • TOTSCo compliance at lower cost - keep your tech team focused on delivering new business value
  • Insulate existing business support systems from additional load and external traffic
  • Remove need for 3rd party access to systems containing sensitive customer data
  • Reduced API surface for improved security
  • Comprehensive observability metrics and audit trail
  • Release roadmap in line with evolving TOTSCo specifications, including GPLB
  • Proven solution - pivOTS™ has already passed end-to-end testing and is TOTSCo Ready!
  • pivOTS™ is delivered with access to an online development-centre providing extensive resources for clients to integrate the product into their environment. This is backend by an expert Sonalake support team.

Speak to us about your OTS compliance project at Connected Britain 2023 or simply email us at


We make software better every day

Get in touch

Copyright © 2024 Sonalake Limited, registered in Ireland No. 445927. All rights reserved.Privacy Policy

Nr Cert. 18611 ISO/IEC 27001