A Comprehensive Guide to Compliance Fields in Lead Generation

Collecting compliance fields in your lead generation campaigns is critical for protecting your business, ensuring lead quality, and maintaining trust with buyers. Fields such as TrustedForm and Jornaya LeadID provide independent proof of consumer consent, while data points like IP Address, User Agent, and Landing Page URL establish transparency around how and where the lead was generated. Including TCPA Text further demonstrates that the consumer was properly informed and agreed to be contacted, which is essential for legal and regulatory compliance. By capturing and storing these fields, you not only safeguard your campaigns against disputes or fraud but also provide buyers with the verification they need to confidently purchase and convert your leads.

In order to stay as compliant as possible we highly recommend you collect all of the following compliance data points, and they should be required in every Lead Prosper campaign whether you are the one generating the leads, or you are purchasing them.

• TrustedForm Certificate – A certificate that provides independent proof of consent, showing when and where a lead completed a form.
• Jornaya LeadID – A unique identifier that tracks the consumer’s journey and verifies that proper disclosures were shown at the time of lead submission.
• IP Address – Captures the origin of the lead submission, helping confirm geographic location and detect potential fraud.
• User Agent – Records the browser, device, and operating system details used during form submission, aiding in validation and fraud prevention.
• Landing Page URL – Logs the exact page where the lead was captured, ensuring transparency and traceability of the source.
• TCPA Text – The disclosure language required by the Telephone Consumer Protection Act (TCPA), confirming that the consumer gave informed consent to be contacted.

TrustedForm Certificate

TrustedForm is an independent compliance tool that issues a certificate when a form is submitted. When a user fills out your form, a TrustedForm script on your page will generate a unique certificate URL tied directly to that lead submission. The certificate stores details about the lead’s session — Timestamp, IP Address, User Agent, Landing Page URL, and a screen recording of the form completion. This gives you an independent, third-party record that the lead actively submitted their information.

By generating and submitting the TrustedForm certificate URL you are providing proof of consumer consent, which is critical for TCPA compliance and defending against complaints or litigation. TrustedForm certificates help verify that the leads are legitimate, not fabricated, since they show the actual user session data and behavior. 

Most buyers in today's lead generation landscape are requiring TrustedForm on every lead submission as it's considered proof of consumer consent, and helps to reduce fraud and risk when purchasing from third party vendors and lead generators. From a lead generator standpoint TrustedForm is one of the most important tools in your arsenal when protecting yourself. It is free to generate the TrustedForm certificates on your landing page, and it helps to protect you if a consumer files a dispute that they never filled out your form as the certificate records the actual user sessions and acts as proof that the form was in fact filled out. 

Jornaya LeadID

A Jornaya LeadID (now part of Verisk) is a unique identifier that captures a consumer’s journey and intent signals when they complete a lead form. After placing the Jornaya LeadID code on your landing page it will generate a unique LeadID token every time a consumer fills out your form. This unique LeadiD token is then associated with a "memory" of a consumer's activity on the page - essentially a who, when, and where of the form being submitted. This "memory" can include proof of the interaction of the consumer filling out the form, behavioral data such as time on page and click events, and other data points such as IP Address, Timestamp, User Agent, and Landing Page URL. By tagging your TCPA text on your page correctly you can also set up the Jornaya LeadiD to store the TCPA text. 

By collecting the Jornaya LeadiD you help to verify the consumer journey to the point of submission. This provides another form of independent proof of origin, consent, and intent. Capturing Jornaya LeadiD also helps with audit trails should you find yourself in a situation where a consumer has filed a complaint, and builds trust with your buyers when it's provided. 

IP Address

An IP address is a unique set of numbers (and sometimes letters with IPv6) assigned to a device on a network so that it can communicate with other devices. Consider it like a home address for your computer, phone, server, etc. that tells the internet where to send information to and where that information is coming from. 

Currently there are two types of IP address - IPv4 and IPv6. The more standard version most people are familiar with is IPv4 which uses four sets of numbers, for example 192.168.0.1. IPv6 is a more modern, longer formatted and uses both numbers and letters, for example 2001:0db8:85a3::8a2e:0370:7334.

