US mobile carriers introduced 10DLC (10-Digit Long Code) to fix a growing problem: business SMS was becoming noisy, unpredictable, and open to abuse. From spoofed OTPs to anonymous marketing blasts, too many messages were coming from senders no one could verify, hurting both user trust and delivery performance.

Think of 10DLC as a digital license plate for your business texts. It tells carriers (and users) who you are, what you're sending, and why they should let your message through, while keeping bad actors off the road.

By requiring companies to register their brand and campaigns, 10DLC gives carriers the visibility they need to prioritize legitimate traffic, enforce compliance, and reduce spam at scale.

If your business sends SMS in the US (for sign-ups, OTPs, alerts, or promotions), 10DLC applies to you. Whether you're a SaaS platform, fintech app, e-commerce site, or marketplace, compliance isn’t optional anymore. It's the new baseline for trustworthy, scalable communication.

How 10DLC works?

To understand what 10DLC brings to the table, you first need to understand the mess it was designed to clean up.

For years, US businesses had three main options to send SMS:

• Long codes, which were cheap but unreliable,

• Short codes, which were powerful but expensive,

• And toll-free numbers, somewhere in the middle.

Each came with trade-offs.

Long codes (your classic 10-digit numbers) weren’t built for volume. They’re meant for person-to-person chats, not automated flows. When businesses tried to use them for OTPs or promos, carriers pushed back: slow delivery, high filtering, or flat-out blocking.

Short codes, on the other hand, are made for speed and scale. But they’re pricey, take weeks (or months) to get approved, and don’t look or feel like a standard phone number.

Toll-free numbers (like 1-800) are more affordable and can handle moderate volume, but they’re not optimized for transactional flows or fast authentication use cases.

That’s where 10DLC comes in. It gives you a verified 10-digit number that’s registered, approved, and optimized for A2P traffic, with better throughput, better deliverability, and better trust signals than unregistered routes. It’s the sweet spot between scale, cost, and compliance.

Why A2P requires registration?

A2P (Application-to-Person messaging) isn’t casual texting. It’s your product or platform sending structured messages to real users. And carriers treat that traffic very differently.

To protect users from spam and abuse, they now require businesses to register:

• Who they are (brand registration),

• What kind of messages they’re sending (campaign registration)

If you don’t? Your messages might still get out, for a while, but they’ll likely be throttled, filtered, or quietly dropped. And as enforcement tightens, unregistered traffic is becoming invisible traffic.

Think of registration as getting verified at the door. Once carriers know you’re a legitimate sender with a valid use case, they’ll let your messages through, and keep the shady stuff out.

10DLC compliance & regulations

10DLC isn’t just a technical spec: it’s a compliance framework backed by strict carrier rules. Each major US mobile network enforces its own policies, and ignoring them can result in throttled delivery, blocked traffic, or even financial penalties.

Carrier rules: what the big three expect

All major carriers (AT&T, T-Mobile, and Verizon) now require brand and campaign registration before you can send A2P messages over 10DLC routes. But each has its own thresholds and enforcement strategies:

• AT&T is strict on throughput and message type classification. Registered traffic gets prioritized delivery; anything else risks being dropped without warning,

• T-Mobile applies daily message caps and can impose er-message surcharges if traffic appears suspicious or unregistered,

• Verizon was one of the first to enforce 10DLC and maintains aggressive spam filtering on unverified traffic.

In short: carriers are no longer treating business SMS as a “send it and see” channel. Compliance isn’t a nice-to-have: it’s the price of admission.

The Campaign Registry (TCR): the source of truth

To streamline the process, carriers created a centralized entity: The Campaign Registry (TCR). This is where all US A2P senders must go to register their:

• Brand: your company identity, verified through tax records or official documents,

• Campaigns: the type of messages you plan to send (OTPs, alerts, promos,...).

The TCR acts as a clearinghouse between messaging providers and mobile networks. Once registered, your traffic is whitelisted and treated as compliant, unlocking higher throughput and improving deliverability.

Depending on your provider, registration can take anywhere from a few minutes to a few days, and often includes automated vetting via third-party reputation databases (like Campaign Verify or DCA).

What happens if you don’t comply?

