US messaging use cases

The compliance guidelines for abandoned shopping cart notifications are the same across all sender types in the US.

• The call to action and terms and conditions must disclose that this messaging program includes ASCN

• A double opt-in is required, and the double opt-in message content must clearly inform the user that this includes ASCN

  • Tap to text pop up and sending the autogenerated message from the phone's messaging system is considered an accepted DOI method for ASCN
• The privacy policy must explicitly state how information is captured by the e-commerce site to determine when a consumer cart has been abandoned (for example, website cookies, plugins, and more)
• No more than one ASCN per event; ASCN must be sent within 48 hours after abandonment
• ASCN must not result in the completion of a transaction on behalf of the customer
• Abandoned cart notifications must not collect payment information or accept approval for purchase using keyword confirmation from the consumer
• Consumers must complete the transaction by processing payment themselves using a direct URL link to the e-commerce website

• Post-registration approval by MNO is required for this use case
• 5,000 number limit

The compliance guidelines related to affiliate marketing and lead generation are the same across all senders in the US. This is a disallowed practice.

• The submission of campaigns with a supporting website that was created as a white labelled website, and used only to collect opt in or for promotion of affiliate marketing is a disallowed campaign type
• Websites created to mislead users to opt in to unrelated or unauthorized campaign is strictly prohibited
• Campaigns submitted with supporting websites that have mention of affiliate marketing or lead generation will also be rejected

The compliance guidelines for alcohol messaging are the same across all sender types in the US.

• As a standard, direct promotion of the sale or consumption of alcohol is not typically allowed

  • Example: "Use code DRINK15% for 15% off our newest vodka"

• Indirect promotion of these items is approved on a case-by-case basis:

  • Items like cart reminders, shipping notifications, and exclusive coupon codes for the website
  • Example: "Brand: Hey, did you leave something in your cart? Complete your checkout now by clicking www.website.com (opens in a new tab)"
  • "Brand: Hey, we’ve got an exclusive discount just for you, check out our new products for a discount"

• A robust age gate is required, with either:

  • A user reply over MT with their birthdate (MM/DD/YYYY) or a user to enter their birthdate MM/DD/YYYY on a web form field
  • Asking a user to "Reply YES/AGREE" to confirm they are over a certain age is not considered to be robust age verification
  • Having a web form that asks if a user is "over 18/21 YES/NO" is not considered to be robust age verification

For brands that do not directly sell alcohol but sell items related to alcohol (brew kits, wine accessories), or locations that primarily sell alcohol but offer other services (vineyards, breweries with restaurants) while an age gate may not be required if the main content is not legally age restricted it is recommended for campaign registration. Or it is recommended to add a disclaimer in the campaign summary that the campaign will only be to send messaging related to other products or services and no alcohol or age restricted content will be sent.

The compliance guidelines relating to authentication are the same across all senders in the US.

• Opt-in requirements for this use case still exist and should follow CTIA Messaging Principles and Best Practices
• HELP and STOP are still required to function on a 2FA/MFA/OTP program
• 2FA is not required to be received using SMS and there should be an alternative means to validate accounts for users that do not wish to use SMS, for example, email, verbal, and so on

In many cases, multiple brands may use a single short code for 2FA, as long as all messaging is controlled by the direct owner of the short code and all messaging is templated for 2FA.

• Available to direct CSPs only through TCR
• Once the campaign is submitted, post-registration approval is required, and should be completed within two weeks

The compliance guidelines for cannabis messaging are the same across all sender types in the US.

• As a standard, any promotion of cannabis is strictly prohibited

• Some use cases related to cannabis advocacy may be approved on a case-by-case basis

  • Example: "Contact your local congressmen regarding the CannAct"

• Certain use cases for cannabis brands may be considered on a case-by-case basis

  • 2FA

  • Account notifications

    • "You have a new message in your account, log in to see"
    • "We have an important update for you. Read it here: [link to verification and age-gated landing page]"

• Such use cases are strictly monitored and may require additional vetting. Only templated messaging, which has been pre-approved by Infobip, is allowed. Other messaging that is related to cannabis may be subject to filtering or content violations.

