1. end-to-end encrypt a cloud backup

2. Securely wipe the phone.

3. Install OS in travel mode, which means no local data is forced and at best kept until restarting phone. Hardware enforcement of ban of updates including firmware and OS, unless system wiped. With a visual unique easily recognizable “code” to tell if the current “travel mode” was over rewritten; for example, unique consistent computer generated recognizable human face is shown on reboot until being reformatted and is different every time phone is reformatted.

4. On reaching known safe point, phone wiped, OS installed in non-travel mode, backup installed.

If there’s no data or way to root the phone, it’s meaningless effort and would no longer even be done at the border; they might find another route to get data, but current issue would no longer be a viable route.

— to be fair, I did mention multiple-logins, but to me that was intended to mean additional features/options, not a replacement for the core issue of forced access to devices/data at predictable chock points like border crossings.