Calculating Lead Fingerprint

Every certificate is issued with zero or more lead fingerprints. A fingerprint ties the certificate to the consumer who completed the offer form. Each fingerprint is a SHA1 hash of a telephone number or an email address entered by the consumer while he or she was filling out the offer form. Because lead fingerprints are just hexadecimal strings they do not collect any personally identifiable information.

How do fingerprints work?

When a certificate is issued, our JavaScript watches the offer form for changes. As the consumer enters information, it is examined for data that looks like a telephone number or email address. When we find one or the other we create a SHA1 hash and store it on the certificate.

Later, when a certificate is claimed the optional fingerprint parameters can be used to compare the lead data received with the cert against the fingerprints collected on the cert itself. If at least one of the specified fingerprints does not match any of the fingerprints on the cert, you will receive an warning on the claim. This indicates that the lead data you received with the certificate does not match that which was entered by the consumer on the form.

How to calculate a lead fingerprint

Use the following recipe for calculating a lead fingerprint from a single phone number:

  • Remove all non-digit characters
  • Take the SHA1 hexdigest

Use the following recipe for calculating a lead fingerprint from a single email address:

  • Convert to lower case
  • Trim leading and trailing whitespace
  • Take the SHA1 hexdigest


Given the following lead data, we'll calculate the fingerprints: fname=Tom&lname=Jones&

  • "512-789-1111" — 12864b281c728bdca0f2102dba31308e1014fe4a
  • "512.555.5785" — 921e1dbc260148681f6f14a966c3e3242a4d3912
  • "" — 03537b0556fa5ea9042b264d49def5c3457b4ed2

Now provide the fingerprints during your call to the claim API:

We can calculate the fingerprint for you

If you'd rather have us calculate the fingerprints for you, simply pass the lead data during your call to claim the certificate. We'll perform the fingerprint calculation described above on the phone numbers and email addresses and then discard the lead data.

In the example below, we examine the data contained in the claim call to find the email address and two telephone numbers. We then calculate three fingerprints and ensure that at least one is found on the certificate. The name of the submitted fields is irrelevant. We do not store the submitted lead data. It is only used to calculate the fingerprints and then it is discarded.

Was this article helpful?
3 out of 3 found this helpful
Have more questions? Submit a request


You must be logged in to comment.