Due to the ever-changing nature of the 10DLC Messaging Initiative, we have created a quick reference sheet that lists significant changes to 10DLC as they occur, including portal updates/enhancements related to 10DLC. We will also list all known future deadlines and events as they become available to us. 

Note: This document will be updated frequently, and the most recent changes will always appear at the top of the listing.

Past Changes

This section covers all recent 10DLC updates/changes that have already been announced/implemented.

October 17, 2024 - Authentication+

TCR has started to roll out a new brand identity verification process called Authentication+ for all brands registered in TCR.

• The primary objective is to prevent brand impersonation, which leads to consumer fraud such as disinformation, smishing, and spoofing. 
• This new brand identity verification process will require brand personnel attestation via Two Factor Authentication (2FA) to be carried out as part of the initial brand registration flow.  

1. Adding a customer contact email to the campaign registration form.
2. Requiring the customer to respond back to a verification request from TCR within 7 days of brand submission, otherwise the brand won’t be approved.

• Those registering a new “Publicly Traded Company” brand entity.
• Legacy “Publicly Traded Company” brands will need to re-verify using 2FA when they register a new campaign under that brand.
• Coming soon! All brands: While Authentication+ is currently only applicable to Publicly Traded Company entity brand types, other entity types will be added to this requirement soon.

October 1st, 2024 

The following changes are being made to the Campaign Vetting processes effective October 1st, 2024: 

CTA/ Message Flow 

Whereas this information was previously noted on the website, for example, the DCA now wants it in the campaign registration form.

• Program name 
• Program description (detailed) 
• Message frequency disclosure  
• “Message and Data Rates May Apply” 
• STOP keyword for opting out 
• TOS/T&C verbiage if not linked or if posted on a website must match

In addition, for the various types of opt-ins, you must include the following: 

• Web Form: 
  • Specify exactly where (location on the web page) the opt-in occurs.   
  • Include in your submission the URL for any page where opt-in occurs.  
  • Opt-in must be: 
    • Optional from a webform  
    • Can’t be combined with a marketing opt-in 
• Verbal OR Written Form:
  • Clearly outline, in detail, the scenario by which opt-in is gathered, and the language being used.  
  • Optional – load in the script being used. 

Privacy Policy

If you have a Privacy Policy on your website, provide the link.

The Privacy Policy must be comprehensive enough, including: 

• What type of data you collect 
• State that the brand does not share, rent or sell customer’s data to third parties regarding mobile opt-in data for marketing purposes.
  • For example: “We will not share your SMS opt-in information with any third party for any reason other than to deliver the specific services associated with the campaign. However, we may share your personal data, including your SMS opt-in or consent status, with third parties that assist us in providing messaging services, such as platform providers, phone carriers, and other vendors involved in delivering text messages.”  

Terms of Service 

In addition to proving a brand has a Privacy Policy, it now must prove it has Terms of Service (TOS)/ Terms & Conditions. It can do these one of two ways: 

1. Linking to the TOS on the website 
2. Adding TOS language to the SMS disclosure  

If provided separately, the TOS must include:  

• Program (brand) name                  
• Message frequency disclosure (not required for single message programs) 
• Product description (what types of messages the end user will receive)  
• Customer care contact information         
• Opt-out information (not required for single message programs*)      
• “Message and data rates may apply” disclosure.  

If added to the SMS Disclosure, include: 

• Customer care contact information     
• Message frequency disclosure (not required for single message programs) 

Invite Messaging 

This language was always a “best practice,” but is now required: 

Opt-in Messaging 

• "Message & data rates may apply.”  
• “Message frequency may vary.” (for marketing use cases)  
• “You can text HELP for support or STOP at any time to unsubscribe.”  
• “Your phone number will not be shared with third parties for marketing or promotional purposes.” (for marketing use cases) 

Opt-out Messaging 

• Send a message that tells the customer how to opt back in/ re-subscribe 

Help Messaging 

• Must include the Customer Care contact information (This tells the end user who and how to contact someone for “help”). 

