Let's assume that you only want to accept full certificates from your lead vendors.
Whenever you claim a certificate via the TrustedForm API, it will respond back with a flag that indicates whether or not this certificate is “masked”. When “masked” = true, you simply need to reject that lead. This can be easily configured using rules in your LeadConduit account.
For a full overview of the concept of 'Masked Certificates' click here.