Traveler Management Module

The person-centric operational repository within the Border Control Platform. It maintains persistent traveler identity records linked to travel documents, biometrics, journey instances, and full passage history.

The module follows an event-driven architecture — every border interaction (entry, exit, refusal, visa action, field check, …) is recorded as an immutable encounter. It separates identity, documents, journeys, and encounter events, while being linked to biometric identity processing and matching in Border Control Core (Core + ABIS).

Through secure APIs and operational UI components, the module provides border officers with a complete traveler history view, decision-support context, and full traceability — forming the operational backbone of a modern border management system.

What it does

The module is organised around the Traveler Hub — the officer-facing surface that brings together every feature into a single working environment. Three operational concepts live underneath the Hub: Journeys, Encounters, and Workflows.

Traveler Hub

The officer-facing web UI on top of Core. It surfaces Journeys, Encounters, and Workflows in a unified browser + detail view.

• Traveler browser — searchable list with biometric thumbnails, risk status, and journey context; free-text + filters (status / nationality / doc type / DOB / journey); pagination scoped to officer's access permissions and border-point context
• Traveler detail — composed profile aggregating identity data, biometrics, document scans, and full journey + encounter history; pulled live from Border Control Core
• Identity validation — side-by-side biometric vs. document comparison; data consistency checks across enrollment, document, and manifest
• Travel-context evaluation — last travel + next travel views to support risk-based assessment before / during a border encounter
• Dashboards — Journey Status Funnel (lifecycle progression with stuck / anomalous states), Route & Connectivity Map (geographic visualization with traffic + watchlist overlays), Traveler Demographics Explorer (distribution by nationality, age, gender, document type). Custom dashboards can be tailored to specific operational needs.

Journey

The traveler's planned and actual movement on a transport instance — flight, vessel, train, bus, or land crossing. Journeys carry route, schedule, operator, and conveyance, and link a traveler's identity to a specific trip.

A single Journey may be updated over time by multiple upstream sources (API, PNR, manifest, manual correction). Traveler Management Module presents the current normalized travel state to officers, while the underlying source snapshots remain available for audit.

Encounter

The immutable record of a border interaction. Every traveler touchpoint — entry, exit, visa action, refusal, field check, enrollment — is captured as an Encounter event. Encounters are sessions with internal events: the session represents the operational meaning (what happened, where, when), and the events capture the atomic capture / assessment / decision steps inside.

Encounters can be created before the traveler is identified (shadow identity) and resolved later once identification succeeds. They are append-only and carry full audit context — purpose, channel, source system, location, outcome, timestamp.

Workflows

Configurable operational workflows that drive how officers act on traveler records. The workflow logic runs on top of Core's data so that any channel triggering the same workflow gets consistent semantics.

• Adjudication — operator triage workspace for identity conflicts surfaced by Border Control Core; every decision is audit-logged and reflected back into Core's matching backend
• Border Post Review — resolution mechanism for identity incidents raised at a border post (suspected duplicates, conflicting evidence, document-holder mismatches, suspicious evidence). Operators apply one of four actions: merge, split, keep separate, or mark with a reason
• Flag traveler — officers raise flags with reasons (suspicious behavior, data inconsistency, document mismatch, custom note); flagged records surface in the shared resolve queue

See Workflows for the full catalog.

Capabilities

• Persistent person record with linked documents, biometrics, journeys, and encounter history
• Journey tracking from manifest ingestion through actual passage
• Immutable encounter history with full audit context
• Configurable, status-driven operational workflows
• Adjudication workspace with audit-logged decisions
• Risk levels for officer triage
• Traveler browser, detail, validation, and dashboard UIs in Traveler Hub
• Live data pulled from Border Control Core (no duplicate identity store)

Components we provide

• Traveler Hub — operator-facing web application
• Operational APIs — for travelers, documents, journeys, encounters, and workflow actions
• Configurable workflows — status transitions, adjudication queue, flag reasons, risk-level model
• Default dashboards — Journey Status Funnel, Route & Connectivity Map, Traveler Demographics Explorer; custom dashboards per deployment

Limitations

• Runs on top of Border Control Core. Traveler Management Module consumes Core's matching, deduplication, and biometric data; it does not perform biometric matching itself.
• Operator-facing, not traveler-facing. Traveler-facing pre-enrollment is delivered by the Pre-Enrollment Toolkit and Kiosk & PC Enrollment Toolkit.
• Aggregates encounter events; does not capture them. Encounter capture depends on the channel modules (Border Post, Mobile Field, corridor / eGate) submitting events.

See also

• Border Control Core — the matching engine and biometric data repository this module sits on top of
• Data Model — Traveler, Document, Journey, and Encounter entity schemas
• Border Control Platform Modules — full module catalog