Offering TrustedForm Service in Partner Platforms

Overview

TrustedForm is ActiveProspect’s independent documentation technology for capturing and verifying consumer consent. By integrating TrustedForm into your platform, you help your customers practice consent-based marketing, meet TCPA requirements, and maintain reliable documentation of consumer interactions.

If you plan to offer TrustedForm within your platform, this guide outlines the recommended integration patterns depending on your platform type.

Once your integration is complete, please email tf-product@activeprospect.com with:

• Screenshots of your implementation
• A list of any recommended items you are not supporting

This allows ActiveProspect to advise our mutual customers and provide any additional guidance you may need.

How to Integrate TrustedForm with Your Form Builder or Landing Page Platform

Form Builders and Landing Page Service Providers

If your platform supports lead generators in creating marketing campaigns, forms, or landing pages, you should integrate with TrustedForm Certify.

TrustedForm Certify enables your users to generate TrustedForm certificates that document the events that generate each lead. Certificates can be shared with lead buyers or kept as a permanent record of consumer consent should the legitimacy of the lead ever come into question.

To integrate with TrustedForm Certify, your platform should support the following:

Step 1. Integrate TrustedForm Certify for Form Builders and Landing Pages

• Goal:
  Enable your users to automatically generate TrustedForm certificates on any page where consumer consent is collected and ensure the certificate URL is captured with the lead.

• Context:
  TrustedForm Certify is implemented via a lightweight JavaScript snippet added to the consent-collection page. When loaded in the consumer’s browser, it:

  • Generates a unique TrustedForm certificate for that session
  • Injects a hidden field into the form (e.g., xxTrustedFormCertUrl)
  • Allows your platform to capture and pass the certificate URL to downstream systems

What Your Platform Must Do

1. Prompt User Authentication:

   • Prompt users to create or sign in to their ActiveProspect account and follow the provided instructions to issue certificates.

2. Embed the TrustedForm Certify Script:

   • Allow users to add or automatically embed the TrustedForm Certify JavaScript snippet into the HTML of the lead capture page where consumer consent is obtained.
   • Note: Some platforms automatically add the required javascript snippet for customers but this process will need to be changed in the future once unique parameters are added to it per user.

3. Test the Integration:

   • Open a test page and use browser developer tools (such as Inspect Element) to verify that a hidden field (e.g., “xxTrustedFormCertUrl”) is present.
   • Ensure that the hidden field’s value has a certificate URL beginning with “https://cert.trustedform.com/”.
   • Submit a test form and confirm that the lead data includes the TrustedForm certificate URL.

Expected Result:
Each consumer session generates a TrustedForm certificate URL, allowing users to distribute certificates to buyers or retain them for compliance and audit purposes.

How to Integrate TrustedForm with Your Lead Management, Lead Distribution, or CRM System

Lead Management, Lead Distribution, and CRM Systems

If your platform supports lead acquisition by buyers or resellers, you should integrate with:

• TrustedForm Verify
• TrustedForm Retain
• TrustedForm Insights

These products allow your users to evaluate the quality of incoming leads, confirm valid consumer consent, and retain certificates long-term.

By calling the certificate URL on behalf of your users and allowing them to configure decision rules, your platform can help them comply with regulations and filter out undesirable leads.

Step 2. Integrate TrustedForm API for Lead Management, Distribution, and CRM Systems

• Goal:
  Leverage TrustedForm’s API capabilities to validate incoming leads by checking that the attached certificate URL meets custom-defined criteria, and to securely store the certificate for future reference.

• Context:
  Many lead buyers and resellers rely on additional checks to ensure the authenticity of the submitted leads. By making API calls that perform lead matching (comparing the submitted email or phone number with fingerprints in the certificate), verifying that approved consent language is present, and retaining the certificate in your account, your system can automatically filter and route leads according to compliance standards.

Instructions:

1. Secure API Key Retrieval and Storage:

   • Prompt users to sign into their ActiveProspect account and retrieve the API key from account settings.
   • Store the API key securely on your platform; it will be needed to authenticate all TrustedForm API requests (for Verify, Retain, and Insights).