• Expect longer review/provisioning times

The compliance guidelines related to cryptocurrency are the same across all senders in the US. This is a disallowed practice.

• Certain use cases that support Cryptocurrency brands may be considered on a case-by-case basis (2FA, account notifications)
• No messaging related to the marketing promotion or transactions is permitted

Infobip can manage the messaging but cannot handle mobile billing. The customer must have an agreement with a mobile billing provider. If the donation aspect of the campaign does not occur using the short code (for example, donation occurs through a web form using a URL), the following must be adhered to:

• Be qualified as tax-exempt under Section 501(c)(3) of the Internal Revenue Code
• Be accredited by at least one arm's-length, disinterested nonprofit accreditation organization (such as Better Business Bureau Wise Giving Alliance, Charity Navigator)
• Receive separate opt-ins for informational and solicitation messages if both types of messages are provided under the same short code
• Do not use the message program for lotteries, sweepstakes, raffles, or recurring donations
• Ensure no entities involved in the donation campaign, aside from the charitable organization itself, use any part of the mobile subscriber data collected
• For charitable donation programs outside of direct-carrier billing, the dedicated application address must be leased or owned by the charitable organization
• Charitable donation programs supported by a DCA must provide the following information to prove tax-exempt status under Section 501(c)(3) of the Internal Revenue Code:
• Charitable organizations accepting donations must maintain 501(c)(3) tax-exempt status and should not fall under the classification of 501(c)(4) entities. These organizations must avoid displaying political bias on their websites or in their messaging. If political affiliations or leanings are present, they must adhere to the political messaging requirements (see 'Political Campaigns' section).
• A valid call-to-action and clear product description within the SMS terms of service, which clearly discloses that donations will be solicited

• Brands must be registered as 501(c)(3) through TCR
• Use case should be CHARITY/DONATION
• CTA must indicate that donations are solicited

• Charitable organization must be 501(c)(3) and provide valid accreditation URL for donation solicitation

• Messages formatted as payment reminder programs with no "debt collection language" are allowed
• Example: "You have an upcoming bill of $ XX.XX due on XX/XX"
• Consent must be granted to the direct owner of the debt, pass through consent is NOT allowed
• Implied consent cannot be granted for such programs
• "Third party" debt collection is only allowed for programs sending payment reminders and that have obtained direct consent
• Not all operators in the US support IVR/Phone opt-in for this use case (1)

• Messages formatted as payment reminder programs with no "debt collection language"
• Consent must be granted to the direct owner of the debt, pass through consent is NOT allowed
• Implied consent cannot be granted for such programs
• "Third party" debt collection is only allowed for programs sending payment reminders and that have obtained direct consent

• Not accepted

• Available to direct CSPs only
• Has two designated use cases K-12 and Higher Education
• K-12 Education: Campaigns created for messaging platforms that support schools from grades K-12, and distance learning centers (not for post-secondary schools)
• Post-registration approval by MNO is required for this use case
• Higher Education Messaging created on behalf of colleges or universities, including school districts and education institutions (NOT for the "free to the consumer" messaging model)
• Expect up to two weeks for additional post-registration approval

• It is recommended that emergency notification campaigns are submitted as FTEU to override blocklisting or messaging bucket limitations. This is not a requirement but is suggested to ensure that users who have exhausted their limited text plan or are blacklisted from SMS programs still receive these notifications.
• If an emergency notification needs to be sent at the Federal, State, local, tribal and territorial alerting authorities, it is suggested to use IPAWS/WEA and integrate local systems that use Common Alerting Protocol (CAP) standards with the IPAWS infrastructure
• A terms and conditions page must include the statement "Wireless carriers are not liable for delayed or undelivered messages"
• Emergency alerts programs should be watermarked to indicate an urgent/emergency designation and used only for true emergencies or time-sensitive alerts

