Learning Objectives
- You will understand what TrustedForm Certificates are and how they function.
- You will learn why these certificates are essential for legal protection and regulatory compliance.
- You will be able to explain how certificates support lead matching, automated retention, and session replay processes in a digital lead generation workflow.
Overview
Summary:
A TrustedForm Certificate of Authenticity is a unique, tamper-proof digital record automatically created when a consumer visits a webpage hosting the TrustedForm script. Each certificate captures the full context of that visit, including the page the consumer saw, the technical details of their device, and proof of when and how the lead was generated. Certificates serve as authoritative evidence of consumer consent and are essential for compliance, legal defense, and validating lead quality.
Why It Matters:
Certificates are critical because they offer legally admissible proof that a consumer has granted express consent before being contacted. They play a key role in complying with regulations (e.g., TCPA, CASL), help protect businesses from litigation and fraud, and enable auditors and compliance teams to verify the integrity of the lead generation process.
Practical Examples
Example 1:
A consumer visits a landing page embedded with the TrustedForm Certify SDK. As soon as the page loads, the SDK begins capturing the webpage content, technical metadata, and records of every user action. When the consumer submits the form, a certificate is generated with a unique URL (e.g., https://cert.trustedform.com/unique-token). A marketer later accesses the TrustedForm Dashboard to view the certificate, verifying that the consent language was clearly presented and that the recorded metadata (like IP address and timestamp) aligns with the consumer’s session.
Example 2:
A lead is generated via an automated flow using ActiveProspect’s LeadConduit integration. The lead data includes the TrustedForm Certificate URL. The system then automatically makes an API call to TrustedForm Retain—passing hashed fingerprints of the consumer’s email and phone number—to confirm that the details match those captured in the certificate. Upon successful lead matching, the certificate is retained in the marketer’s account for long‑term storage, ensuring that a verifiable record of consent is available for audits or potential litigation.
Certificate URL Behavior
What a Certificate URL Looks Like
A valid certificate URL looks like:
https://cert.trustedform.com/{token}
Examples:
- Standard certificate:
https://cert.trustedform.com/9a30d657d2baabb4e8edac79e326f6924d1677eb - Facebook Lead Ads certificate (longer token):
https://cert.trustedform.com/0.HU7AoE4t87x9GmYW9tvEUgv...
Maximum URL Length
TrustedForm Certificate URLs can be up to 300 ASCII characters. If your CRM requires a field length, allocate at least 300 characters.
Correct URL Navigation
Avoid URLs ending with:
/assets/#session_replay/assets/#event_log/assets/#history
These may render incorrectly. Always navigate using only:
https://cert.trustedform.com/{certificate_id}
Implications & Applications
Key Takeaways:
- TrustedForm Certificates offer a comprehensive digital record of a consumer’s session, including both visual content and interaction data.
- They provide indisputable evidence of consumer consent, which is essential for legal protection and regulatory compliance.
- When retained, these certificates serve as a permanent audit trail, enabling automated lead matching and continuous process improvements.
Practical Applications
- Legal Evidence: Use retained certificates as verifiable proof of consent and as a defense against potential legal disputes.
- Compliance Auditing: Regularly review retained certificates to ensure that all consent forms meet regulatory criteria and internal policies.
- Workflow Integration: Automate certificate verification, retention, and lead matching via API integrations (using TrustedForm Retain, Verify, and Insights) within CRM and lead distribution systems.
- Operational Insights: Analyze metadata such as time on page, IP address, and browser information to optimize lead quality, detect fraud, and refine user experience.
Frequently Asked Questions (FAQ)
What information does a TrustedForm Certificate contain?
Each TrustedForm Certificate is a unique Certificate of Authenticity issued for every lead generated on a form running the TrustedForm script and includes:
- The URL of the page hosting the offer form
- The parent page URL when the form is embedded in an iframe
- The date the form was created
- The time the form was created, based on the consumer’s local time zone
- The consumer’s public IP address
- The consumer’s browser version
- The consumer’s operating system
- A full snapshot of the form page as seen by the consumer, including HTML, images, CSS, and other page assets
- A detailed event log of user interactions with the form
- A unique alphanumeric ID that identifies the certificate
This information provides an authentic, verifiable record of the consumer’s interaction and consent.
How long is a certificate accessible before it must be retained?
Unretained certificates are typically available for about 72 hours (extended to up to 90 days if a form submission is confirmed). Once a certificate is retained via TrustedForm Retain, it is stored for long‑term use—commonly up to 5 years.
Can certificates be tampered with or forged?
No, TrustedForm Certificates are immutable and stored on secure, third‑party servers. Their design ensures that once generated, they cannot be altered or forged. Ensure that your certificates are accessed from a URL beginning with https://cert.trustedform.com/. Do not accept images or videos of TrustedForm certificate as those are not secure and may be altered.
How does lead matching work with TrustedForm Certificates?
During the certificate creation, fingerprints are generated by securely hashing consumer contact details (such as email and phone). These fingerprints are later compared against the submitted lead data during the retention process, ensuring that the certificate accurately corresponds to the lead.
What is the significance of the certificate URL?
The certificate URL is a unique identifier that allows you to retrieve, view, and retain the certificate. It acts as a secure link to the complete record of the consumer’s session and must be stored alongside the lead data in your CRM.
What format is TrustedForm’s Session Replay?
TrustedForm Session Replay is not a traditional video file. Instead, it is a replay built from the page’s DOM and detailed event data, such as mouse movements, clicks, keystrokes, and page changes, captured during the user’s interaction. This data is played back moment by moment to accurately reflect exactly what happened on the page, providing an authentic and accurate record of the end user’s form interaction without recreations, assumptions, or estimates.
Glossary
| Term | Definition |
|---|---|
| Certificate | A digital record capturing the full snapshot of a consumer’s session on a lead generation form, including webpage content, metadata, and interaction events. |
| Certificate URL | A unique, immutable URL generated by TrustedForm that points to the stored certificate, serving as a digital receipt of consumer consent. |
| TrustedForm Certify | The service and JavaScript SDK that captures and generates certificates by documenting a consumer’s interaction with a lead generation form. |
| TrustedForm Retain | A service that allows marketers to store and permanently access TrustedForm Certificates for long‑term legal evidence and compliance auditing. |
| Lead Matching | The process of verifying that the consumer’s contact data (after being securely hashed as fingerprints) matches the information captured in the certificate. |
| Consent Language | The text displayed on a form that informs the consumer of the terms they agree to upon submitting their information, often used to satisfy legal requirements. |
| Metadata | Supplementary data such as timestamps, IP addresses, browser and device details, and geolocation that provide context for the recorded consumer session. |
- cert1.png300 KB
Comments
0 comments
Please sign in to leave a comment.