Failing to register your 10DLC traffic doesn’t just reduce delivery, it can actively hurt your product, your users, and your budget. Consequences may include:

• High filtering or outright blocking from carriers,

• Delivery delays, throttling, or random message drops,

• Increased per-message fees (especially from T-Mobile),

• Negative impact on brand reputation and sender score,

• Permanent suspension of SMS routes in serious cases.

Think of unregistered SMS like showing up to a VIP event with no name on the list. Best case, you wait in line. Worst case, you’re not getting in, and you’ve already paid for the ticket.

10DLC compliance is no longer optional. It’s what separates reliable messaging flows from invisible traffic and silent failures.

Registering your 10DLC number

Registering for 10DLC might sound tedious, but in practice, it’s a straightforward process that only takes a few steps. The key is understanding the difference between brand registration and campaign registration, and getting both right the first time.

Brand vs campaign registration: what’s the difference?

10DLC registration is split into two parts, and both are essential. One verifies who you are, the other what you plan to send.

• Brand registration tells carriers who you are as a business. This includes your legal entity name, EIN (Employer Identification Number), business type, and contact details. Think of it as your sender ID, the identity behind the messages,

• Campaign registration describes what you’re sending and why. You define the purpose (OTP, alerts, marketing), the content type, and how users opt in or out. It’s how you prove that your messaging is legitimate and expected.

You can’t skip either step. One defines the sender. The other defines the content.

Step-by-step process: how to register for 10DLC?

If you're working with a provider, they’ll usually guide you through the process or handle most of it directly via The Campaign Registry (TCR). But here’s what’s happening behind the scenes:

1. Submit your brand information

Start by providing your business name, registered address, tax identification number (EIN), and industry category. This step confirms your identity as a legitimate sender and is used to assign a Trust Score that influences your messaging throughput.

2. Register your campaign(s)

Next, define what kind of messages you plan to send. You’ll need to specify the use case (login OTP, delivery alert, promotion,...), provide sample messages, and describe how users opt in. The more precise and transparent your campaign, the smoother the approval.

3. Assign your 10-digit number(s)

Once your campaign is submitted, you can link the long code(s) you'll be using. Each number must be attached to a specific, active campaign, and you can’t reuse the same number across unrelated use cases without approval.

4. Wait for approval

Brand registration is often instantaneous. Campaigns may take a few hours to process, but more complex or marketing-related campaigns can take up to 3–5 business days. Some carriers also apply initial sending limits during the first few days of activity.

5. Go live

Once approved, your number is ready to send A2P messages with carrier-compliant throughput and a much lower risk of filtering or delivery failure.

Approval Timelines: What’s Promised on Paper vs. What Happens in Reality

In most cases, brand registration is completed in minutes, especially if your business details match public records. Campaign approvals take a bit longer and vary depending on the complexity of your use case and the provider handling the process.

The real challenge comes with your first-time registration, as extra checks and carrier reviews can be frustrating and often make the process take much longer than expected.

To set expectations, here’s how the official timelines look for different kinds of campaigns:

• Simple, transactional campaigns (like OTPs or alerts) are often approved within a few hours,

• Marketing or mixed-use campaigns may trigger additional reviews and take up to 3 to 5 business days,

• First-time senders may also be subject to temporary volume limits during the initial ramp-up, particularly with T-Mobile.

While registration isn't instantaneous across the board, it's a one-time setup that unlocks better delivery, higher throughput, and long-term reliability.

From Registration to Approval: How Prelude Manages 10DLC Compliance for You

At Prelude, we guide you through the entire 10DLC registration process and manage it on your behalf. The key is providing complete and accurate information up front — the more detail, the better. Throughout the process, you’ll have direct access to our registration specialists via email or Slack for support and clarifications.

Step 1. We send you the registration form
This form collects all the information carriers require, including:

• Company information: legal name, address, tax ID, website, and contact details

• Campaign description: clear explanation of what type of SMS you’ll be sending

• Use case selection: transactional, marketing, or mixed use cases

• Opt-in process: how customers give consent (web, POS, keyword, etc.)

• Sample messages: up to 3 templates that you plan to use

• Opt-in, opt-out, and help messages: wording that meets carrier requirements

If you’re interested in the registration form we send out, you can preview it here 

👉 Prelude 10 DLC registration form

Step 2. You complete the form thoroughly
The more detailed your answers, the smoother the process. Incomplete or vague submissions often trigger delays or rejections.