• Available to direct CSPs only
• If an emergency notification needs to be sent at the Federal, State, local, tribal, and territorial alerting authorities, it is suggested to use IPAWS/WEA and integrate local systems that use Common Alerting Protocol (CAP) standards with the IPAWS infrastructure
• A terms and conditions page must include the statement "Wireless carriers are not liable for delayed or undelivered messages"
• Emergency alerts programs should be watermarked to indicate an urgent/emergency designation and used only for true emergencies or time-sensitive alerts
• The 10DLC emergency alerts use case type requires post-registration approval and can only be used for emergency services, not as a mixed-use case or for general alerts

• Gun advocacy supported, no marketing for weapons

The compliance guidelines for firearms messaging are the same across all sender types in the US.

• As a standard, direct promotion of the sale or use of firearms is not typically allowed

  • Example: "Use code GUNS15% for 15% off our newest Glock"

• Indirect promotion of these items is approved on a case-by-case basis

  • Items like cart reminders, shipping notifications, and exclusive coupon codes for the website

  • Example: "Brand: Hey, did you leave something in your cart? Complete your checkout now by clicking www.website.com (opens in a new tab)"

  • Example: "Brand: Hey, we’ve got an exclusive discount just for you, check out our new products for a discount"

• A robust age gate is required, with either:

  • User reply over MT with their birthdate (MM/DD/YYYY) or a user to enter their birthdate MM/DD/YYYY on a web form field
  • Asking a user to "Reply YES/AGREE" to confirm they are over a certain age is not considered robust age verification
  • Having a web form that asks if a user is over 18/21 YES/NO is not considered robust age verification

• Messages must be zero-rated (FTEU)
• Messages must be sent only to the wireless number provided by the customer of the financial institution
• Messages must state the name and contact information (for example, phone number) of the financial institution
• Messages cannot include marketing, advertising, or debt collection content
• Messages are limited to a maximum of three texts over a three-day period from a single financial institution to the owner of the affected account
• Messages must inform recipients of the ability to opt-out by replying "STOP", which is the exclusive means by which consumers may opt-out of such messages
• "Reply STOP to cancel" should be included in all content MT for these types of campaigns
• Opt-out requests must be honored immediately

• Financial Fraud Alerts are an accepted use case on 10DLC but must obtain consent before sending
• The exemption requires messages to be sent at a Zero Rate which is not available on 10DLC

• Financial Fraud Alerts are an accepted use case on TFN but must obtain consent before sending
• The exemption requires messages to be sent at a Zero Rate which is not available on TFN

• FTEU can only be used for FTEU and cannot run concurrently with standard services on the same network
• "Msg and Data rates may apply" should not be included in MTs or on websites for any FTEU programs

• Promotion of gambling is strictly prohibited
• Any campaigns related to gambling or casinos must include a robust age gate. (Must select 18+)
• Lottery programs related to results are allowed
  • - For example, Powerball jackpot results are allowed, such as "Powerball jackpot results are XXXX"
  • - However, "Play Powerball jackpot at www.website.com (opens in a new tab) to win now" is not allowed
  • - For lottery programs, confirmation that the company is an official affiliate partner of the lottery is required
• Two-factor authentication for gambling programs is approved on a case-by-case basis
• Direct promotion of casinos is not allowed; however, SMS may be used to promote events inside a casino
• Programs for loyalty programs related to gambling may be approved on a case-by-case basis

• Promotion of gambling is strictly prohibited
• Any campaigns related to gambling or casinos must include a robust age gate. (must mark as Age Gated)
• Lottery programs related to results are allowed
  • - For example, Powerball jackpot results are allowed, such as "Powerball jackpot results are XXXX"
  • - However, "Play Powerball jackpot at www.website.com (opens in a new tab) to win now" is not allowed
  • - For lottery programs, confirmation that the company is an official affiliate partner of the lottery is required
• Two-factor authentication for gambling programs is approved on a case-by-case basis
• Direct promotion of casinos is not allowed; however, SMS may be used to promote events inside a casino
• Programs for loyalty programs related to gambling may be approved on a case-by-case basis

• Not accepted

The compliance guidelines related to hate speech are the same across all senders in the US.

