10DLC and the Technical Reality of SMS Marketing in 2026

SMS as a marketing channel produces 40–60% open rates within minutes of send and conversion rates that meaningfully outperform email. It also has the most regulated and technically demanding compliance landscape of any marketing channel in 2026. The teams that succeed treat 10DLC registration, opt-in workflows, and content rules as core engineering requirements — not legal department checkboxes.

Key takeaways

10DLC is non-optional for US business SMS. Sending US marketing SMS without 10DLC registration leads to messages being filtered, throttled, or blocked entirely. The registration takes 1–3 weeks and requires brand and campaign approval through The Campaign Registry (TCR).
Opt-in must be explicit and documented. TCPA in the US, CASL in Canada, GDPR in the EU all require explicit consent. “Implied consent” doesn’t meet the standard. Build the consent capture as part of the application infrastructure, not as a checkbox afterthought.
Content rules matter more than people realize. Carrier filters block messages with banned content (gambling, adult, certain pharma, payday lending) regardless of registration. Even legitimate content can trigger filters when SHAFT keywords appear or links use shortened URLs from suspicious shorteners.
The economics work when you keep churn low. SMS costs $0.005–$0.025 per message in the US. Lists with high opt-out rates burn money fast. The discipline is sending less, more relevantly, to people who clearly want it.

The 10DLC registration process

10DLC (10 Digit Long Code) is the system US carriers use to identify legitimate business SMS senders on standard 10-digit phone numbers. Without registration, your messages compete for delivery against spam.

The registration sequence:

Brand registration with The Campaign Registry. Submit company legal name, EIN, address, website, and contact info. The brand gets a Trust Score (0–100) based on data verification — higher scores get better throughput.
Campaign registration per use case. Each distinct use case (marketing, account notifications, two-factor auth, customer care) is registered separately with sample messages, opt-in workflow, and opt-out instructions.
Carrier vetting. AT&T, T-Mobile, Verizon, and others approve campaigns based on compliance and content. Approval takes 1–3 weeks; rejection means revising and resubmitting.
Throughput allocation. Approved campaigns get a messages-per-second limit based on Trust Score and use case. Marketing campaigns typically get 1–20 MPS.

Your SMS provider (Twilio, MessageBird, Plivo, Telnyx) handles the mechanics, but the data and decisions are yours.

Opt-in workflows that pass compliance review

The TCPA standard for marketing SMS in the US is “prior express written consent.” The standards in Canada (CASL) and the EU (GDPR) are similarly strict. Practical implementation:

Explicit consent text. The opt-in form must clearly state the user is consenting to receive marketing SMS, expected message frequency, that data rates may apply, and how to opt out. Pre-checked boxes don’t count.
Double opt-in for compliance defensibility. Phone confirms via SMS reply (“YES to confirm”) before being added to the marketing list. Adds friction; reduces TCPA exposure significantly.
Consent records stored with timestamp, IP address, exact text shown, and method of capture. If a complaint or audit happens, you need to produce these records.
Channel separation. Consent for transactional SMS (order updates) doesn’t constitute consent for marketing SMS. Capture and store separate consent flags.

Content rules: SHAFT and beyond

Carriers filter on content categories. SHAFT (Sex, Hate, Alcohol, Firearms, Tobacco) is the high-risk category list — messages mentioning any of these face heavy filtering. Other categories with high filter rates: payday lending, certain CBD/cannabis, debt forgiveness, multi-level marketing.

Even legitimate marketers get filtered when:

Messages contain link shorteners from blocked domains (bit.ly often filtered; brand-specific short domains preferred)
Messages don’t include the registered brand identifier
Opt-out instructions are missing (“Reply STOP to unsubscribe”)
Frequency exceeds what was registered
Content shifts away from the registered campaign use case

Filtering is silent — your provider may show “delivered” but the carrier never displayed the message to the user. Monitoring delivery vs. read rates and engagement vs. send rates surfaces filtering issues.

The economics of SMS as a channel

SMS works financially when:

List quality is high. 5%+ opt-out rate per send is a list health crisis. Healthy lists run under 1% per send.
Send frequency is restrained. 1–2 marketing SMS per week is the upper limit for most ecommerce brands. Higher frequency burns the list.
Messages drive measurable revenue. Track click-through, attribution, conversion. SMS that costs $0.01 per message and produces $0.50 in attributed revenue per recipient is healthy; messages that produce $0.02 are not.
Segmentation is real. Sending the same message to your entire list is the worst-performing pattern. Segment by purchase recency, product category, lifecycle stage. Smaller, more relevant sends produce better results than mass blasts.

Stack and integration

SMS provider: Twilio (largest, most mature), MessageBird (international focus), Plivo (cost-competitive), Telnyx (developer-focused), Klaviyo SMS (integrated with email), Postscript (Shopify-focused).
Customer data platform: Klaviyo, Customer.io, Iterable for unified email + SMS lifecycle. RudderStack or Segment for the customer data foundation underneath.
Compliance management: ActiveProspect’s TrustedForm or Jornaya for consent capture documentation; provider tools for opt-out automation.
Attribution: UTM tags on every link with branded short domains, post-purchase attribution surveys, server-side tracking through tools like Triple Whale or Northbeam.

FAQ

How long does 10DLC registration take?

1–3 weeks for the brand approval, another 1–3 weeks for campaign approvals. Plan ahead. Don’t launch a campaign expecting same-day approval.

Can I send marketing SMS without 10DLC?

Technically yes; practically no. Unregistered messages are heavily filtered by carriers. The throughput is throttled to the point of being unusable for marketing. Toll-free numbers (with their own registration, similar process) work for low-volume use cases.

What’s the difference between transactional and marketing SMS?

Transactional: order confirmations, shipping updates, password resets, two-factor codes. Recipient initiated the workflow; SMS confirms or updates them. Marketing: promotions, sales announcements, new product alerts. Recipient consented to receive these but didn’t trigger the specific message.

The distinction matters for compliance (different consent standards), filtering (transactional gets through more reliably), and economics (transactional volume is predictable; marketing requires more discipline).

How do I handle international SMS compliance?

Each country has its own rules. UK has PECR; Canada has CASL; EU has GDPR + ePrivacy; Australia has Spam Act. Multi-region campaigns need region-specific opt-in workflows, content review, and provider configurations. Single global compliance approach doesn’t work.

What’s a realistic ROI on SMS marketing?

Strong programs produce 25–40x ROAS on SMS spend (revenue/spend). Mature programs with disciplined segmentation can hit 50x+. Bad programs that blast undifferentiated messages to large lists produce single-digit ROAS and torch list health in the process.

Want help building or auditing your SMS marketing infrastructure?

EtherLabz architects SMS programs that handle 10DLC registration, opt-in workflow, content compliance, and the analytics layer. Book a discovery call.

Written by Mike, with input from the EtherLabz team. Compliance information here is general guidance, not legal advice.