BOLO Alerts & Threat Management
BOLO Alerts & Threat Management
BOLO (Be On the Lookout) alerts are KyberAccess's highest-priority security feature. Unlike standard watchlists that
screen visitors passively during check-in, BOLO alerts are designed for active threat situations — when you need to
immediately identify and stop a specific individual from entering your facility. BOLO alerts use AI-powered photo
matching, trigger instant notifications to all security personnel, and can automatically lock down check-in points.
This guide covers how to create, manage, and respond to BOLO alerts.
How BOLO Alerts Differ from Watchlists
| Feature | Standard Watchlist | BOLO Alert | |---------|-------------------|------------| | Priority | Normal |
Critical / Urgent | | Photo Matching | Optional | Required (primary matching method) | | Notification Level | Front desk
staff | All security personnel + management | | Alert Style | Dashboard notification | Full-screen alert with photo and
audible alarm | | Default Action | Flag for Review | Automatic Deny + Immediate Notification | | Kiosk Behavior | Quiet
denial message | Kiosk locks and displays "Please wait" | | Expiration | Optional | Recommended (time-sensitive threats)
|
Creating a BOLO Alert
Step 1: Navigate to BOLO Management
1. Log in to your KyberAccess dashboard at app.kyberaccess.com.
2. Navigate to Security from the left sidebar.
3. Click BOLO Alerts.
4. Click + New BOLO Alert.
Step 2: Enter Subject Information
1. Photo (required) — Upload one or more photos of the individual:
- Click Upload Photo or drag and drop
- Multiple angles are recommended (front, side profile)
- Accepted formats: JPG, PNG
- Minimum resolution: 200x200 pixels (higher is better for matching)
- You can upload up to 5 photos per BOLO
2. First Name — Enter the individual's first name (if known)
3. Last Name — Enter the individual's last name (if known)
4. Aliases — Any known alternate names or nicknames
5. Date of Birth — If known, improves matching accuracy
6. Physical Description — Height, weight, hair color, distinguishing features
7. Last Known Location — Where the individual was last seen
Note: A photo is the only required field for a BOLO alert. If you do not know the individual's name, you can create a
photo-only BOLO that relies entirely on facial recognition matching.
Step 3: Set Threat Details
1. Threat Level — Select the severity:
- Critical — Immediate physical danger (e.g., violent threats, active warrant)
- High — Serious concern (e.g., harassment, restraining order violation)
- Medium — Monitoring required (e.g., suspicious behavior, prior incidents)
2. Threat Description — Detailed explanation of the threat:
- What happened or what is the concern?
- Any history of violence or threatening behavior?
- Relevant context for security personnel
3. Instructions for Staff — What should staff do if this person is identified?
- Example: "Do not confront. Call 911 immediately. Notify security director."
- Example: "Deny entry. Escort to lobby. Contact HR at ext. 5555."
4. Law Enforcement Reference — Optional case number, officer name, or police report number
Step 4: Configure Alert Settings
1. Notification Recipients — Who should be alerted when this BOLO matches:
- All Security Staff — Every user with a security-related role
- Specific Users — Select individual team members
- External Contacts — Add phone numbers or emails for people outside KyberAccess (e.g., local police liaison)
2. Notification Methods:
- Push Notification — Immediate push to KyberAccess mobile app
- SMS — Text message to configured phone numbers
- Email — Detailed email with photo and threat info
- Slack — Post to designated security channel
- Audible Alarm — Trigger an audible alert on front desk workstations
3. Kiosk Behavior — What happens if the match occurs at a self-service kiosk:
- Lock Kiosk — Freeze the kiosk screen and display "Please wait for assistance"
- Silent Continue — Allow the kiosk to continue while alerting staff in background
- Redirect — Show a message directing the visitor to the front desk
4. Expiration — Set when the BOLO should automatically deactivate:
- No Expiration — Remains active until manually deactivated
- Custom Date — Specific date and time
- Duration — 24 hours, 7 days, 30 days, 90 days
Step 5: Activate the BOLO
1. Review all information in the summary panel.
2. Click Activate BOLO.
3. The BOLO is immediately active across all locations.
4. A confirmation notification is sent to all designated recipients.
How BOLO Matching Works
When a visitor begins the check-in process, KyberAccess runs the following BOLO checks:
Photo Matching (Primary)
1. When the visitor's selfie is captured during check-in (at the kiosk or front desk), the photo is compared against
all active BOLO alert photos.
2. The AI facial recognition engine analyzes facial features, structure, and proportions.
3. A confidence score is generated (0-100%).
4. If the score exceeds the configured threshold (default: 75%), a BOLO alert is triggered.
Name Matching (Secondary)
1. If a name is provided in the BOLO, it is also checked against the visitor's entered or scanned name.
2. Name matching uses the same fuzzy, alias, and phonetic matching as standard watchlists.
3. A name match alone (without photo match) generates a lower-priority alert.
Combined Matching
When both photo and name match, the confidence level is elevated to Critical regardless of individual scores.
