Blog

blank
TCPA & Compliance

TCPA Compliance Guide: Protect Your Business from $1,500 Per-Call Fines

The TCPA carries penalties of up to $1,500 per call — and there is no cap on total liability. Here is what every US business running outbound calls or texts needs to know, and how to protect itself before the first dial.

What Is the TCPA?

The Telephone Consumer Protection Act (TCPA), enacted in 1991 and significantly expanded by FCC rule-making through the 2010s, restricts how businesses may contact consumers by phone. The core prohibitions relevant to most businesses are:

  • No automated or pre-recorded calls to mobile numbers without prior express written consent
  • No calls or texts to numbers on the Federal Do Not Call Registry without a prior established business relationship or written consent
  • No artificial or pre-recorded voice messages to residential landlines
  • Mandatory opt-out mechanisms for text messages
  • Time restrictions: calls only between 8am–9pm local time of the called party

TCPA Penalties: The Numbers

$500
per negligent violation
$1,500
per wilful violation
No cap
on total damages per campaign

A single SMS campaign of 10,000 messages to numbers that include 500 DNC-registered recipients — at $500 each — equals $250,000 in statutory damages. And that is the non-wilful rate. Courts have certified TCPA class actions with aggregate damages reaching into the hundreds of millions of dollars.

The Professional Plaintiff Problem

The TCPA grants a private right of action to any individual — meaning anyone who receives an unwanted call or text can sue without needing to prove actual damages. This has spawned an industry of professional TCPA plaintiffs who specifically register numbers, wait for businesses to call or text them, and file suit.

Our DNC checker includes a separate tcpa_litigant flag that cross-references known professional plaintiffs. Filtering these numbers before your campaign is one of the most cost-effective risk reduction steps you can take.

Building a TCPA-Compliant Outbound Process

  1. Obtain documented consent — Get written or electronic consent before texting any mobile number. Store consent records with timestamps.
  2. Scrub against DNC before every campaign — Run your list through a DNC checker within 31 days of each outbound campaign.
  3. Identify line types — Only text mobile numbers. Use a mobile validator to classify your list.
  4. Flag TCPA litigants — Remove any number flagged as a known litigant.
  5. Honor opt-outs within 10 business days — Maintain a suppression list and honour requests immediately.
  6. Maintain scrub records — Document every DNC scrub with date, results, and list version.

Automate Compliance with the Phone Validator API

Manual list scrubbing before each campaign is error-prone. The Phone Validator API lets you automate validation at every point of contact capture — web forms, CRM imports, dialer intake — so that no number enters your system without first being checked against the DNC registry, TCPA litigant database, and carrier validation. One API call returns all the data you need in under one second.

Frequently Asked Questions

Does TCPA apply to B2B calls?

The DNC Registry primarily covers residential and personal mobile numbers. However, TCPA restrictions on automated calls (ATDS) and pre-recorded messages also apply to business mobile numbers. If you are calling a mobile number with an autodialer, TCPA applies regardless of whether the contact is a business person or a consumer.

What is an established business relationship (EBR) under TCPA?

An EBR exists if the consumer made a purchase, inquiry, or application with your business within the past 18 months, or if the consumer made an inquiry within the past 3 months. An EBR allows calling a DNC-registered number, but does NOT override the requirement for express written consent for automated or text messages to mobile numbers.

Is email validation different from TCPA compliance?

Yes — email communications are governed by CAN-SPAM, not TCPA. TCPA specifically covers telephone-based communications: voice calls and SMS/MMS text messages. They require separate compliance processes.

Protect Your Business Before You Dial

DNC check + TCPA litigant flag + line type in every validation. 1,000 free credits to start.

Start TCPA-Safe Validation →
blank
Phone Validation

Phone Number Lookup vs Phone Validation: What Is the Difference?

Phone number lookup and phone number validation are two different tools that solve different problems. Confusing them leads to compliance gaps, wasted budget, and missed fraud signals.