• This is a disallowed practice.
• For purposes of this compliance guidance, hate speech also includes profanity and depictions or endorsements of violence, all of which are expressly disallowed.

The compliance guidelines related to insurance are the same across all senders in the US.

• A content provider must be the direct insurer and not a reseller of insurance
• Insurance quotes must only be for the specific direct insurer
• End-user information must not be shared with third parties or affiliate marketers

The compliance guidelines for job alert programs are the same across all sender types in the US.

• As keyword opt-in is generally not how these campaigns run, a complete description of the process and screenshots for review must be provided
• The content provider must be the direct hiring agency or head-hunting firm
• End-user information must not be shared with third parties or affiliate marketers
• The following alerts are disallowed:
  • Work-from-home programs
  • Job alerts from third-party recruiting firms
  • Risk investment opportunities

• Only programs for the direct lender are considered, and the message sender must be the loan originator.
• The mobile call-to-action (CTA) or web opt-in must be separate from the end user signing up for the application or loan
• As keyword opt-in is generally not how these campaigns run, provide a complete description of the process and screenshots for review
• Verbal opt-in is not allowed for loan-type campaigns
• End-user information must not be shared with third parties or affiliate marketers
• Marketing of "high risk" (1) type loans is not allowed
• Programs for high-risk type loans may be considered on case-by-case basis for certain use cases (2FA, account notifications)

• Must elect DIRECT LENDING attribute
• Only programs for the direct lender are considered, and the message sender must be the loan originator.
• The mobile call-to-action (CTA) or web opt-in must be separate from the end user signing up for the application or loan
• As keyword opt-in is generally not how these campaigns run, provide a complete description of the process and screenshots for review
• Verbal opt-in is not allowed for loan-type campaigns
• End-user information must not be shared with third parties or affiliate marketers
• Marketing of "high risk" type loans is not allowed
• Programs for high-risk type loans may be considered on a case-by-case basis for certain use cases (2FA, account notifications)

• Currently disallowed for loan marketing: High-Risk Financial Services, Payday Loans, Short Term- High Interest Loans, Auto Loans, Mortgage Loans, Student Loans

• Available to direct CSPs only
• Must select M2M use case and run on an M2M policy for some operators.

The compliance guidelines for marketing programs are the same across all sender types in the US.

• Must select marketing use case
• Prior express written consent is required
• Adding a call-to-action like a coupon code to an informational text may place it in the promotional category. Before a business sends promotional messages, the consumer must agree in writing to receive promotional texts. Businesses that already ask consumers to sign forms or submit contact information can add a field to capture consent.

In the event that a campaign is submitted for multiple use cases, one of which includes promotional marketing, there must be a separate opt-in mechanism for marketing or, marketing must be expressly noted in the verbiage of the call-to-action.
For example, by providing your number and consenting to YourBrand SMS in the checkout, you agree to receive recurring text notifications (for your order, including abandoned checkout reminders), text marketing offers, and transactional texts, including requests for reviews from us. Msg and data rates may apply. Reply HELP for help, STOP to opt out. View Terms and Privacy.

• Ride-share company assigning a pool of proxy numbers between their drivers and customers
• A large number of numbers assigned to each employee within a company (that is, Insurance Agents)​
• Text-enabling a large number of retail companies’ brick-and-mortar stores​​
• Number pools can be obtained directly through Infobip's available number pools or CSPs may choose to have their own dedicated number pool provisioned

The compliance guidelines for pharmaceutical programs are the same across all sender types in the US.

