Our Risk Insights watchlist integration uses Thomson Reuters' CLEAR Risk Inform screening tool to check visitors against a comprehensive list of potential offenses. These screenings will automatically take place after a visitor’s first name, last name, and date of birth are collected during one of these three events in the Visitor Management Process:

Each visitor is checked against dozens of crimes, spanning across multiple categories. If they meet your chosen threshold of crimes committed, you can assign a watchlist color depending on if they exceed or are below that threshold. This article walks through the full setup process for Risk Insights.

The sections below include:

Risk Insights is purchased as an add-on to Visitor Management. Each check made against a visitor costs a token that you will have purchased in-bulk. For more information, reach out to your Account Manager. After you’ve purchased Risk Insights, you will receive an API token that you must enter into the Visitor Management platform to authenticate.

To start, click the Integrations icon in the left navigation bar. Under the Compliance and Security Category, find the Risk Insights tile and click Install.
​

You must enter these 6 fields that are explained in more detail below:

The API Token is your personal token which links your Risk Insights account with your Visitor Management account. Ensure that you do not share this with anyone else.

The Risk Definition controls which crimes you are checking against, based on a broad categorization of certain offenses captured within Thomson Reuters. Choose the Definition that matches your company’s requirements the best:

Level 1: Mainly covers violent crimes only within the last 10 years.

Level 2: Includes violent crimes and other serious crimes.

Level 3: Includes all crimes that Thompson Reuters checks against. This is the broadest level of watchlist check and will likely yield the highest number of positive watchlist matches.

Education: Includes categories concerning risk management for places of education (eg. sex offender record, access to weapons/explosives, etc.)

If in doubt, start with level 3 so you can get a sense of what kinds of categories your visitors can be flagged against. You can always change your selection at a later time.

Each individual crime is assigned a specific score. For example, a score of +25 is assigned to the highest offenses, such as homicide and terrorism. A score of +5 is assigned to the lowest offenses, such as criminal mischief or theft of cable TV. When a visitor is checked using Risk Insights, the integration will add up the score for all crimes the visitor committed, following your chosen Risk Definition.
​
​
​

​
​
Therefore, the Risk Score Threshold is the number that your visitor needs to match or exceed in order to be considered a positive watchlist hit. For example, let’s say you’ve set your Risk Score Threshold to 25. If your visitor has committed both theft of cable tv (+5) and criminal mischief (+5), their total risk score is 10 and they are not considered a positive match. However, if they’ve added murder (+25) to their list of crimes, their risk score is now 35 total. Because you’ve set your Risk Threshold to 25, this is considered a hit because it is over your threshold.
​
​Note: If the visitor's risk score matches your threshold exactly, they will still trigger the upper threshold flag. In the example above, the visitor would have still been flagged even if their only crime was murder (+25) and your Risk Threshold is set to 25.
​

This setting controls the watchlist flag color that will be assigned to all those who equal or are above your Risk Score Threshold (i.e. Positive watchlist hits in accordance with your risk score threshold).
​
You can choose between Green, Yellow, Orange, Red or Do not flag. This will appear in their guestbook and invite record.

This setting controls the watchlist flag color that will be assigned to all those who are below your Risk Score Threshold (i.e. Negative watchlist hits in accordance to your risk score threshold). You can choose between Green, Yellow, Orange, Red, or Do Not Flag. This will appear in their guestbook or invite record.
​
​NOTE: Visitors with a risk score of 0 will not be flagged.

By default, each individual Risk Insight check on a visitor uses one of your purchased tokens. As you can imagine, this would be particularly wasteful if you have the same visitor signing-in multiple times who would be checked every single time, thereby wasting your tokens.

To mitigate this, you can set a Risk Check result cache duration (days) which will cache the details of any visitor who has already been checked and then bypass the Risk Insights check depending on your set duration. For example, if you want your returning visitors checked only once within a 30 day time period, set the duration to 30. The timer will start when that visitor’s name and DOB is first collected and they will not be checked again within that 30 day period. If your visitor signs-in on day 31, a new check will be made and the timer will start anew.

​NOTE: If you change the Risk Definition setting in the Risk Insights tile, the cache timer will reset. When this happens, all visitors will be re-checked the next time their details are entered during invite, registration, or sign-in.

First name, last name, and date of birth are mandatory fields in order for Risk Insights to run a check. This can be captured in the kiosk sign-in, registration portal, or through an invite custom field:
​

You can capture Date of Birth in the Kiosk Experience in two ways. The simplest is to use the Scanner Page to collect the details directly from an ID. Ensure that First Name, Last Name, and Date of Birth are selected.

The second method is to use a Form Page which asks for Date of Birth. Ensure your question’s Name is formatted exactly as: date_of_birth
​
Then, set the field type as Date with the format YYYY-MM-DD.
​

​ Full Name can be captured through the About You Page or Form Page.

You must capture Date of Birth through a form page. Ensure your question’s data name is formatted exactly as: date_of_birth.
​
Then, set the type as Date.
​

Full name can be captured either through an Identity Page or Form Page.
​

Custom Invite Fields are filled-out during the invite process by a user through the admin portal. In this instance, the visitor’s host will be entering the date of birth instead of the visitors themselves.
​
​First, ensure your custom field’s data name is formatted exactly as: date_of_birth
Then, choose Text as the field type.
​
Your users must fill out the date in YYYY-MM-DD format. To inform your users, you can add an help text to the custom field that says something like: “When filling out your visitor’s Date of birth, ensure that it is in YYYY-MM-DD format (eg. 1990-01-30)".
​
​

​