2. Configure Requirement Toggles for Insights-Based Lead Filtering:
   Enable configurable controls that allow users to set the following criteria before accepting a lead:

   • Lead Age: Make an API call using TrustedForm Insights by passing the “age_seconds” parameter. Read the value returned in “age_seconds” response and reject leads whose certificate age exceeds a user-defined threshold.
   • Domain Filtering: Make an API call using TrustedForm Insights by passing the “domain” parameter. Read the value returned in “domain” response and ensure it is not included in user’s excluded list.
   • IP Filtering: Make an API call using TrustedForm Insights by passing the “ip” parameter. Read the value returned in “ip” response and ensure it is not included in user’s blocked IP list.
   • Geographic Location: Make an API call using TrustedForm Insights by passing the “approx_ip_geo” parameter. Compare the value returned in “approx_ip_geo.state” OR “approx_ip_geo.country_code” against the buyer’s regional settings.
   • Input Method Verification: Make an API call using TrustedForm Insights by passing the “form_input_method” parameter. Ensure that the “form_input_method” list returned does not include undesirable entries such as “paste” (a potential sign of fraud).
   • Time on Page: Make an API call using TrustedForm Insights by passing the “seconds_on_page” parameter. Ensure that the “seconds_on_page” value returned exceeds a certain minimum, indicating that the consumer engaged with the page meaningfully.
   • Page Scans/Required Keyword: Make an API call using TrustedForm Insights by passing the value set by your user in the “scans.required” parameter. Ensure that the list returned in the “scans.result.required.not_found” response property is empty.
   • Page Scans/Forbidden Keyword: Make an API call using TrustedForm Insights by passing the value set by your user in the “scans.forbidden” parameter. Ensure that the list returned in the “scans.result.forbidden.found” response property is empty.

These checks allow your customers to filter for higher-quality, compliant, and intentional leads.

3. Provide Toggles for Verification & Retention Requirements
   Beyond Insights, your platform should allow users to enable the following:

• TrustedForm Verify — Validate the Lead’s Consent Event: Your platform should:

  • Call the Verify API using the certificate URL
  • Read the "outcome" value
  • Only approve leads where "outcome": "success"
  • If "failure", show the "reason" returned

  This ensures the certificate meets all verification criteria defined in the user’s TrustedForm settings.

• TrustedForm Retain — Confirm the Certificate Was Retained: Your platform should:

  • Call Retain API, passing:
    • match_lead.email
    • match_lead.phone
    • retain.reference (your internal lead ID)
    • retain.vendor (seller name)

  Your platform must only approve leads where "outcome": "success", and display the "reason" for failures.

• Important: If the user does not have access to Verify, Retain, or Insights, the API will return an error. The "reason" field explains what is missing. Users should contact ActiveProspect to update their subscription.

Validate Your Setup

To ensure your TrustedForm integration is working correctly:

• For form-based integrations, submit a test lead and verify using browser developer tools that the hidden TrustedForm certificate field is populated and its value is transmitted along with the lead data.
• For API-based integrations, process a test lead and ensure that:
  • API calls for Verify return an “outcome” of “success” (when all consent and matching criteria are met).
  • API calls for Retain successfully store the certificate in your account.
  • Calls to Insights return relevant metadata (lead age, domain, input method, etc.) that align with your filtering rules.
  Review your TrustedForm dashboard and logs to confirm that certificates are being generated, verified, and retained as expected.

Troubleshooting

Frequently Asked Questions (FAQ)

Q: Do I have to manually embed the TrustedForm Certify script into every webpage?
A: Platforms may either add the script automatically or allow users to insert the provided JavaScript snippet into their web pages. It is essential that the script is present within the page’s body (or iframe, if used) so that the certificate URL is correctly generated.

Q: How do I retrieve my ActiveProspect API key?
A: Users can log into their ActiveProspect account and navigate to their account settings or API section to retrieve the API key needed for TrustedForm API requests.

Q: What should I do if the API returns an error during verification?
A: Review the “reason” provided in the API response. Check that your API key is correct, that all required parameters (such as lead email and phone for matching) are properly provided, and that your configured thresholds meet your business requirements. Contact ActiveProspect support if issues persist.

Glossary

By following these detailed steps and best practices, your platform can seamlessly integrate TrustedForm services to enhance lead quality, protect your business against compliance risks, and offer your customers a robust mechanism for documenting consumer consent.