If you’re unsure how to describe a campaign or message flow, our specialist will review and guide you before submission.

Step 3. Prelude submits and monitors the application
Once completed, we handle the submission and monitor it with carriers. If additional information is requested, we step in immediately to resolve it.

You’ll be kept in the loop through email or Slack updates from your specialist.

Step 4. Approval timeline
Carriers typically take 2–3 weeks to review and approve campaigns. Providing complete information upfront is the best way to minimize delays.

If the review drags on, your specialist will follow up directly with carriers on your behalf.

Step 5. Ready to launch
Once approved, your campaign is live, with higher deliverability, throughput, and long-term reliability.

Running A2P 10DLC campaigns

Once your brand and campaigns are registered, you're technically ready to send messages, but in practice, not all A2P traffic is treated equally. Carriers continue to evaluate your traffic even after approval, and the content of your messages must consistently match what you declared.

In this section, we’ll look at common campaign types, what carriers expect during approval, and what compliant messaging looks like in the real world.

Common use cases for 10DLC campaigns

Most 10DLC traffic falls into one of four core categories:

• One-Time Passwords (OTP): used for login, two-factor authentication, account recovery, or sensitive actions like payments or password changes,

• Alerts and notifications: covers operational or transactional messages, things like order confirmations, shipping updates, appointment reminders, or system alerts,

• Marketing and promotions: any message that contains commercial intent: discounts, product launches, special offers, abandoned cart reminders, and more,

• Customer Support or Service: two-way communication between a customer and a support agent or chatbot, often through a toll-free or dedicated long code.

Each use case must be declared at the time of campaign registration. And the messages you send later must match the approved content and purpose.

What carriers expect from campaigns?

Campaign approval isn’t a formality. Carriers and their vetting partners review your registration to ensure that your messages are:

• Specific: avoid vague declarations like “general updates” or “user engagement.” Carriers want to know what you’re sending, to whom, and why,

• Transparent: you must provide sample messages and describe how users opt in. Carriers need to understand the user flow and confirm that consent is properly handled,

• Consistent: your live traffic must reflect the campaign use case you registered. Sending promotional content through an OTP campaign, for example, can quickly lead to filtering or suspension.

Think of campaign registration as a contract with the carriers: you define the message type and context, and in return, they let your traffic through. Break that agreement, and deliverability suffers.

Examples: compliant vs non-compliant campaigns

It’s one thing to understand the rules, and another to apply them correctly. Below are real-world examples that show what carriers consider compliant versus what typically leads to filtering or rejection. The difference often comes down to transparency, consistency, and proper use case declaration.

Example 1: a well-structured OTP campaign

A fintech app registers a campaign for login authentication. The sample message provided during registration is: “Your X login code is 482391. This code expires in 5 minutes.”

Users receive these codes after initiating a login flow, and the actual messages match the declared sample exactly. Everything is transactional, clearly opted-in, and aligned with the approved use case.

Result: the campaign is approved quickly and delivers consistently, with no carrier issues.

Example 2: promotional content disguised as OTP

A business registers a campaign for login verification but starts sending promotional messages like: “Welcome to X! Use code WELCOME10 to get 10% off your first order.”

This message doesn’t match the declared use case, even if it’s sent right after signup. Since promotional content was never disclosed or approved, the mismatch can trigger filtering, throttling, or full campaign suspension.

Result: Carriers flag the traffic as non-compliant. Deliverability drops, and the sender may face penalties.

Example 3: a compliant marketing campaign

An e-commerce brand sets up a campaign for marketing messages. The declared sample is: “X Deal Alert: 20% off sitewide today only. Reply STOP to unsubscribe.”

Users explicitly opt in through the website, and messages include clear unsubscribe instructions. The live traffic reflects what was approved, same content type, same intent, same structure.

Result: the campaign is approved and runs smoothly, with strong delivery rates.

Campaign compliance doesn’t end once you get the green light. Carriers continue to monitor your traffic for consistency, consent, and clarity. If you respect what you declared, and stick to it, your messages get delivered. If not, you’re back to dealing with silent failures and blocked routes.

10DLC numbers & approval process

If you're new to 10DLC, you might expect some kind of special number format, but a 10DLC number looks exactly like a standard US phone number. That’s by design.