Phone Number Lookup: What It Is

A phone number lookup — also called reverse phone lookup — returns the identity of the person or business behind a phone number. This typically includes the owner’s name, address, and associated demographic data. Reverse lookup services aggregate data from public records, data brokers, and proprietary databases.

Phone number lookup is regulated under the Fair Credit Reporting Act (FCRA) when used for employment screening, tenant screening, credit decisions, or insurance underwriting. Companies providing reverse lookup for these purposes must be FCRA-compliant consumer reporting agencies (CRAs).

Phone Validation: What It Is

Phone number validation determines the technical and regulatory status of a phone number itself — not the person behind it. Our Phone Validator API answers questions like:

  • Is this a valid, dialable number in the correct format?
  • Is it currently active (in service)?
  • Is it mobile, landline, VoIP, or toll-free?
  • Which carrier currently holds this number?
  • Is it on the Federal Do Not Call registry?
  • Is it associated with a known TCPA litigant?

Phone validation does not return owner names, addresses, or personal data. It is not subject to FCRA regulation and is not a consumer report. It is a data quality and compliance screening tool.

Side-by-Side Comparison

Feature Phone Number Lookup Phone Validation
Returns owner name / address✅ Yes❌ No
Returns line type (mobile/landline)Sometimes✅ Always
Returns DNC / TCPA status❌ No✅ Yes
Returns carrier nameSometimes✅ Always
FCRA-regulated⚠️ Often yes✅ No (not a consumer report)
Stores personal dataYes❌ No — numbers not retained
Primary use caseIdentity research, debt recoveryLead quality, TCPA compliance, fraud prevention

Which One Do You Need?

If your goal is data quality, compliance, and fraud prevention — you need phone validation. If your goal is identifying who owns a specific number for skip tracing, debt collection research, or investigative purposes — you need a reverse phone lookup service (and must comply with FCRA if applicable).

For most businesses running DNC-screened outbound campaigns, validating mobile vs landline status, or enriching a CRM with carrier and geographic data — phone validation is the correct, FCRA-safe tool.

Phone Validation vs Phone Lookup in Lead Generation

Lead generation operations are a prime use case for phone validation specifically. When a prospect fills out a web form, you want to know three things before that lead enters your funnel: Is the number real and active? Is it mobile (for SMS nurture)? Is it on the DNC registry (for outbound calling)? None of those questions require knowing the owner’s name — they are purely about data quality and compliance, which is precisely what phone validation answers.

Frequently Asked Questions

Does RealValidito perform reverse phone lookup?

No. We validate phone number status, line type, carrier, and compliance data. We do not return owner names, addresses, or personal identification information.

Is phone validation data considered a consumer report?

No. Our service returns technical and regulatory status of a phone number, not personal consumer information. It is not subject to FCRA regulations governing consumer reporting agencies.

Can I use phone validation for TCPA compliance?

Yes — this is the primary compliance use case. Each validation returns the dnc and tcpa_litigant fields, which you can use to filter your outbound contact list before dialing or texting.

Validate Numbers, Not People

TCPA-safe phone validation. 1,000 free credits. No credit card required.

Start Free Validation →
blank
Phone Validation, TCPA & Compliance

Mobile Phone Validator: Detect Cell Numbers Before Your SMS Campaign

Sending an SMS to a landline or VoIP number wastes your credit, annoys your provider, and violates TCPA when the number is on the DNC list. A mobile validator identifies which numbers in your list are actually SMS-eligible before you send.

What Is a Mobile Phone Validator?

A mobile phone validator is a specific application of phone number validation that determines the line type of a given number — most critically, whether it is a mobile (cellular) line or not. For SMS and text marketing teams, this distinction is not optional: SMS messages can only be delivered to mobile numbers. Sending to landlines or VoIP numbers wastes budget, inflates bounce rates, and in opt-in campaign contexts, may trigger TCPA exposure if the number is not confirmed as a cell number with proper consent.

