Skip to main content
Each TrustedForm certificate captures a session replay of what the consumer saw when they filled out the offer form. The full certificate, including the replay, is visible to any account holder that has retained the certificate using the retain operation. In order to protect consumer privacy, the certificate hides form input fields recorded in the session replay by default. In other words, simply retaining a certificate is insufficient for accessing the consumer’s PII because it cannot be seen in the replay. This means that a certificate URL can be safely passed to a lead buyer on ping. As long as the phone number and email address are withheld, the buyer cannot access the consumer’s PII. The buyer can only examine the certificate using insights to see if it meets their requirements. When the lead is posted with the certificate URL and the email or phone, the buyer can use match_lead and retain together to both unlock the PII in the session replay and also store the certificate. Important: If you are pinging a buyer who uses LeadConduit, none of the data you provide on ping can be accessed by the buyer. Because of this, it’s perfectly safe to pass the certificate URL and all PII on ping to LeadConduit. Doing so can dramatically reduce post-rejects since LeadConduit is able to evaluate the entire lead on ping.