Under TCPA guidelines (which govern how businesses can send marketing texts), double opt-in is not required. The law mandates that businesses must obtain prior express written consent from subscribers before sending them promotional texts. How you collect that consent is up to you—as long as it's clear, documented, and legally valid.
A well-structured single opt-in flow—with visible consent language and a verifiable opt-in source—is fully compliant with TCPA requirements.
In a single opt-in flow, the user enters their phone number into a form (like a pop-up or checkout field) and is immediately added to your SMS marketing list.
This is the method supported by our platform, and it's what most high-performing brands use.
To ensure compliance, we:
Capture a timestamp and opt-in source for every new subscriber
Require brands to include TCPA-compliant consent language in the opt-in form
Maintain records of consent in case of audits or disputes, both on the OneText platform and any connected CRM on your account
With double opt-in, a subscriber must confirm their interest twice—typically by entering their number and then replying to a confirmation text before they’re subscribed.
This extra step can offer additional proof of consent, which some brands may prefer if they’re in highly regulated industries or want an extra confirmation of consent.
However, double opt-in:
Adds friction to the signup process
Leads to lower conversion rates
Isn’t required by law for TCPA compliance
We strongly recommend single opt-in, because:
It’s fully compliant when done correctly
It provides a simpler and more seamless user experience
It maintains high opt-in and engagement rates
That said, if your legal team requires double opt-in, we support it too—reach out to your CSM to set up the configuration.
The information in this article is provided for general educational purposes only and should not be considered legal advice. Always consult with your legal counsel to determine the best compliance approach for your business.