Feature Snapshot
Summary:
Lead Matching by Email is the process of verifying that the email provided with a lead exactly matches the hashed email stored in a TrustedForm certificate, ensuring data integrity, reducing fraud risk, and maintaining compliance.
Key Benefits:
- Enhances data integrity by confirming that submitted email addresses align with the certificate’s secure fingerprint.
- Detects potential lead fraud and data entry errors by highlighting discrepancies between submitted and recorded values.
- Improves regulatory compliance by validating that consumer consent is documented with accurate data.
- Supports lead filtering methods.
Typical Use Cases:
- Validating leads from third-party vendors by comparing submitted emails with TrustedForm certificate data.
- Filtering inbound leads within lead distribution systems based on matching results.
How the Lead Matching by Email works
TrustedForm’s Certify script monitors the lead form for key data input—such as email addresses—and converts detected values into a SHA1 hash that is securely stored within the certificate. Later, when processing a lead, you send the submitted email (or its pre-calculated hash) as part of an API request using TrustedForm’s Certificate API. The system compares the provided email data against the stored hashed value: a match confirms that the certificate accurately represents the submitted information, while a mismatch indicates a potential error or fraudulent entry.
Step‑by‑Step Instructions
-
Collect Email Data and Certificate URL:
Ensure that every lead submission includes the consumer’s email address and the corresponding TrustedForm certificate URL. -
Pre-hash if Necessary:
If your system pre-hashes email addresses, compute the SHA1 hash of the normalized email to ensure consistency with TrustedForm’s stored fingerprint. -
Initiate a Lead Matching Request:
Make an API call to TrustedForm’s Certificate API including the consumer’s email (or its hash) under the lead matching parameters. -
Review the API Response:
Examine the results in the response. A successful match confirms the certificate belongs to that lead. -
Take Appropriate Action:
If the match succeeds, process the lead normally. If the match fails, flag the lead for review or rejection and consider contacting the lead vendor.
Expected Result:
You should see an API response clearly indicating whether the submitted email matches the certificate’s hashed email. A successful match validates the lead, while a mismatch triggers further investigation.
Validation & Monitoring (optional)
-
Test the Setup:
Submit test leads using both correctly formatted and intentionally altered email addresses. Verify that the API returns a successful match for valid emails and a failure for mismatched ones. -
Where to Monitor?:
Monitor matching results via your TrustedForm dashboard or within your lead management system’s API logs. Regularly review any error or mismatch responses.
Best Practices
-
Combine Matching with Other Metrics:
Consider using additional identifiers (such as phone numbers) for a comprehensive verification process to further reduce fraud risk. -
Review Mismatches Manually:
Periodically audit leads with mismatched emails to determine if there are recurring issues or opportunities for process improvement.
Troubleshooting
| Symptom / Error | Likely Cause | Resolution |
|---|---|---|
| Email doesn’t match | The certificate did not record an email or recorded a different email than submitted as part of the lead data | View the session replay to see if the correct email was capture and contact your vendor if not. |
Frequently Asked Questions (FAQ)
Q: What does it mean if the email does not match?
A: It means that the email provided in the lead does not correspond to the hashed email stored in the certificate. This may be due to failure to record that input, data entry errors, or potential fraud.
Q: Can I pre-hash the email address before sending it in the API request?
A: Yes, pre-hashing is supported. Just ensure the email is normalized (all lowercase, no extra spaces) and then compute its SHA1 hash using the same method as TrustedForm.
Q: How should I handle leads with a mismatched email?
A: Leads with mismatched emails should be flagged for further investigation. You may choose to reject them or follow up with the lead vendor to resolve the discrepancy before processing the lead further.
9. Glossary
| Term | Definition |
|---|---|
| Lead Matching by Email | The process of verifying that the email provided with a lead matches the securely stored hashed email in a TrustedForm certificate. |
| SHA1 Hash | A cryptographic algorithm that converts an email address into a fixed-length, secure hexadecimal string used for matching. |
| TrustedForm Certificate | A secure digital certificate generated by TrustedForm that documents the consumer’s interaction on a web form, including hashed input data. |
| Normalization | The process of converting data (such as an email address) into a consistent format by using lowercase letters and removing extra whitespace. |
Comments
0 comments
Please sign in to leave a comment.