You Think You Have Your Leads’ Consent, But Do You Really?

When Consumer Consent Doesn’t Always Mean “Yes”

By now, you’ve heard about the December ruling from the Federal Communications Commission (FCC) on one-to-one consent. This ruling was made as part of the commission’s effort to “close the lead generation loophole” to protect consumers from multiple unwanted sales calls and texts.

When it goes into effect, likely early next year, shopping websites and lead generators will be required to obtain consumer contact consent for one seller at a time, preventing these entities from selling contact information multiple times to multiple companies. This unscrupulous practice led the FCC to take aggressive action against the lead generation industry.

This new rule has gotten a lot of attention, for good reason, but while they were at it, the FCC took the opportunity to remind us of a few things: lead buyers must be able to prove they have prior express written consent to contact the consumer, and that consent must be from that consumer to satisfy TCPA compliance.

If the source you’re buying from includes a certificate or token to verify consent, it’s safe to assume you can contact everyone on the list, right? Not so fast; if the contact information is real but was entered by —and consented to —bots or a human fraud farm, it’s a fake lead. Fake leads can cause you to lose much more than what you paid for them; they can lead to TCPA lawsuits and fees.

One-to-one consent may shut down comparison shopping websites and lead to fewer leads in general, so it’s more important than ever to know that the ones you are generating or buying are legit. Do you know who’s behind the keyboard, filling out your contact and consent forms? How can you know the leads you’re generating or buying are real? Let’s discuss how fake leads get through and how lead buyers and lead generators can protect themselves from these leads.

Real Prospect or Real Human Fraudsters? Who’s Behind the Keyboard Matters

You’re no stranger to TCPA regulations, so you know to do your due diligence when contacting leads. Your provider included proof of consent, and you scrubbed your contacts against the Do Not Call list. The form-filling session was recorded, indicating that the consent to contact box—with proper disclosure language—was checked. The problem is that you don’t know who’s really filling out the form and checking the box.

Fraudsters hire human fraud farms to fill out forms with contact information that was likely stolen during a data breach. Because these are actual humans filling out the form and giving consent, they bypass CAPTCHA and other technology designed to identify and block non-human traffic.

Things can go very wrong if your contact list includes fake leads from these behind-the-keyboard fraudsters. If you’re lucky, your fake leads are like more than half of us who don’t answer calls from an unknown number.

If they don’t answer, and you don’t leave a voicemail, you’ve wasted the cost of the lead and your call center’s time, but that’s the best-case scenario. If the person answers the phone, or if you send a text message, but they say they did not provide their contact information, much less consent to be contacted, you are out of TCPA compliance and subject to related fines that range from $500 to $1,500 per violation. Ouch.

As if the fines aren’t bad enough, you may find yourself on the wrong end of a class action lawsuit. More than half of TCPA cases filed last year were class actions. With an average settlement of $6.6 million, TCPA violations can cause a lot of financial harm to your business, and may even put you out of business.

In some cases, the lead generators themselves are less than honest, selling leads with fake consent certificates or tokens, or including real certificates or tokens that aren’t associated with the provided contact information. These actions also put you at risk of non-compliance and are why it is of vital importance for lead buyers to verify consent and compliance before contacting leads.

How Can We Get to a Compliant “Yes”?

Like most things in life and business, there will always be people trying to cheat the system. However, it is possible to combine art and science to validate who’s behind the keyboard. The right fraud detection technology can identify and block invalid traffic, preventing fraudsters from filling out contact forms and providing phony consent. Blocking fraudulent leads provides businesses with confidence that their resulting leads are real people who have given consent to receive more information about products and services that are of genuine interest to them.

How effective is fraud detection technology? We find that one out of every four completed lead generation forms is fraudulent, and that’s just one element to consider. In addition to blocking fraudulent leads, fraud detection technology should not block good leads, which is equally important if the one-to-one consent does impact the number of leads overall.

A solid fraud detection platform effectively scans incoming traffic and uses multiple data points to pinpoint exactly who’s behind the keyboard, using non Personal Identifiable Information (PII) that does not compromise user privacy.

If you’re a lead buyer, you have the right and the responsibility to ask how your sources are preventing invalid traffic and fake leads. If you’re a lead generator, you can protect yourself and your customers by investing in a strong ad fraud solution. With hundreds of them out there, how can you find the solution that is best for your customers and your unique circumstances?

• Don’t just trust that a solution will solve your fraud problem because they say they will. Test their solution. Data doesn’t lie. Compare the data they’re providing with your own data.
  
  Are they accurately detecting all fraudulent leads? Just as important, are they blocking good leads? Are they looking at multiple data points to identify valid and invalid traffic?
  
  Only when you’ve double-checked their findings and confirmed it aligns with what you’re seeing in your data should you allow them to gain your business.
• You should only consider companies that have third-party validation, whether it’s TAG Certification or accreditation by MRC. Of the many solutions on the market, fewer than 10 have gone through the process to earn one of these rankings. You can be assured that these providers are committed to protecting your business and protecting consumers.
• Remember that you get what you pay for. Everyone is concerned about their bottom line so it can be tempting to go with a lower-cost provider but consider what it may cost in the long run. Most ad fraud comes from sophisticated invalid traffic (SIVT), but a lot of ad fraud solutions only stop general invalid traffic (GIVT); this can lead to TCPA fines and lawsuits which as we mentioned can cost thousands, if not millions, of dollars.

Ad fraud solutions that block good leads can cause you to lose sales to competitors. The right ad fraud partner can help you make more than enough to cover higher fees.

As you’re getting ready to comply with the new rules, we encourage you to consider an ad fraud solution to lessen your risks on the front end of lead generation. If you already have an ad fraud solution in place, this is a good time to re-evaluate how well it’s working for you.