Our Phone Validator API classifies every number into one of six line types: Mobile, Landline, VoIP, Toll-Free, Prepaid, or Pager.

Mobile vs Landline vs VoIP: Why It Matters for SMS

The TCPA distinguishes between mobile and landline numbers in a legally significant way. Automated texts (ATDS) to mobile numbers require prior express written consent — even if the number is not on the DNC registry. Sending to a landline number “forwarded” to a mobile (a ported or Google Voice type scenario) can still trigger TCPA liability.

📱 Mobile
SMS-eligible. Requires TCPA consent for automated texts. Valid for mobile marketing.
☎️ Landline
Cannot receive SMS. Remove from text campaigns. Still valid for voice outreach.
🌐 VoIP
Internet-based. SMS delivery inconsistent. High fraud/spam signal. Treat with caution.
💳 Prepaid
Often mobile. Higher churn rate. Common in lead gen fraud. Validate freshness.

Number Portability and Line Type Accuracy

A number that started life as a landline may have been ported to a mobile carrier. A number originally issued as a mobile number may have been ported to a VoIP service. Our validator checks both the current carrier and the original issuing carrier, and detects whether the number has been ported. This is critical for accurate line type classification — a carrier lookup alone without portability intelligence will misclassify ported numbers.

Pre-Campaign Mobile Validation Workflow

  1. Collect leads — via web form, third-party list, or CRM import
  2. Validate at point of capture — use the Phone Validator API inline or in a nightly batch job
  3. Filter by line_type — include only records where line_type = "Mobile" or "Prepaid"
  4. Check DNC status — exclude any mobile number where dnc = true or tcpa_litigant = true
  5. Send only to clean mobile numbers

Detecting Fraud Signals with Line Type Data

Fraudulent lead submissions often use VoIP numbers from disposable providers (Google Voice, Twilio burner numbers, etc.) because they are free and anonymous. When your lead capture form gets an unusually high proportion of VoIP numbers, it is a strong signal of lead fraud or form stuffing. Filtering line_type = "VoIP" from your intake removes these leads before they corrupt your CRM or waste outreach budget.

Frequently Asked Questions

Can a mobile number fail validation?

Yes. A number can be a mobile number but currently inactive (disconnected, suspended, or ported away to a new number). The active field distinguishes currently-in-service mobile numbers from disconnected ones.

Does mobile validation guarantee SMS deliverability?

It maximises deliverability by ensuring the number is a real, active mobile line from a recognised carrier. Network-level delivery failures (full voicemail, blocked sender ID) are beyond the scope of phone validation.

How do I validate mobile numbers in bulk for an SMS campaign?

Upload your list as a CSV (up to 50,000 numbers) to the RealValidito dashboard, or loop through your list with the API at up to 1,000 per batch request. Filter for line_type = "Mobile" in the results export.

Validate Your SMS List Before You Send

1,000 free credits — no card required. Stop wasting sends on landlines and VoIP numbers.

Start Mobile Validation Free →
blank
Phone Validation, TCPA & Compliance

DNC Checker: How to Verify Numbers Against the Federal Do Not Call List

The Federal Do Not Call Registry holds over 240 million registered numbers. A DNC checker screens your list against this database — and flags the TCPA litigants who will sue you if you call them.

What Is the Federal Do Not Call Registry?

The Do Not Call Registry is a database maintained by the Federal Trade Commission (FTC) under authority of the Telephone Consumer Protection Act (TCPA) and the Do-Not-Call Implementation Act. Consumers register their phone numbers to opt out of unsolicited telemarketing calls. Registration is permanent — numbers remain on the list indefinitely unless the consumer removes them.

Since its launch in 2003, the registry has grown to include over 240 million active registrations. Calling a registered number without a prior business relationship or documented consent exposes your business to TCPA statutory damages of $500 per call, up to $1,500 per wilful violation.

