Calculating Lead Fingerprint

Every certificate is issued with zero or more lead fingerprints. A fingerprint ties the certificate to the consumer who completed the offer form. Each fingerprint is a SHA1 hash of a telephone number or an email address entered by the consumer while they filled out the offer form. Because lead fingerprints are only hexadecimal strings, they do not collect any personally identifiable information (PII).

How do fingerprints work?

When a certificate is issued, the TrustedForm script watches the offer form for changes. As the consumer enters information, it is examined for data that looks like a telephone number or email address. When matching data is detected, TrustedForm creates a SHA1 hash and stores it in the certificate data.

Later, when a certificate is claimed, the optional fingerprint parameters can be used to compare the lead data received in the certificate against the fingerprints collected on the certificate itself. If at least one of the specified fingerprints does not match any of the fingerprints on the cert, you will receive a warning on the claim. This indicates that the lead data you received with the certificate does not match what was entered by the consumer on the form.

Let TrustedForm calculate the fingerprint for you

TrustedForm will calculate the fingerprints for on your behalf when you pass some basic lead data in the Claim API call. TrustedForm performs the fingerprint calculation described below using the phone numbers and email address, then discards the lead data.

In the following example, we examine the data contained in the Claim API call to find the email address and two telephone numbers. TrustedForm then calculates three fingerprints. The name of the submitted fields is irrelevant. None of the submitted lead data is stored. It is only used to calculate the fingerprints and then discarded.

How to calculate fingerprints yourself

Use the following recipe for calculating a lead fingerprint from a single phone number:

  • Remove all non-digit characters
  • Take the SHA1 hexdigest

Use the following recipe for calculating a lead fingerprint from a single email address:

  • Convert to lower case
  • Trim leading and trailing whitespace
  • Take the SHA1 hexdigest


Given the following lead data, you'll calculate the fingerprints: fname=Tom&lname=Jones&

  • "512-789-1111" — 12864b281c728bdca0f2102dba31308e1014fe4a
  • "512.555.5785" — 921e1dbc260148681f6f14a966c3e3242a4d3912
  • "" — 03537b0556fa5ea9042b264d49def5c3457b4ed2

Now include the fingerprints in the Claim API call:

Was this article helpful?
7 out of 7 found this helpful
Have more questions? Submit a request


You must be logged in to comment.