• Should not be directly promotional
• Preference would be to not directly name the medication unless the messages are targeted directly to those with confirmed prescriptions
• Example: 15% off weight loss prescriptions versus 15% off compound semaglutide
• Example: Come in for our latest medspa injectable versus Come in and get a botox injection

• Platform Free Trial is available to direct CSPs only
• If you are an approved CSP for Platform Free Trial, contact your account manager to connect you with the compliance team regarding next steps

• Political campaigns require a call-to-action (CTA) or opt-in policy that is clear and applied consistently
• If the political campaign also support donations, the following must be provided:
• Politician or organization name
• Politician or organization website
• FEC ID, required if the candidate or organization is involved in a federal-level election and donations will be solicited
• State Committee ID, required if the candidate or organization is involved in a state-level election and donations will be solicited. In place of the State Committee ID, official documentation from a state institution can also be provided as proof that the candidate or organization is engaged in a state-level election.
• A valid call-to-action (CTA) and clear product description within the terms of service, which clearly discloses that donations will be solicited
• Example MT for donation messaging, including the URL
• End-user information must not be shared with third parties or like-minded organizations, and should be confirmed in the privacy policy page. It is suggested to add the approved carrier language to the privacy policy page: "The above excludes text messaging originator opt-in data and consent; this information will not be shared with any third parties."

• Available only to Non-Profit entities with a Campaign Verify token or Aegis Political Vet, or Non-Profit entities with a verified 501(c)(3/4/5/6) tax-exempt status
• Political campaigns require a call-to-action (CTA) or opt-in policy that is clear and applied consistently
• If the political campaign also support donations, the following must be provided:
• A valid call-to-action and clear product description within the SMS terms of service, which clearly discloses that donations will be solicited
• Example MT for donation messaging, including the URL
• End-user information must not be shared with third parties or like-minded organizations, and should be confirmed in the privacy policy page. It is suggested to add the approved carrier language to the privacy policy page: "The above excludes text messaging originator opt-in data and consent; this information will not be shared with any third parties"

• Available only to entities that have a Campaign Verify Token
• Campaigns must submit: FEC ID, required if the candidate or organization is involved in a federal-level election, and State Committee ID, required if the candidate or organization is involved in a state-level election

• Political campaigns require a call-to-action (CTA) or opt-in policy that is clear and applied consistently
• There must be additional transparency on the political entity: Politician or organization name, and Politician or organization website
• End-user information must not be shared with third parties or like-minded organizations, and should be confirmed in the privacy policy page. It is suggested to add the approved carrier language to the privacy policy page: "The above excludes text messaging originator opt-in data and consent; this information will not be shared with any third parties."

• Available only to Non-Profit entities with a Campaign Verify token or Aegis Political Vet, or Non-Profit entities with a verified 501(c)(3/4/5/6) tax-exempt status
• Political campaigns require a call-to-action (CTA) or opt-in policy that is clear and applied consistently
• If a Political campaign will not be soliciting donations, then it is not required that this is stated in the CTA
• End-user information must not be shared with third parties or like-minded organizations, and should be confirmed in the privacy policy page. It is suggested to add the approved carrier language to the privacy policy page: "The above excludes text messaging originator opt-in data and consent; this information will not be shared with any third parties."

• Available only to entities that have a Campaign Verify Token
• Campaigns must submit: FEC ID, required if the candidate or organization is involved in a federal-level election, and State Committee ID, required if the candidate or organization is involved in a state-level election

• Direct CSPs
• Post-registration approval my MNO is required for this use case

All programs in this category must include a robust age gate.

• Requires a user reply through MT with their birthdate (MM/DD/YYYY) or a user to enter their birthdate MM/DD/YYYY on a web form field
• Asking a user to "Reply YES/AGREE" to confirm they are over a certain age" is not considered robust age verification
• Having a web form that asks if a user is over 18/21 YES/NO is not considered robust age verification

Messaging programs are expected to run on dedicated senders. The use of shared 10DLC, short codes, and toll-free numbers across multiple businesses, entities, or organizations is prohibited. "Sub-aggregating" a single telephone number with multiple message senders is also prohibited.

