Part 4a — Pricing Tables — DRAFT
Transcribe into the XLSX template
../attachments/06-part4a-response-pricing.xlsx. All amounts AUD GST-exclusive unless otherwise noted.
Pricing philosophy
SABLE itself (the cryptographic library) is Apache 2.0 open-source — no per-seat or per-verification licence fee for the library. The commercial pricing covers:
- The hosted SaaS Verification Service in AWS Sydney (
ap-southeast-2) — verification of ZK proofs, metrics dashboards, audit logging, PrivateLink endpoint - One-off implementation — integration with ATO infrastructure, MAUI bindings, FMR/FNMR benchmark, WCAG 2.1 AA audit, IRAP / PROTECTED certification programme
- Ongoing support and maintenance — tiered SLAs, dependency patching, ZK circuit revisions, AWS service migration
- Labour rates — for incremental scope outside the subscription
All numbers below are indicative for RFI purposes; final pricing depends on procurement-stage scope, volume forecast, and contract-vehicle terms.
T1 — Software Licensing
T1.1 — Perpetual licence model
| Item | Quantity | Rate (AUD) | Total (AUD) | Pricing Assumptions |
|---|---|---|---|---|
| SABLE core library — Apache 2.0 (no licence cost) | unlimited | 0 | 0 | Library is open-source; no per-seat charge |
| SABLE SaaS Verification Service — perpetual licence | N/A | N/A | N/A | SaaS is sold as subscription only — no perpetual model |
| Total perpetual licence cost | 0 |
Subscription model (T1.2) is the only commercially-available delivery model for the SaaS. The library itself remains free under Apache 2.0 indefinitely.
T1.2 — Subscription licence model
SP1.2.1 — Production SaaS Verification Service (per-verification, tiered)
| Tier | Annual verification volume | Year 1 (AUD) | Year 2 (AUD) | Year 3 (AUD) | 3-year total (AUD) |
|---|---|---|---|---|---|
| Tier A | up to 10 M / year | [$ TBD — to refine with co-signatory] | [TBD] | [TBD] | [TBD] |
| Tier B | 10 M – 50 M / year | [TBD] | [TBD] | [TBD] | [TBD] |
| Tier C | 50 M – 250 M / year | [TBD] | [TBD] | [TBD] | [TBD] |
| Tier D | 250 M – 1 B / year | [TBD] | [TBD] | [TBD] | [TBD] |
| Tier E (myID scale) | > 1 B / year | [TBD] | [TBD] | [TBD] | [TBD] |
| Unlimited subscription | unlimited | [TBD] | [TBD] | [TBD] | [TBD] |
Pricing assumptions: fixed AUD; CPI/4 % indexation at anniversary; tiers based on aggregate annual verifications across all environments; tier breakpoints negotiable in a procurement stage.
SP1.2.2 — Non-Production Environments (fixed annual fee)
| Environment | Year 1 (AUD) | Year 2 (AUD) | Year 3 (AUD) |
|---|---|---|---|
| Development (1 instance, no SLA) | [TBD] | [TBD] | [TBD] |
| Staging (1 instance, business-hours SLA) | [TBD] | [TBD] | [TBD] |
| Total | [TBD] | [TBD] | [TBD] |
T2 — Tiered Discounts
| Volume tier | Discount on per-verification rate |
|---|---|
| Tier A (≤ 10 M / yr) | List price (0 %) |
| Tier B (10 M – 50 M / yr) | 15 % |
| Tier C (50 M – 250 M / yr) | 30 % |
| Tier D (250 M – 1 B / yr) | 45 % |
| Tier E (> 1 B / yr) | 55 % |
| Unlimited subscription | Capped — see SP1.2.1 |
- Multi-year commitment discount — 5 % off list for 3-year term; 8 % for 5-year
- Prepay discount — 3 % off for annual prepay
- Government volume discount — additional 5 % off for any Commonwealth agency engagement (excluding stacking with tier discount; whichever is greater)
T3 — One-Off Costs
| Component | Description | Indicative AUD |
|---|---|---|
| AWS PrivateLink wiring | VPC Endpoint Service setup, IAM cross-account role configuration, DNS, validation | [TBD] |
| Microsoft MAUI bindings delivery | C ABI → .NET P/Invoke → MAUI NuGet package + sample MAUI integration project + unit tests | [TBD — 4-6 weeks] |
| FMR/FNMR benchmark report | ISO/IEC TS 19795-9:2019 evaluation against representative corpus, 90 % CI report | [TBD — 4-6 weeks] |
| WCAG 2.1 AA audit + remediation | Audit by an accredited Australian accessibility audit firm; remediation; conformance statement | [TBD — 4-6 weeks] |
| ISO/IEC 30107-3 EAL-2 (Level B) PAD testing | Engagement of an ILAC-accredited testing laboratory with the required ISO/IEC 30107 scope; formal test report | [TBD — 3-4 months — ~AUD 60-100 k pass-through] |
| IRAP / PROTECTED-level certification programme | IRAP assessor engagement; ISM control evidence; remediation; certification | [TBD — 6-8 months — ~AUD 150-250 k pass-through] |
| ICAO Doc 9303 ePassport verification capability | NFC ePassport reading, PKI verification, CRL checking module + integration | [TBD — 8-12 weeks] |
| myID app integration & onboarding | Engineering integration with ATO infrastructure, joint dev / test cycles, joint UAT, runbook handover | [TBD — sized by ATO scope] |
| Training | Onboarding training for ATO ops team; quarterly refresher sessions for Year 1 | [TBD] |
| Total one-off costs | [TBD] |
T4 — Ongoing Support and Maintenance
| Tier | Description | Annual (AUD) |
|---|---|---|
| Standard | Business-hours email/ticket support; P1: 4-hour ack, 24-hour update; CVE patches per published SLA; quarterly platform updates | [TBD] |
| Enhanced | 24×7 P1 on-call; P1: 1-hour ack, 4-hour update; monthly platform updates; named L2/L3 engineer; quarterly architecture review | [TBD] |
| Mission-Critical | 24×7 named-engineer on-call across L2/L3/L4; P1: 30-minute ack, 2-hour update; weekly platform updates; dedicated engineering hours for ATO-specific work; quarterly executive review | [TBD — recommended tier for myID scale] |
T5 — Labour Rates
For any incremental work outside the subscription scope (custom features, ATO-specific engineering, training engagements).
| Role | Day rate (AUD, GST-exclusive) |
|---|---|
| Software Engineer (L2) | [TBD] |
| Senior Software Engineer (L3) | [TBD] |
| Principal Engineer (L4) | [TBD] |
| Cryptography Specialist | [TBD] |
| Security Architect | [TBD] |
| Project Manager | [TBD] |
| UX / Accessibility Specialist | [TBD] |
| Documentation / Tech Writer | [TBD] |
Travel and incidentals charged at cost with prior approval; standard 8-hour day; rates indexed annually.
End of Part 4a draft. Indicative pricing numbers above are placeholders to be refined with co-signatory before lodgement and properly defined in a procurement stage. The RFI does not require firm pricing — the ATO has indicated this is for market-intelligence purposes.