September 10, 2024 

T-Mobile updated Campaign Requirements 

Effective September 10, 2024, all campaigns must include the URL for the Privacy Policy under the Call-to-Action (CTA)/Message Flow. Even if this information is available on the website, the URL must be included in your campaign submission to TCR. 

• Privacy Policy Link ***now required 
• Terms and Conditions Link *will remain optional 

All campaigns are now required to have a Privacy Policy on the website, even if the campaign is just used collect phone numbers or send marketing related messages. 

Opt in via Form: If the customer provides consent by completing a form (either electronic or in paper). This specific form must be attached to the registration for verification purposes. You may utilize the CTA (Call to Action), Privacy Policy and/or Terms and Conditions Multimedia Upload.  

Week of 06-27-24

New Optional Campaign Registration Fields

TCR added several new optional campaign fields to assist CNPs and DCAs with campaign reviews. New optional campaign fields let CSPs provide information on privacy policies, terms and conditions, embedded links, and the ability to upload supporting documentation.

When creating a new campaign, you can choose to enter links for privacy policies and terms and conditions documents that are hosted online. Supporting documents can also be uploaded, such as a call-to-action or digital versions of privacy policies and terms and conditions documents. A sample of the embedded link can also be added.

The following table provides a brief explanation of these new fields and their attributes (Click image to enlarge):

Week of 12-17-23

10DLC - New Violation Fines 

• Beginning  January 1, 2024, T-Mobile is instituting three new fees for non-compliant traffic that result in a Severity-0 violation. A  Sev-0 (Severity-0) represents the most harmful violation to consumers and applies to all products (SMS or MMS, Toll-Free, and 10DLC) that transverse T-Mobile's network. 
• The non-compliance fine(s) (USD) will be assessed for every Sev-0 violation issued as follows: 
  
  • Tier 1: $2,000 for phishing, smishing, and social engineering 
    
    • 'Social Engineering' refers to the practice of targeting individuals in a way that manipulates individuals to reveal private information like credit card numbers or social security numbers. 
  • Tier 2: $1,000 for illegal content (included content must be legal in all 50 states and federally legal). 
    
    • Illegal content includes, but is not limited to, Cannabis, Marijuana, CBD, Illegal Prescriptions, and Solicitation. 
  • Tier 3: $500 for all other violations including, but not limited to, SHAFT (sex, hate, alcohol, firearms, and tobacco) content.  
• If traffic continues to receive Sev-0 violations, carriers maintain the right to suspend a brand, remove access to their platforms, and may also block all messaging traffic. Therefore, you must ensure that all traffic leaving your network is wanted and compliant. 

Please review the list of all disallowed content (Click image to enlarge): 

10DLC – Message Blocking on the Rise 

At this time of year, our industry typically sees higher volumes of traffic, and we have already seen cases where messages that do not meet current messaging standards are being blocked. 

To avoid any potential blocking, ensure your campaigns are fully compliant. Use the requirements outlined below and in our 10DLC Key Attributes to Get Your SMS Campaign Approved

Active campaigns should meet the following requirements: 

• The content being sent: 
  
  • Matches what was described during the campaign registration process. *Most small business clients' use case falls within Low Volume Mix - Customer Service
  • Is not considered prohibited content.
• The campaigns collect proper opt-in. 
  
  • The SMS Disclosure must be plainly visible either next to the phone number field or above the submission button on the contact web form.
    
  • If there are multiple contact web forms with a field to input a phone number, the SMS Disclosure must be plainly visible on each contact web form.
  • A link to the privacy policy is included in the contact web form SMS Disclosure statement. 
  • The privacy policy does not commit to selling/sharing personal information with third parties. 
• The campaigns are compliant with current messaging best practices.
  
  • All campaigns must contain a message flow or call to action. 
    
  • This is configured within the Campaign when it is registered. Ex: Reply HELP for help, and STOP to unsubscribe.
    

Get Help

To update an existing campaign, please reach out to our team at helpdesk@allyadvantage.com.