eConsent is a TCPA consent verification platform that captures, certifies, and verifies consumer consent in real time. It provides session recordings, tamper-proof certificates with SHA-256 hashing, and identity verification for businesses that need to prove consent was obtained.

How do I install eConsent on my website?

Add one script tag to your page with your Company ID. No SDK, no build step required. Consent recording starts immediately. eConsent works on any website including WordPress, React, and static HTML.

How much does eConsent cost?

eConsent offers four plans: Starter at $199/month (1,000 retentions), Growth at $750/month (10,000 retentions), Enterprise at $1,500/month (50,000 retentions), and High Volume with custom pricing. All plans include session replay, consent certificates, and verification API. No contracts required.

How is eConsent different from TrustedForm?

eConsent provides a modern alternative to TrustedForm and Jornaya with transparent pricing, a simple verification API, real-time session replay, identity verification dossiers, Meta Lead Ads integration, and infrastructure built with Rust for performance. No long-term contracts required.

Is eConsent secure and tamper-proof?

Yes. Every certificate is SHA-256 hashed and stored in Amazon S3 with Object Lock in COMPLIANCE mode for up to 7 years. Certificates cannot be modified or deleted by anyone. All data is encrypted with TLS 1.2+ in transit and AES-256 at rest.

What is the best TCPA consent verification platform?

eConsent is a modern TCPA consent verification platform offering session recordings, tamper-proof certificates, identity verification, and Meta Lead Ads integration. Unlike legacy providers like TrustedForm and Jornaya, eConsent offers transparent pricing starting at $199/month with no contracts, a simple one-script-tag installation, and core infrastructure built in Rust for performance and security.

Does eConsent work with Meta Lead Ads and Facebook leads?

Yes. eConsent connects to your Facebook Pages via OAuth and automatically generates consent certificates for every lead submitted through Meta Lead Ad forms. Each certificate captures the form definition, consent language, disclaimer responses, ad attribution, and includes a visual replay of the form experience.

What is a TCPA consent certificate?

A TCPA consent certificate is a tamper-proof digital record proving that a consumer provided prior express written consent as required by the Telephone Consumer Protection Act. eConsent generates these certificates automatically, including the exact consent language displayed, a full session replay, timestamp, IP address, and a SHA-256 cryptographic hash for integrity verification.

eConsent SMS

The compliance API for outbound SMS

Pre-send consent verification, STOP keyword processing, and court-ready evidence. One REST API for SMS platforms, marketing automation, and messaging services.

Get your API key Read the docs

app.econsent.org/sms/consent/cst_…

How it works

Four checkpoints. One API.

Every outbound message passes through a compliance pipeline that captures, classifies, and certifies consent in real time.

Step 1

Pre-send Check

Verify prior consent, check revocation status, and get the FCC-required consent verification for this message type.

Step 2

Consent Metadata

Consent source, opt-in keyword, consent language, and opt-out compliance — all timestamped and signed.

Step 3

Consent Capture

Consent source verified at capture. Checks opt-in method, consent language, and STOP compliance with sub-1ms latency.

Step 4

Evidence Package

HMAC-signed certificate with full consent lifecycle, opt-in verification, and STOP audit trail. Shareable via public URL.

Consent Classification

Consent verification in <1ms

Consent source verification that validates opt-in origin, checks required disclosure language, and confirms STOP keyword compliance — in under 200ms.

0ms

Inference time

Canonical phrases

Languages

Rules Engine

Validates opt-in source (web form, keyword, API), checks consent language for required disclosures (sender identity, opt-out instructions, rate disclosure), and enforces CTIA messaging guidelines.

Content Compliance Engine

Scans message content for required opt-out language, sender identification, and rate disclosures. Returns a compliance score with specific issues.

4-Language Support

English, Spanish, French, Portuguese. Language auto-detected or specified per request.

Consent Classification Detail

Consent Capture Input

"Yes, I agree to receive text messages about solar panel offers from SunPower. Msg rates apply. Reply STOP to opt out."

Classification

AFFIRMATIVE 0.00 confidence

Latency

0ms

STOP Processing

TCPA & CTIA compliant

When sending marketing SMS, CTIA guidelines require explicit opt-out language in every message. eConsent SMS tracks consent source, opt-in method, and STOP keyword audit trails automatically.

