CTIA Point-of-Sale Opt-In Requirements

The CTIA and its carrier members have recognized the need for point-of-sale (POS) SMS opt-ins. Accordingly, they have decided to enact additional rules and conditions for business to consumer (B2C) shortcode messaging campaigns that opt-in consumers at POS. Most of the enacted rules benefit the consumer but there are two rules which seem to be made without the customers’ best interests in mind. Let us go over the new rules one by one:

Users must confirm their participation with an MO message. Before users are subscribed to any POS program, they must either reply to a pushed MT message or send a keyword.

This was already a CTIA requirement and a good one. All point-of-sale opt-ins use phone number entry forms and whether the clerk or the customer enters the number into the form, the customer should confirm their opt-in on their phone by replying YES.

Initial MT messages requesting opt-in confirmation must be sent within 48 hours of a POS. After customers agree to receive text messages on location, they must receive a pushed MT message requesting service confirmation in a timely manner (within 48 hours).

This is a fantastic rule to ensure a great customer experience. The reason is that there are many points of sale systems that ‘batch’ data uploads nightly instead of processing data in real-time. For the best customer experience, people should be getting the opt-in SMS notification on their phone immediately rather than days later when the POS data is processed.

Opt-in confirmation MT messages must include language reminding users of the location where they signed up for text services. Initial MT messages requesting opt-in confirmation must remind users about their interest in the text program. For example, a message might state, “You requested Shoe City messages at your local store! Reply Y to confirm your subscription. Message and data rates may apply.”

This rule is useful but not very well thought out. Adding the store location is useful if the opt-in request did not happen immediately. If the user is sent a timely notification that the customer would certainly remember providing their number to the store moments before. In addition, it is a CTIA requirement to disclose the brand name or store name in the opt-in message. If the opt-in request came late and the customer did not remember visiting the store they will simply not reply YES. I believe that requiring a location disclosure simply adds unnecessary complexity to the process.

All messages resulting from a POS opt-in must pertain to a single program. Simultaneous enrollment in multiple programs is prohibited. A customer must receive only messages relevant to the location where he or she opted into the text program. For example, a customer signing up for Shoe City text alerts should not have opted into a text subscription for Handbag City without a second opt-in.

It is already a requirement for shortcodes programs that you cannot enroll customers in multiple programs from a single opt-in. This is a good clarification here since it would be inappropriate for a store clerk to verbally enroll someone in multiple programs and have only a single SMS confirmation message.

Shared shortcodes are ineligible for POS campaigns. Only shortcodes employed by a single content provider representing a single brand will be allowed to use POS opt-ins.

This seems like a self-serving requirement by the CTIA and does not protect or serve the interests of customers or brands. In fact, it stifles competition and gives customers fewer choices. This means that every merchant regardless of size is required to obtain a dedicated code and pay the $500/month fee to the CTIA. Today, large merchants can afford dedicated codes and smaller merchants cannot so they use shared shortcodes provided by application service providers who ensure compliance. This requirement means smaller merchants are being excluded from participating in point of sale opt-ins on a shortcode. This rule makes it impossible for mobile marketing platforms or POS vendor to obtain a short code and share it among small and medium-sized retailers and provide a consistent level of service and ensure retailer compliance with the law. Additionally, since a POS is typically manned by a person and the POS of the future is likely to be a mobile device like an iPad, a long code could be used via the Peer-2-Peer network by these smaller merchants. In fact, the POS device may already have a carrier provisioned SIM card with a phone number able to send and receive SMS messages.

Content providers wishing to employ POS opt-ins must be pre-approved by carriers. All content providers implementing POS opt-ins are subject to additional vetting at the discretion of CTIA and its carrier members.

Vetting shortcode owners for compliance should certainly be done at the discretion of the CTIA for all mass-market short code programs. That said, point of sale shortcode programs should not be at any carrier’s discretion or require pre-approval. This sort of picking and choosing winners and losers was forbidden by the FCC.

Skycore can help you develop a Point of Sale Opt-in program and strategy. Contact us!