What a 10DLC number looks like?

A 10DLC number is just a regular 10-digit local number, something like (415) 555-0198. It doesn't look different to end users, and that’s the point: it blends into the user’s inbox like a normal conversation, while carrying the registration and compliance markers behind the scenes.

Unlike short codes or toll-free numbers, 10DLC offers the familiarity of a local presence with the infrastructure of verified A2P messaging. From the user's perspective, it feels personal. From the carrier's perspective, it's controlled.

Most businesses choose numbers that reflect their location or brand identity, but what matters most is that the number is properly registered and mapped to an approved campaign.

Common approval delays and how to avoid them?

While 10DLC registration is generally fast, some campaigns get stuck in review or delayed unnecessarily. Understanding the usual friction points can help you move faster.

Here are the most common causes of approval delays, and how to avoid them:

1. Incomplete or inconsistent brand details

If your legal business name, EIN, or address don’t match official records, your brand registration can be flagged for manual review.

Fix: use the exact information from your tax filings or official registration documents.

2. Vague or misleading campaign descriptions

Generic use cases like “notifications” or “user updates” won’t pass. Carriers want specificity, and they check if your sample messages match your declared purpose.

Fix: be precise. Say “login authentication codes” or “e-commerce promotions,” and align sample messages accordingly.

3. Missing or unclear opt-in flows

If you can’t demonstrate how users give consent to receive messages, approval is unlikely.

Fix: describe the opt-in flow clearly: for example “User provides phone number at checkout and checks a box agreeing to receive SMS updates.”

4. Campaign use case doesn't match message content

Even if your messages are legitimate, if they don't reflect the declared use case, your campaign can be rejected or revoked.

Fix: align your registration with your actual content. If you’re mixing use cases, consider registering multiple campaigns.

5. High-risk content or phrasing

Certain keywords or industries (crypto, cannabis, debt collection,...) trigger extra scrutiny.

Fix: Check if your provider supports high-risk categories, and provide full transparency upfront.

A 10DLC number might look like any other phone number, but what matters is everything behind it: proper registration, accurate campaign declarations, and clear opt-in flows.

If you treat registration like a compliance checkbox, you’ll hit roadblocks. But if you treat it like a trust signal, you’ll unlock better delivery, higher throughput, and long-term reliability.

Common issues and mistakes

Despite the growing maturity of 10DLC in the US, many businesses still stumble on the basics, not because the system is overly complex, but because assumptions and shortcuts tend to backfire. From registration errors to poor campaign setups, the same mistakes show up again and again.

Here’s how to avoid falling into the most common traps.

1. Typo trouble: when “10 dlc compliance" costs you credibility

Yes, even small things like typos can have outsized effects. If your brand name, EIN, or campaign use case is misspelled or formatted inconsistently, your application might be flagged for manual review, delayed, or even rejected outright.

Even on the content side, sloppy copy (like “complaince” instead of “compliance”) in your sample messages or opt-in flows can raise red flags with vetting partners. It creates doubt, and doubt slows everything down.

Tip: always proofread your registration inputs and message templates. This isn’t just paperwork; it’s a trust layer.

2. Misunderstanding costs, throughput, and limits

A common misconception is that once you register for 10DLC, you're automatically granted high-speed delivery and unlimited messaging. Not quite.

Your Trust Score (assigned during brand registration) and your declared use case both influence:

• How many messages per second you can send (throughput),

• How much you're charged per message (carrier fees vary),

• Whether carriers throttle your traffic during peak hours.

For example, T-Mobile applies daily message caps and additional fees for certain types of campaigns or high-volume traffic. If you underestimate these rules, you might overspend, or worse, lose delivery reliability at the worst possible moment.

Tip: clarify throughput and pricing with your provider up front. Plan for growth, not just launch.

3. Campaign rejections: same errors, same consequences

When campaigns get rejected, it’s almost always for one of three reasons:

• The use case is too vague. Saying “user updates” without specifying what kind of updates isn’t enough,

• The sample messages don’t match the declared purpose. If you say OTP but send promos, carriers notice,

• Opt-in details are missing or weak. “Users sign up on our website” is not a valid explanation without showing how they consent to SMS.

These aren’t edge cases, they’re daily realities in the 10DLC pipeline.

Tip: make your application reviewer-proof. Be specific, transparent, and consistent from start to finish.