Consent Captured

Web form, keyword opt-in, or API

Pre-send Check

Verify consent before every message

STOP Processed

Auto-revoke on STOP keyword

Consent Lifecycle Detail

Compliance checks in every certificate

STOP Keyword Detection

Recognizes STOP, UNSUBSCRIBE, CANCEL, END, QUIT and 5 more keywords across 4 languages. Automatically revokes consent and blocks future sends

Revocation Audit Trail

Tracks STOP keyword processing and auto-revocation; flags messages sent after consent revocation

10-Business-Day Honor Period

Enforces the FCC-required 10-business-day window to honor opt-out requests. Blocks messages to revoked numbers and timestamps the entire revocation lifecycle

Consent Lifecycle Tracking

Every required disclosure timestamped and baked into the certificate

Evidence Packages

Every consent is a tamper-evident evidence package

Each certificate bundles the consent source, opt-in verification, STOP processing history, and consent lifecycle into one immutable dossier. Shareable via public URL with opposing counsel.

SMS consent evidence package — public certificate

HMAC Signature

SHA-256 hash proves the certificate has not been altered since creation

Consent Lifecycle Tracking

Server-timestamped record of every consent event in the lifecycle

Compliance Score

0-100 score based on disclosures delivered, consent quality, and opt-out compliance

Consent Lifecycle

Full chain-of-custody showing full history from opt-in capture through revocation, with every event timestamped

01 / Evidence Comparison

You already have consent data.
Is it defensible?

A side-by-side look at what your messaging platform exports today versus the evidence bundle eConsent SMS produces for every message.

Without eConsent

platform_export.csv

- phone: +1 (555) 000-1234
- timestamp: 2026-04-10 14:32:00
- consent_text: "by clicking submit"
- source: spreadsheet_row_428
- ip_address: (not captured)
- consent_proof: (none)
- opt_in_source: (none)
- disclosures: (none)
- signature: (none)

Plaintiff's counsel will argue

No opt-in proof, no signature, no STOP processing log, no proof the consumer ever consented.

With eConsent SMS

consent_bundle.json

+ consent_id: cst_mnwd5l1p...
+ phone_hash: 84d12ceb...
+ captured_at: 2026-04-10T14:32:00Z
+ uploaded_at: 2026-04-10T14:32:47Z (server-signed)
+ consent_language: "I agree to receive marketing SMS..."
+ opt_in_source: web_form
+ double_optin: confirmed
+ stop_audit: no revocations
+ disclosures_detected: 7/7 FCC required
+ signature: HMAC-SHA256 (2430265984b6c2ad...)

What actually happens in court

Cryptographic chain-of-custody from opt-in to judge. Every field verifiable independently.

Platform-agnostic

Works with your existing stack

One REST API. Any platform that can send HTTP requests — Twilio, Sinch, Bandwidth, or your own messaging stack — can integrate.

Twilio

SMS & Messaging

Sinch

CPaaS / SMS

Bandwidth

Enterprise Messaging

Plivo

Cloud Communications

Klaviyo

Email & SMS Marketing

Attentive

SMS Marketing

Postscript

eCommerce SMS

Braze

Customer Engagement

Developer API

Four API requests. Full compliance chain.

Every outbound message passes through a four-stage pipeline that captures, classifies, and certifies consent in real time.

Verify consent before every message

Before your platform sends, send a pre-send check. The API validates consent status, checks revocation history, verifies campaign permissions, and returns a go/no-go decision with the exact FCC disclosure script — in under 200ms.

Phone number, campaign ID, agent ID required

Returns allow, review, or deny

Consent score from 0-100 included

// POST /v1/pre-send
{
"phone": "+15551234567",
"sending_entity": "SunPower Solar",
"purpose": "marketing",
"message_type": "marketing"
}

// Response
{
"allowed": true,
"decision_id": "dec_8f3k2m",
"consent": {
"consent_id": "cst_a1b2c3",
"type": "prior_express_written",
"prior_express_written": true
},
"required_disclosures": ["sender_identity", "opt_out_instructions"]
}

Log every required disclosure

The API verifies consent exists before every outbound message and processes STOP keywords automatically. Required consent types vary by message purpose — marketing requires prior express written consent, transactional requires prior express consent.

