AWS Public Sector Blog

Modernizing border control with digital arrival cards on AWS Cloud

Modernizing border control with digital arrival cards on AWS Cloud

This blog post was cowritten by Somapa Information Technology PCL (AWS Partner) and AWS

As international travel continues to grow, governments worldwide are moving from paper-based immigration forms to digital arrival card (DAC) systems. Countries such as China, India, Thailand, and Malaysia have recently mandated the use of digital arrival cards. Developing a secure, scalable, and always-on DAC system requires handling millions of travelers during peak seasons while complying with strict data sovereignty, security, and regulatory standards. A DAC system goes beyond digitizing paper forms—it creates the foundation of a modern, responsive border system. By allowing travelers to submit their information through the DAC system prior to arrival, border agencies can perform advanced profiling, cross-checking, prescreening, and AI-enabled risk assessments before travelers reach the country. This approach transforms border control from reactive to proactive, automation-focused, and data-driven.

Somapa Information Technology PCL (SomapaIT), an AWS Partner, chooses Amazon Web Services (AWS) Cloud to implement DAC systems because of its global footprint, security, high availability, and scalability. SomapaIT’s solution focuses on delivering the “one traveler, one declaration” model by integrating the needs of immigration, customs, and health and quarantine into a unified submission. This approach creates a single traveler view, so authorized agencies have access to the same validated, real-time data at the point of interaction. The following image shows an AI-generated migration security gate.

Photo of crowded airport with Arrivals sign

Figure 1: From paper forms to digital – next-generation immigration processing

Technical architecture

SomapaIT built the DAC solution on top of AWS services, using AWS advanced AI services, agility, scalability, security, high availability, and resiliency.

Irrespective of their chosen channels, whether it’s a mobile application, web portal, before departure, during the flight, or kiosks at the airport, international travelers submitting their DAC begin their interaction with Amazon Route 53, the AWS global DNS service that directs them to the system with submillisecond response times. They can input and submit their arrival information regardless of where they’re connecting from. Meanwhile, AWS Shield protects the DAC system from distributed denial of service (DDoS) events. With AWS Shield Advanced, users benefit from automatic inline mitigation that detects and blocks sophisticated DDoS events across layers 3, 4, and 7. This protection uses AWS global threat intelligence to protect against evolving threats, safeguarding applications without manual intervention and significantly reducing the operational burden on security teams. AWS WAF, attached to the Application Load Balancer, inspects every request in real time to block any SQL injection attempts, cross-site scripting attacks, and automated bot traffic, so that only legitimate arrival card submissions reach the processing system—all happening in milliseconds.

The Application Load Balancer intelligently distributes each traveler across Amazon Elastic Kubernetes Service (Amazon EKS) clusters running in two separate Availability Zones, providing high availability and smooth system operation. The containerized applications running on these clusters pull their code from Amazon Elastic Container Registry (Amazon ECR), which scans the images for vulnerabilities before deployment, and are automatically scaled by Karpenter to expand and contract simultaneously based on incoming traffic. The system stored arrival forms, images, and other information in Amazon Aurora PostgreSQL-Compatible Edition and Amazon Simple Storage Service (Amazon S3). The AI model hosted by Amazon SageMaker AI can automatically detect such information and prevent fraudulent attempts and other potential regulatory violations, helping to reduce the authorities’ review time because they can cross-check relevant information only.

Behind the scenes, AWS Key Management Service (AWS KMS) encrypts the data—passport scans in Amazon S3, traveler records in Amazon Aurora, shared files in Amazon Elastic File System (Amazon EFS), and the disk volumes and Amazon Elastic Block Store (Amazon EBS) attached to Amazon Elastic Compute Cloud (Amazon EC2)—so that data remains protected. Meanwhile, AWS Backup, a fully managed service, centrally manages and automates data protection by automatically creating daily snapshots of data in the system for data protection and audit purposes. Amazon CloudWatch continually monitors every component, tracking API response times, database query performance, container resource usage, and application error rates. It automatically alerts the operations team when metrics exceed thresholds (such as when API latency spikes above 500 ms) and provides detailed dashboards showing real-time system health across both availability zones. The following diagram shows the solution architecture.

Solution architecture diagram. The solution is described in the body text.

Figure 2: Core architecture powered DAC solution

This entire architecture operates around the clock with automatic failover. If Availability Zone A experiences an outage, the Application Load Balancer immediately redirects all traffic to Availability Zone B, Karpenter provisions replacement nodes in the healthy zone, and Amazon Aurora automatically promotes a read replica to become the new primary database. This happens without manual intervention and often before travelers even notice a brief delay, so that border processing doesn’t stop. Travelers can complete their arrival cards whether they’re landing at 3:00 in the morning or during the busiest holiday rush, with every transaction protected, monitored, and backed up across AWS Global Infrastructure.