Most 10DLC issues aren’t technical: they’re operational. Rushed inputs, vague declarations, or misunderstanding how the system works can derail your messaging before it even begins. The good news: these mistakes are easy to avoid with a bit of structure and clarity upfront.

Future of 10DLC in the US

When 10DLC was first introduced, many saw it as just another regulatory hurdle. But over time, it's become clear that this framework is reshaping how B2C messaging works in the US, and that evolution is far from over.

So what’s next for 10DLC? Two major trends are emerging: stricter enforcement from carriers, and a shift in how brands approach SMS as a channel.

Carrier enforcement is getting tighter

In the early days of 10DLC, enforcement was uneven. Some unregistered traffic still made it through, and campaign rejections were rare. That’s no longer the case.

Today, carriers like AT&T, T-Mobile, and Verizon are ramping up enforcement in three key ways:

• More filtering of unregistered traffic, even for low-volume senders,

• Higher fees for non-compliant or high-risk campaigns,

• Closer scrutiny of campaign content and opt-in flows, even after approval

The message is clear: compliance is no longer optional, and workarounds won’t scale.

Over time, we can expect more real-time enforcement mechanisms (automated message scanning, dynamic trust scoring, campaign performance tracking) that push senders toward better alignment between declared intent and actual traffic.

SMS as a trust-based channel

10DLC is changing how businesses think about messaging, not just technically, but strategically.

What used to be a "blast it and see" channel is becoming a high-trust, high-signal communication layer. That’s a good thing for users (less spam), but it also forces businesses to rethink how they design SMS flows.

We’re seeing this play out in two key ways:

• More segmentation and use-case-specific campaigns: one campaign for OTP, another for promos, another for support,

• Better alignment between product flows and opt-in UX: consent is now a design decision, not just a checkbox.

For B2C platforms, that means investing in compliance not just as a safeguard, but as a competitive advantage. Clean, trusted messaging flows don’t just deliver better, they convert better too.

10DLC is no longer “new.” It’s the new normal. And while the rules will keep evolving, the core principle remains the same: carriers want transparency, legitimacy, and control.

Businesses that embrace that shift, with structured registration, honest use cases, and user-first flows, will continue to reach their users reliably. Those who don’t will find their messages going nowhere fast.

FAQ section

What is 10DLC?

10DLC stands for 10-Digit Long Code. It’s a messaging standard introduced by US mobile carriers to allow businesses to send SMS using local phone numbers, but with better delivery, higher throughput, and built-in compliance rules. It’s now the default channel for A2P (Application-to-Person) messaging in the US.

Do I need to register for 10DLC?

If your business sends SMS to US users, whether for login codes, alerts, promotions, or anything in between, then yes, registration is mandatory. You’ll need to register both your brand (who you are) and your campaigns (what you’re sending). Messages sent over unregistered numbers risk being blocked or penalized by carriers.

How long does 10DLC approval take?

Brand registration is usually instant if your business details match official records. Campaign approvals vary: simple use cases like OTPs can be approved within a few hours, while marketing campaigns or high-risk categories may take 3–5 business days. Carriers may also apply sending limits during the initial ramp-up.

Can I run multiple campaigns on one 10DLC number?

Not by default. Each number must be tied to a specific, approved campaign. If you want to send different types of messages (OTP and marketing for example), you’ll typically need to register multiple campaigns, and assign separate numbers to each, unless your use case qualifies for a mixed-use exception, which is rare.

Conclusion: 10DLC as a compliance & trust layer

10DLC isn’t just another rule to follow: it’s a trust layer that defines who gets through, and who gets filtered out.

By requiring brands to be transparent about what they send and why, 10DLC creates a safer, cleaner messaging environment. For users, that means fewer spam texts. For businesses, it’s a chance to stand out as legitimate, reliable, and compliant, not just to carriers, but to customers.

Compliance, in this case, isn’t friction. It's a signal. It tells the ecosystem you’re serious about deliverability, consent, and user experience.

But navigating 10DLC doesn’t have to be complicated. The right partner can streamline your registration, flag potential issues before they happen, and make sure your SMS flows stay compliant, without sacrificing speed, throughput, or user trust.

If SMS is part of your product, then compliance isn’t a separate layer. It’s part of the product itself.