Responding to a BOLO Alert
What Staff See
When a BOLO match is detected:
1. Front Desk Dashboard — A full-screen red alert overlay appears with:
- The BOLO subject's photo(s)
- The visitor's captured photo (side-by-side comparison)
- Match confidence percentage
- Threat level and description
- Staff instructions
- Law enforcement reference (if provided)
2. Audible Alert — A distinctive alarm sound plays (different from standard notifications)
3. Mobile App — Push notification with photo and threat details
4. SMS — Text message: "BOLO ALERT: [Name] matched at [Location]. Confidence: [X]%. See KyberAccess immediately."
Recommended Response Procedures
For Critical Threats:
1. Do NOT confront the individual.
2. Call 911 or local emergency services.
3. Follow your organization's emergency response protocol.
4. Document the incident in KyberAccess.
5. Notify facility management.
For High/Medium Threats:
1. Verify the match visually by comparing the BOLO photos to the visitor.
2. If confirmed, deny entry politely: "I'm sorry, we're unable to complete your check-in at this time."
3. Notify security and management per the BOLO instructions.
4. Document the incident.
Logging the Response
1. After responding to a BOLO alert, the alert remains on screen until acknowledged.
2. Click Acknowledge Alert.
3. Enter a response note:
- What action was taken?
- Was law enforcement contacted?
- Was the match confirmed visually?
- Was the individual on premises?
4. Select the outcome:
- Confirmed Match — Entry Denied
- Confirmed Match — Law Enforcement Contacted
- False Positive — Entry Approved
- Individual Not Present (e.g., someone else triggered the match)
5. Click Submit.
Managing Active BOLOs
Viewing Active BOLOs
1. Go to Security > BOLO Alerts.
2. The dashboard shows all active BOLOs with:
- Subject photo and name
- Threat level (color-coded: red, orange, yellow)
- Date created
- Created by
- Expiration date
- Number of matches triggered
- Status (Active, Expired, Deactivated)
Editing a BOLO
1. Click on the BOLO entry.
2. Click Edit.
3. Update any information (photo, threat details, recipients, expiration).
4. Click Save Changes.
5. All changes take effect immediately across all locations.
Deactivating a BOLO
1. Click on the BOLO entry.
2. Click Deactivate.
3. Enter a reason for deactivation (e.g., "Threat resolved", "Suspect apprehended", "Restraining order expired").
4. Click Confirm.
5. The BOLO is deactivated but retained in the system for historical records.
BOLO Alert History
1. Go to Security > BOLO Alerts > History.
2. View all past BOLO alerts including:
- Active, expired, and deactivated BOLOs
- All triggered matches with timestamps
- Staff responses and outcomes
- Full audit trail of changes
3. Use filters to search by date range, threat level, or outcome.
4. Export the history as CSV or PDF for compliance documentation.
Multi-Location BOLO Distribution
BOLO alerts are automatically distributed to all locations by default:
- All Locations (default) — The BOLO is active at every check-in point
- Specific Locations — Restrict the BOLO to certain facilities
- Location Groups — Apply to a defined group of locations (e.g., "Northeast Region")
To configure location scope:
1. When creating or editing a BOLO, scroll to Location Scope.
2. Select the desired option.
3. Click Save.
Integration with Emergency Systems
BOLO alerts can integrate with your facility's emergency systems:
- Access Control — Automatically lock specific doors or zones when a BOLO match is detected
- Camera Systems — Trigger recording on specific cameras near the check-in point
- PA System — Send a coded announcement to security staff
- Emergency Lockdown — Automatically trigger lockdown mode for the affected location
Configure these integrations under Settings > Integrations > Emergency Systems.
Troubleshooting
| Issue | Solution | |-------|----------| | BOLO not triggering on known match | Check that the BOLO is Active (not
expired or deactivated). Verify the photo quality is sufficient. Lower the match threshold. | | Too many false BOLO
matches | Increase the photo match threshold (try 85%). Upload higher-quality photos. Use multiple angles. | | Kiosk not
locking on BOLO hit | Verify Kiosk Behavior is set to Lock Kiosk in the BOLO settings. | | SMS alerts not sending |
Verify phone numbers are in international format (+1...). Check SMS integration (Telnyx) is active. | | BOLO alert not
appearing on mobile | Ensure push notifications are enabled for the KyberAccess app on the recipient's device. |
Best Practices
- Use high-quality photos — The better the photo, the more accurate the facial recognition matching.
- Include multiple angles — Front-facing and side-profile photos improve match rates.
- Set clear staff instructions — Tell staff exactly what to do. Remove ambiguity.
- Always include a threat description — Staff need context to respond appropriately.
- Review active BOLOs weekly — Deactivate BOLOs that are no longer relevant to avoid alert fatigue.
- Test BOLO response procedures — Conduct periodic drills so staff know how to respond.
- Coordinate with law enforcement — For serious threats, involve local law enforcement in your BOLO procedures and
share relevant case numbers.