End-to-End Workflows

Carriers create incidents, upload evidence, ingest CDRs, and share with government agencies — all within an org-isolated secure environment.

Log in to the Carrier Portal and click "New Incident". Enter a case number, title, priority level, and initial status. The incident is scoped to your organization — no other carrier can see it.

Open the incident page and go to the Evidence tab. Select a file, choose the evidence type (CDR, recording, log, document, etc.), retention class, and source. The system generates a presigned S3 URL — your file uploads directly to the vault. SHA-256 is computed in-browser and verified on completion.

On the Carrier Portal dashboard, click "New Profile" to define how your carrier's CDR columns map to the TIGER canonical schema. Map at minimum: orig_tn, dest_tn, start_time_utc. The profile is reusable across incidents.

On the CDR Import tab of the incident page, select your mapping profile and upload a CSV file. TIGER normalizes every row into the canonical schema, assigns a TGX-CDR key to each record, and computes a call fingerprint for deduplication. Row counts and error logs are shown immediately.

When the investigation is ready for agency review, change incident visibility to "Shared with Agency" or assign a specific government org. The assigned agency can now see the incident, evidence list, CDR records, and victim reports — with read-only access.

Government investigators review assigned incident packages — evidence, CDR records, and victim reports — and manually correlate reports to call records.

Government investigators with gov_admin or gov_analyst credentials log in at /login. Role-based routing automatically directs them to /gov. No carrier data is accessible until explicitly assigned.

The Government Portal dashboard shows all incidents your agency has been assigned to, or that have been shared platform-wide. Click "Review" on any incident to open the detail view.

On the Evidence tab of the incident page, review uploaded files: filename, evidence type, source, file size, SHA-256 hash, upload status, and download link (if available). Government users cannot upload — read-only review only.

The CDR Records tab shows normalized call detail records for the incident. Filter by batch, originating number, or destination number to focus on specific call clusters. All records display in canonical TIGER format regardless of the original carrier format.

The Victim Reports tab shows all corroborating submissions linked to this incident. Each report shows the victim's phone, caller number, reported call time, narrative, and current match status.

For unmatched or ambiguous victim reports, gov_admin users can manually select a specific CDR record and link the two. A CDRReportLink record is created with link_type=manual. The action is logged in audit_events.

Victims submit corroborating reports anonymously. Automatic CDR matching is attempted. A tracking token lets them check status without logging in.

Victims may receive a direct link from their carrier (e.g., tigerex.us/victim), or find the public reporting portal from any browser. No account, login, or registration is required.

Fill in the report form: your phone number, the number that called you, the approximate call time and date, and a narrative of what happened. Contact information is optional. Submit — you'll receive a tracking token immediately.

TIGER's heuristic engine attempts to match your report against CDR records from carrier submissions. Matching is based on victim phone, caller number, and call time proximity. If a high-confidence match is found, matched_cdr_id is set automatically.

Use your tracking token at /victim/report/[token] to check the current status of your submission: unmatched, matched, multiple candidates, or needs review. No personal information is returned — only match status and review state.

If your report enters "needs_review" or "multiple_candidates" status, a government investigator will manually review it and link it to the correct CDR record. Your privacy is protected — investigators only see the call metadata.