Whenever anyone is browsing the internet they have an IP address associated with them, including when a consumer lands on your landing page or form. If the consumer fills out your form there is an IP address associated with that form submission event. By capturing the IP address that the lead was submitted from you are capturing where the lead originated and an almost digital "fingerprint" from the session. The IP address is able to provide not only geographic location data but also supports proof the consumer has submitted the form from a real device and location. When it is collected along with a TrustedForm certificate or Jornaya LeadID the IP address can be used by a lead buyer to confirm that the IP address that was submitted with the lead information is the same IP address that was collected when the TrustedForm certificate or Jornaya LeadID was generated. 

If you are not collecting IP addresses you open yourself up to your sold leads being disputed as invalid or fraudulent as there's no "fingerprint" to tie them to the original lead form submission.

User Agent

User Agent data is information your web browser or application relay to a website that describes what software and device the visitor is using. Typically this will include the browser name and version (ex. Chrome 139.0), the operating system (ex. macOS 10.15.17), and device type (ex. iPhone, desktop). The User Agent is commonly used on the front end of a website to adjust how content is displayed (desktop vs. mobile) to improve the visitors browsing experience but it also has information useful for compliance and validation reasons when you are generating leads.

Capturing the User Agent when a consumer fills out your form gives you the browser, device type, operating system, etc. and provides another piece of digital evidence tying the lead to a real consumer interaction. It's extremely useful in helping to spot patterns of fraud, and can help identify potential bot submissions that may not be legitimate. For example a bot spamming your lead form would usually present using the same User Agent repeatedly. While it is not exactly uncommon for two people to be on a website in a short period of time from the same location using the same iPhone with the same OS, it is unlikely that a mass amount of leads in a short period of time would all have the EXACT User Agent, and that could be indicative of a bot or spamming of your lead form.

If you do not capture User Agent you are removing a key component of legitimate user activity that could be used to defend against fraud claims if asked to prove the legitimacy of your lead data. 

Landing Page URL

The Landing Page URL is pretty straight forward, and provides the exact URL the consumer was on when they filled out the form. This proof is essential for lead buyers as they can see the exact form that was filled out, especially the TPCA text used to collect consent when the consumer submitted the form. 

TrustedForm and Jornaya validation both utilize the landing page URL to check that the URL submitted with the lead information matches the URL where the certificates were generated. This helps to ensure that the leads were collected in a legitimate manner and that the consent is valid. 

Neglecting to collect and send the valid URL poses several compliance risks. Buyers may reject leads where the landing page URL is not provided as they consider it proof of where and how the consumer opted in, and regulators could see the empty landing page URL as a lack of transparency. 

TCPA Text

The Telephone Consumer Protection Act (TCPA) requires clear, conspicuous consent language if you or buyers will call/text leads. The TCPA text is a legal consent notice that appears next to a form or click-to-call button. Its purpose is to inform the consumer that by submitting their information (or clicking a button), they agree to be contacted—usually by phone, SMS, or prerecorded messages—using the number they provide, and that contact may involve automated dialing systems. A standard TCPA text could look like the following:

“By clicking ‘Submit’, I agree to be contacted by [Company] and its partners at the phone number I provided, including via autodialed calls and text messages. I understand my consent is not required as a condition of purchase. Message and data rates may apply. View our Privacy Policy [link].”

Key elements of TCPA text are:

• Clear and conspicuous disclosure (must be noticeable, not hidden in fine print).
• States that the consumer agrees to receive calls/texts from the company or its partners.
• Mentions autodialers and prerecorded messages if those will be used.
• Notes that consent is not a condition of purchase (required phrasing).
• Includes a link or reference to the company’s privacy policy.

Capturing and storing the exact TCPA disclosure shown at the time of submission is the cornerstone of compliance. The majority of lead buyers today will immediately reject any lead where the TCPA text is not included. 

TCPA Text is also a major component of TrustedForm and Jornaya LeadID validation. Both products offer several checks that are related specifically around the TCPA text that is collected on the form submit, as well as the TCPA text that is passed with the lead data to the buyer. It is by far the single most important data you can collect and include in your lead data when dealing with buyers, and it is imperative that you collect this text. 

By consistently capturing and maintaining compliance fields like TrustedForm, Jornaya LeadID, IP Address, User Agent, Landing Page URL, and TCPA Text, you not only strengthen the integrity of your lead generation campaigns but also protect your business from unnecessary risk. These fields provide transparency, verifiable proof of consent, and assurance to your buyers that your leads are both legitimate and compliant. Making compliance a standard practice isn’t just about avoiding fines—it’s about building trust, improving lead quality, and creating long-term success for your campaigns.