Consent sources tracked: web_form, keyword_opt_in, api, inherited

Server-side uploaded_at timestamp alongside customer-claimed captured_at

Missing disclosures flagged in certificate

// Disclosure detection is built into /v1/sms/capture-consent
// Response includes:
"disclosure_summary": {
"sender_identity": true,
"purpose_disclosure": true,
"opt_out_instructions": true,
"stop_processed": true,
"opt_out_instructions": true,
"total_detected": 7
}

// disclosures_detected[] with position + confidence
[
{
"type": "purpose_disclosure",
"text": "Reply STOP to opt out. Msg&Data rates may apply.",
"position": "footer",
"confidence": 0.90,
"auto_detected": true
}, ...
]

Classify SMS consent in real time

Record SMS consent opt-ins from web forms, keyword replies, or API calls. Returns a signed consent record with HMAC evidence chain.

Three outcomes: affirmative, ambiguous, declined

Confidence score 0.0 - 1.0 on every classification

Ambiguous results flagged for human review

// POST /v1/sms/capture-consent
{
"phone": "+15551234567",
"sending_entity": "SunPower Solar",
"consent_language": "I agree to receive marketing SMS from Acme Insurance. Msg rates apply. Reply STOP to opt out.",
"captured_at": "2026-04-13T14:32:47Z",
"source": "web_form"
}

// Response — 11ms inference
{
"consent_id": "cst_a1b2c3d4",
"signature": "2430265984b6c2ad...",
"verification_result": {
"verdict": "accept_consent",
"affirmative_consent_score": 0.97,
"coercion_score": 0.03
},
"evidence_url": "https://verify.econsent.org/c/cst_a1b2c3d4"
}

Seal the evidence package

After sending, finalize the consent record. The API bundles the consent source, opt-in verification, STOP processing history, and consent lifecycle into an immutable certificate. SHA-256 hashed. S3 Object Lock. 7-year retention.

Returns public verification URL

Webhook fires with certificate payload

Consent record signed with HMAC-SHA256 — any alteration invalidates the signature

// POST /v1/sms/message-log
{
"consent_id": "cst_a1b2c3d4",
"message_id": "msg_x9k2m3",
"message_type": "marketing",
"content_hash": "a1b2c3d4...sha256",
"opt_out_language_present": true
}

// Response
{
"consent_id": "cst_a1b2c3d4",
"evidence_url": "https://verify.econsent.org/c/cst_a1b2c3d4",
"consent_source": "web_form",
"compliance_score": 95,
"retention_until": "2033-04-13"
}

Pricing

Simple, transparent pricing

Free trial

$0 /14 days

Test the API before committing. No card required.

Start free

100 pre-send checks

25 consent captures

Full API access

Dashboard access

Frequently asked questions

Add a pre-send HTTP request before your platform sends. Pass the phone number, sending entity, and message type. The API validates consent status, checks revocation history, and returns a go/no-go decision in under 200ms. After sending, log the message for a complete audit trail. We provide SDKs for Node and Python, or use any HTTP client.

When a STOP keyword is received, eConsent automatically creates a revocation record with a 10-business-day honor period (FCC requirement). All matching consents are marked as revoked, and subsequent pre-send checks for that phone + sending entity return blocked.

eConsent SMS addresses TCPA consent requirements for commercial text messaging and CTIA messaging principles. Certificates capture the evidence needed to demonstrate valid prior express written consent. eConsent does not provide legal advice.

STOP keyword detection runs server-side with sub-1ms latency. We recognize 10 keywords (STOP, UNSUBSCRIBE, CANCEL, END, QUIT, STOPALL, STOP ALL, plus ARRET, PARAR, ALTO for multilingual support). Forward inbound STOP messages from your carrier to our webhook endpoint.

7 years using AWS S3 Object Lock in COMPLIANCE mode. Every certificate is SHA-256 hashed at creation. The hash, along with all evidence data, is immutable and cannot be altered by anyone including eConsent. This exceeds the 4-year TCPA statute of limitations.

Yes. The API is platform-agnostic. Add pre-send checks before your messaging platform sends, capture consent from web forms or keyword replies, and forward STOP keywords from your carrier. Any system that can make HTTP requests works.

Start verifying consent before your next campaign

Get your API key in under 5 minutes. 14-day free trial with 100 pre-send checks. No contracts.

Get your API key Book a demo

The compliance API for outbound SMS

Four checkpoints. One API.

Consent verification in <1ms

TCPA & CTIA compliant

Compliance checks in every certificate

Every consent is a tamper-evident evidence package

You already have consent data.Is it defensible?

Works with your existing stack

Four API requests. Full compliance chain.

Verify consent before every message

Log every required disclosure

Classify SMS consent in real time

Seal the evidence package

Simple, transparent pricing

Frequently asked questions

Start verifying consent before your next campaign

Before you go...

You already have consent data.
Is it defensible?