From device-on to signed export.

A new tracker is added through a guided SMS wizard. Type the tracker SIM's phone number; the wizard infers the UK carrier and suggests the right APN profile — Vodafone, EE, O2, Three, and the major MVNOs are pre-populated. Copy four SMS bodies into your phone, send to the tracker, walk the LED check. About three minutes for a stock TKSTAR-family device, no USB cable required.

If the LED check stalls, the wizard escalates automatically. A reset path retries the registration; a fallback path tries a known alternative command syntax (some firmware families respond to comma,separated commands instead of space separated). If both fail, the wizard ships a diagnostic bundle to K3K support with an ONBOARD-XXXXXX reference and a slice of the tracker daemon's log filtered on the IMEI — no copy-paste, no “what was the IMEI again?” round trip.

Devices belong to organisations and, within an organisation, to cases. A device can be reassigned between cases as the operation evolves — the audit trail follows the device, not the case. Capability auto-detection identifies the firmware family up front; TKSTAR variants are decoded by the in-house @k3k/protocol codec and enrolled with the feature flags they actually support, not the marketing spec sheet.

The operator surface is a map view with live trip overlay, geofence boundaries, route-corridor markers, and dwell indicators. Refresh is near-real-time on the active subject (typically 1–3 s, depending on device firmware and cellular carrier); idle devices coalesce to reduce noise.

Alerts route on three channels: in-app banner, email, and webhook. Alert thresholds are per-org and per-case — a surveillance team and a fleet team will tune them very differently.

Stops are detected from velocity + dwell, then reverse-geocoded so every entry has a human-readable address. Trips are the segments between stops. Anomalies surface deviations from a baseline route, unusually long dwells, and co-location patterns suggestive of counter-surveillance.

Crucially, the pattern feed isn't a black-box score — each flag links back to the raw positions that triggered it, so the operator can defend the call.

The export pack is a Ed25519-signed PDF with an embedded manifest of artefacts (positions, stops, trips, alerts, raw packets where required, and authorisation references). The signing key's public half is published on /security.

A redacted disclosure variant can be generated alongside the full pack — useful when a copy needs to go to the other side. Both variants share the same hash chain root so they can be tied back to the same source.