What a DNC Checker Screens For

A proper DNC checker does more than a simple registry lookup. The RealValidito Phone Validation API screens each number against two distinct lists:

  • Federal DNC Registry — numbers voluntarily registered by consumers with the FTC
  • TCPA Litigant Database — known professional plaintiffs who systematically file TCPA lawsuits against businesses that call or text them

The litigant flag is especially important. These are individuals who specifically register numbers, wait for a business to call, and then file suit — sometimes dozens of lawsuits per year. A single call to one of these numbers can result in a $1,500 statutory damage claim with no cap per plaintiff.

How to Use a DNC Checker Before Outbound Campaigns

The correct workflow is to scrub your list before every campaign, not once at list acquisition. Phone numbers cycle on and off the registry. A number that was clean six months ago may now be registered.

  1. Export your contact list from your CRM or dialer
  2. Submit numbers to the DNC checker — individually via API or in bulk via CSV (up to 50,000 per file)
  3. Filter out all numbers where dnc = true or tcpa_litigant = true
  4. Only pass the clean segment to your outbound campaign
  5. Document the scrub date and results for compliance records

DNC Checker vs DNC Scrubber: Same Tool, Different Terms

You may see these terms used interchangeably: DNC checker, DNC scrubber, DNC lookup, DNC verification. They all refer to the same operation — cross-referencing a phone number or list of numbers against the Do Not Call registry and returning a clean/flagged result. The output tells you which numbers are safe to contact and which must be excluded.

What the DNC Checker Does Not Cover

The Federal DNC Registry is a national list. Individual US states maintain their own separate DNC registries (for example, Texas, Indiana, and Wyoming have state-level lists). Our DNC lookup covers the Federal registry only. For businesses with heavy outbound activity in specific states, you may need to additionally subscribe to state-level DNC data from those states’ regulators.

Additionally, the DNC registry governs telemarketing calls. It does not restrict calls made with prior express written consent, calls to business numbers, or calls from political organizations, charities, and survey firms under applicable exemptions.

Batch DNC Scrubbing

For large lists, use the CSV batch upload feature. Upload a file with up to 50,000 numbers, and the system returns a clean results file showing each number’s DNC and TCPA litigant status. No credits are charged for blank rows or malformed entries.

For real-time list intake (e.g., web form submissions), use the Phone Validator API to check each number at point of capture — before it ever enters your CRM.

⚠️ Key Compliance Note

The TCPA requires maintaining documented evidence of your DNC scrubbing. Keep records of when each list was scrubbed, against which database version, and what the results were. The FTC and TCPA plaintiffs’ attorneys will ask for this documentation in enforcement actions and litigation.

Frequently Asked Questions

How often should I scrub my contact list?

The FTC recommends scrubbing at least every 31 days if you call numbers on the registry (under a prior business relationship exemption). For cold outbound, scrub before every campaign.

Does a DNC check also validate whether the number is active?

Our Phone Validator API returns both the DNC flag and the active/valid status in a single call — giving you compliance status and data quality in one lookup.

Can I use DNC data to build suppression lists?

Yes. Export flagged numbers from our dashboard and import them as a suppression list in your dialer or CRM. We recommend refreshing this suppression list monthly.

Are there international DNC registries?

Our service covers the US Federal DNC Registry (and Canada’s DNCL for Canadian numbers). We do not cover state-level or international DNC registries outside the US/Canada NANP.

Run Your First DNC Check Free

1,000 free lookup credits — no credit card, no subscription. Credits never expire.

Start Free DNC Screening →
blank
Developer Guides, Phone Validation

Phone Validator API: Complete Integration Guide for US Developers

The RealValidito Phone Validator API validates any US or Canada phone number in real time — returning line type, carrier, DNC status, and geographic data in a single JSON call.

