Best Practices for a Compliant SMS Campaign

SMS is a powerful tool to reach your customers, but use of it comes with certain responsibilities – compliance requirements – that companies must follow in order to legally reach out to a wider population. Armed with expert knowledge of the global communications industry, TeleSign helps businesses navigate the complexities of SMS compliance. In this post, we have outlined some quick SMS campaign best practices, which can be used as a guide (in combination with each company's Privacy and Legal team recommendations) to executing a successful SMS campaign.


One key compliance measure pertains to obtaining consent from customers before sending them any promotional text messages. The "opt-in," or written consent, must be clearly visible on the registration page--not hidden within content--so customers are aware of what they are signing up for.   Consent can be obtained in two ways:

  • Opt-in through mobile device: Some companies enable consumers to sign-up using a mobile device. In this case, the company promotes a keyword (like ‘START', ‘ENTER', ‘JOIN', etc.) along with a short code. By texting the keyword to the short code, the user essentially provides consent to receive text messages from the company.
  • Opt-in through website: Consent can also be obtained through a company's website. When customers sign up on a website, they come across a form which asks for their phone number. On the phone number entry page, businesses must explicitly mention the purpose--SMS campaign--for asking the customer's phone number. The user then receives a unique one-time passcode (OTP) via SMS. This OTP must be entered back onto the website to verify the user's phone number. After verifying the number, a confirmation/welcome SMS is sent to the user.

This welcome SMS message must contain (in addition to the details covered in the following sections):

  • SMS campaign name or program name: The subscribers must be informed about what they are signing up for.
  • Message frequency: Businesses must inform the customers about the number of messages they would receive in a week or month

SMS opt-ins must be transparent and provide details of all aspects related to the campaign, which also includes making sure that links to your company Privacy Policy and Terms of Service are visible and accessible. Getting consent from consumers ensures that your message reaches an audience that is actually interested in your campaign.


Customers must be informed of any charges they might incur by subscribing to the text messages. For that reason, the language “Message and data rates may apply” or “Standard message and data rates may apply” should be included near the phone number entry field.Customers must also be able to request more information about the program by texting keyword HELP to the 5-6 digit short codes that they are receiving messages from. The HELP response must include the program name, support email or phone number, message frequency, disclaimer that message and data rates may apply, and opt-out instructions.


Customers must be able to opt-out of the recurring message program--at any time--by texting keyword STOP, END, CANCEL, UNSUBSCRIBE, or QUIT to the 5-6 digit short codes that they are receiving messages from. The STOP response must include confirmation that the customer has opted out and no further messages will be sent.

Message Language

Businesses must refrain from sending any content which is political, religious, pornographic, money lending, gambling, violent in nature and/or in violation of the SHAFT (sex, hate, alcohol, firearms, or tobacco) audit standard.Following these SMS best practices will not only ensure that your campaign adheres to the compliance requirements, but also reaches the interested audiences; increasing the success rate.

Talk To An Expert

Interested in learning about how TeleSign's identity and engagement solutions can prevent fraud while fostering secure and global growth for your business? Let's chat.