• In some rare instances, short codes may be approved to represent multiple brands in the messaging, if (and only if) there is a single message sender/controller and the use case is the same

• Approval is on a case-by-case basis
• Extended approval timeframes should be expected
• Additional submission requirements (such as a special business review) may be required

• Include in the campaign summary:

  • The brand that is represented in the messaging
  • Why a single sender is needed
  • Confirmation that there is a single message controller

• Available to direct CSPs with a sole proprietor contract with The Campaign Registry

• For sweepstakes, you must provide a copy of all official rules and guidelines, and the "in-market" call to action that was used

• Sweepstakes and contest rules must be present on the website, and must include, but are not limited to:

  • Rules must be prominently located on the website associated with the sweepstakes
  • Rules cannot be generic, covering multiple sweepstakes of a type that may run in connection with a program, but must relate to an actual sweepstake
  • Name and contact information for the sponsor
  • Any eligibility restrictions applicable to participants or winners, such as state of residence
  • Description of means of entry
  • Date(s) the prizes will be awarded
  • Description of prize(s)
  • Method of awarding prize(s)
  • Description of how the winner(s) will be contacted and method for obtaining a list of winners
  • Who is eligible for sweepstakes and how the winner is selected
  • Age restrictions
  • Free method of entry

• Direct CSPs only
• Must use Sweepstakes use case
• Post-registration approval by MNO is required for this use case
• Expected to take up to an additional two weeks for carrier approval

• Disallowed

The ability to initiate a payment or complete a transaction over SMS is not considered an approved messaging service on any sanctioned sender at this time.
Consumers must complete the transaction by processing payment themselves using a direct URL link.

• Must indicate in the campaign summary that this code will be used only for testing/demo purposes
• Include a description of what is being tested/demonstrated
• All mandatory keywords (that is, HELP and STOP) are still expected to function with compliant responses
• Certification testing will be completed: provide a test opt-in keyword and message

• Must indicate in the campaign summary that this code will be used only for testing/demo purposes
• Include a description of what is being tested/demonstrated
• All mandatory keywords (that is, HELP and STOP) are still expected to function with compliant responses

• Must indicate in the campaign summary that this code will be used only for testing/demo purposes
• Include a description of what is being tested/demonstrated
• All mandatory keywords (that is, HELP and STOP) are still expected to function with compliant responses

• As a standard, direct promotion of the sale or use of Tobacco/Vape is not typically allowed
• Example: "Use code VAPE15% for 15% off our newest HealthVape”
• Indirect promotion of these items is approved on a case-by-case basis

• Items like cart reminders, shipping notifications, and exclusive coupon codes for the website:

  • Example: "Brand: Hey, did you leave something in your cart? Complete your checkout now by clicking www.website.com (opens in a new tab)"
  • Example: “Brand: Hey, we’ve got an exclusive discount just for you, check out our new products for a discount”
• A robust age gate is required, with either:
• User reply over MT with their birthdate (MM/DD/YYYY)
• User to enter their birthdate (MM/DD/YYYY) on a web form field
• "Reply YES/AGREE” to confirm age is not considered robust age verification
• Web forms asking "Are you over 18/21? YES/NO" are not considered robust age verification

• Zero tolerance

• This use case is for businesses that use cloud-based communication services from UCaaS companies
• External CSPs only
• Only pre-approval CSPs are eligible for such use-cases through TCR
• See TCRs product guide for UCaaS Application

A message sender may send viral messaging through short code. The mechanism for a message sender to send viral messaging requires a consumer to:

• Verify that the consumer has obtained each message recipient's consent to send the message.
• Individually identify and select each message recipient.
• Confirm that each message will be sent on the consumer's behalf.
• Additionally, any viral messaging must state why the recipient has received the message, including identifying the consumer sending the message and the purpose of the message.

Message senders must honor all opt-out requests from message recipients by opting the message recipient out of all messages sent through the viral messaging application, software, or program. Additionally, consumers sending viral messaging may not receive anything of value for using the viral messaging application, software, or program. To be consistent with the CTIA Short Code Monitoring Handbook's goals, these requirements honor consumer choice, help prevent abuse of messaging platforms, and facilitate transparency.