What the Phone Validator API Returns

Every successful API call to POST /phonelookup/validate returns a structured JSON response with all of the following fields:

  • valid — whether the number is a valid NANP number
  • active — whether the number is currently in service
  • line_type — Mobile, Landline, VoIP, Toll-Free, Prepaid, or Pager
  • carrier — current serving carrier name
  • original_carrier — issuing carrier (detects number portability)
  • city, state, zip, area_code, timezone — geographic intelligence
  • dnc — Federal Do Not Call registry status
  • tcpa_litigant — flag for known TCPA lawsuit filers

Response time is consistently under 1 second. The API runs against a continuously updated database synchronized with 100+ authoritative carrier and regulatory sources.

Authentication and Endpoint

Authentication uses a two-key system passed in the POST body. There are no OAuth flows, no session tokens — just your api_key and api_secret per request.

POST https://app.realvalidito.com/phonelookup/validate
Content-Type: application/json

{
  "api_key": "YOUR_API_KEY",
  "api_secret": "YOUR_API_SECRET",
  "phone": "5551234567"
}

Integration Examples by Language

PHP

<?php
$payload = json_encode([
    'api_key'    => 'YOUR_API_KEY',
    'api_secret' => 'YOUR_API_SECRET',
    'phone'      => '5551234567',
]);
$ch = curl_init('https://app.realvalidito.com/phonelookup/validate');
curl_setopt_array($ch, [
    CURLOPT_POST           => true,
    CURLOPT_POSTFIELDS     => $payload,
    CURLOPT_HTTPHEADER     => ['Content-Type: application/json'],
    CURLOPT_RETURNTRANSFER => true,
]);
$result = json_decode(curl_exec($ch), true);
echo $result['line_type']; // e.g. "Mobile"

Python

import requests

response = requests.post(
    'https://app.realvalidito.com/phonelookup/validate',
    json={
        'api_key':    'YOUR_API_KEY',
        'api_secret': 'YOUR_API_SECRET',
        'phone':      '5551234567',
    }
)
data = response.json()
print(data['carrier'])  # e.g. "T-Mobile"

JavaScript (Node.js)

const resp = await fetch('https://app.realvalidito.com/phonelookup/validate', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify({
    api_key:    'YOUR_API_KEY',
    api_secret: 'YOUR_API_SECRET',
    phone:      '5551234567',
  }),
});
const data = await resp.json();
console.log(data.dnc); // true or false

Checking Your Credit Balance

Monitor remaining credits at any time without consuming a lookup credit:

GET https://app.realvalidito.com/phonelookup/getcredits/{api_key}/{api_secret}

Batch Processing: Up to 50,000 Numbers

For high-volume validation, skip the per-call API and use CSV batch upload through the dashboard. Upload a file with up to 50,000 phone numbers, get a clean results export — all deducted from your credit balance at the standard per-lookup rate. No credits are charged for blank rows or format errors.

TCPA Compliance Use Case

Every response includes two compliance-critical fields: dnc (Federal Do Not Call registry match) and tcpa_litigant (known TCPA lawsuit plaintiff). Integrating these checks before your outbound dialer or SMS campaign eliminates your exposure to TCPA penalties of $500–$1,500 per violation.

A recommended pre-dial filter:

if ($result['dnc'] || $result['tcpa_litigant'] || !$result['active']) {
    // Skip this number — do not dial
}

Frequently Asked Questions

Is one credit consumed per API call?

Yes — one credit per successful validation. No credit is charged for invalid API keys, network errors, or requests that return an error response.

What format should the phone number be in?

Any format is accepted — (555) 123-4567, 5551234567, +15551234567, 555-123-4567. The API normalises input automatically.

Does the API support international numbers?

Currently US and Canada (NANP, country code +1) are supported. International numbers outside the North American Numbering Plan return an invalid response.

What is the uptime SLA?

The API runs at a 99.9% uptime SLA. Requests are typically answered in under 1 second including network round-trip.

Start Validating for Free

Sign up at RealValidito and get 1,000 free credits. No credit card. Credits never expire.

Get API Access Free →

Recent Posts