Tangible outcome

The effectiveness of the SomapaIT DAC solution is proven by its successful deployment in the region, where its capacity to process over 5 million transactions daily resulted in a 90% registration rate on its very first day of full operation and a corresponding 30% reduction in waiting and processing times for travelers. This high adoption rate stems from SomapaIT’s user-focused system design, seamless multiagency coordination, and effective public communication strategies. AWS provides the robust, scalable backbone that allows this high-volume traffic to be processed with near-zero downtime.

SomapaIT’s DAC solution provides key benefits, including:

  • Robust, scalable, and cost-effective infrastructure that can respond to high-volume traffic during peak time with near-zero downtime.
  • User-centric design, which encourages effective use by all travelers.
  • Enhanced compliance and audit capabilities.
  • Enhanced national security through seamless multiagency integration and data sharing that enables immediate watchlist checks and coordinated responses to security and health threats.
  • Increased operational efficiency by reducing manual data entry and paperwork for officers and travelers alike.

Reflecting on the success of the DAC solution and the partnership with AWS, SomapaIT Chief Executive Officer Mr. Subraphert Wongsuwan said, “Through our thirty years of experience, we understand that effective border management depends on anticipation, integration, and trust in data. Our approach is focused on building systems that can adapt as mobility, risk, and regulatory requirements evolve. The DAC is suitable for its purpose because it was designed based on how travelers move and how agencies actually operate. AWS provides the resilient and secure infrastructure required for systems of national importance. Their support enables SomapaIT to deliver a border platform that operates reliably at scale and meets the highest government standards.”

Conclusion: Prepare for the future of mobility across the globe

The DAC solution, by SomapaIT, isn’t only a modernization of arrival forms, it’s a strategic step towards a fully integrated, AI-enabled border. By combining SomapaIT’s deep domain expertise in border management with the global infrastructure of the AWS Cloud, authorities are now better equipped to proactively protect their borders while serving modern travelers with safe, secure, and better experiences.

Satsawat Natakarnkitkul

Satsawat Natakarnkitkul

Satsawat is the data and AI solutions lead for ASEAN Public Sector at AWS Thailand, spearheading generative AI initiatives across Southeast Asia. With over a decade of experience in digital transformation and AI/ML solutions, he is a recognized thought leader in artificial intelligence, data science, and cloud architecture. A frequent speaker at technology events across ASEAN, Satsawat is passionate about leveraging emerging technologies like generative AI to create tangible business value in the public sector.

Itarun Pitimon

Itarun Pitimon

Itarun Pitimon is a System and Infrastructure Manager and Network Security Expert at Somapa Information Technology PCL., with extensive experience in designing, implementing, and managing large-scale, mission-critical IT infrastructure for government agencies. He holds a PhD in information technology and is certified in CCNP Enterprise, Cisco DevNet, CyberOps, and cybersecurity disciplines. Throughout his career, Itarun has led and supported complex national and international projects related to advance passenger processing (APPS), passenger screening, border control systems, and immigration data verification. He is recognized for his deep expertise in network security, system architecture, and operational resilience, ensuring secure, scalable, and compliant infrastructure that supports real-world border management and national security operations.

Patchanok Korkerd

Patchanok Korkerd

Patchanok Korkerd is a senior Global Government Engagement at SomapaIT, with over 15 years of experience working with the company and more than 8 years of direct experience in a globally recognized market-leading organization, delivering systems related to immigration screening, border control, and cross-border data exchange. She has worked closely with border management authorities and international partners, supporting the deployment of smart border solutions that address real-world operational and security challenges. Patchanok is recognized for her ability to bridge policy, operations, and technology to enhance border security, efficiency, and regional cooperation.

Subhaprasert Wongsuwan

Subhaprasert Wongsuwan

Subhaprasert Wongsuwan is the Chief Executive Officer of Somapa Information Technology (SomapaIT), bringing decades of leadership experience across leading global technology companies including IBM, Sun Microsystems, Microsoft, Oracle, and NetApp, with a strong focus on public sector and enterprise solutions. As CEO, he leads SomapaIT into its thirtieth year with a clear vision to “Break Through the Global,” driving the company’s mission to elevate Thai-developed technology onto the global stage in the near future. Under his leadership, SomapaIT continues to advance smart border and identity management solutions through innovation, international partnerships, and deep domain expertise, addressing real-world border security and operational challenges worldwide.

Thitima (Jerry) Rungphati

Thitima (Jerry) Rungphati

Jerry serves as Business Lead for Government Industry in Thailand at AWS Public Sector, a position she has held since 2018. She specializes in digital government transformation, developing and orchestrating Thailand's digital public sector ecosystem to leverage AWS Cloud technology in driving innovation and strategic national project initiatives that enhance citizen services and government operations.