30964: Campaign rejected: non-secured URL (http://) detected

Your A2P 10DLC campaign was rejected because it contains URLs that use the insecure HTTP protocol instead of HTTPS. All URLs included in A2P 10DLC campaigns, whether in sample messages, campaign descriptions, or opt-in flows, must use HTTPS to ensure encrypted communication between consumers and your website. Non-secured HTTP URLs expose consumers to man-in-the-middle attacks and data interception.

• HTTP URLs in sample messages: One or more sample messages contain URLs using http:// instead of https://.
• Non-secured website URL in campaign registration: The website URL provided during campaign registration uses HTTP rather than HTTPS.
• Mixed content on landing page: While the main URL may use HTTPS, the landing page loads resources or redirects through insecure HTTP connections.

• The rejected campaign is not eligible for resubmission. Campaign URLs must use HTTPS to protect consumer security and privacy.
• Ensure your website has a valid SSL/TLS certificate installed and that all URLs in your campaign use https:// before registering a new campaign.
• If you believe this rejection was made in error, contact support.

• A2P 10DLC Registration Guide
• Campaign Registration Best Practices