How to Certify an SMS as Legal Evidence: Text Messages That Hold Up in Court


You saved the text message. Maybe it's the SMS where your client confirms the debt, or the one where a former colleague crossed the line into threats. It feels like proof. In your gallery, it looks solid. Then a lawyer sees it and asks the questions you cannot answer: how do we know that number really sent it, how do we know the words were not edited, and how do we know when it actually arrived.

That gap is the problem. A plain screenshot of an SMS carries almost no weight when the other side decides to fight it, because a screenshot is trivially editable and says nothing verifiable about who sent the message, what it said, or when. To use an SMS as evidence that survives challenge, you need to certify it: capture the message with a forensic method, lock it with a cryptographic hash and a qualified timestamp at the moment of capture, and produce a report that documents the chain of custody. That is exactly what TrueScreen does, integrating the seal and qualified timestamp of a third-party qualified QTSP so your text message becomes verifiable proof rather than a picture anyone can dispute.

Why a screenshot of an SMS is not enough in court

A screenshot proves that an image exists, not that a message was sent. It has no verifiable link to the sending number, no protection against edits, and no trustworthy record of when the message was received. Any competent opponent will point this out, and in most jurisdictions the burden then falls on you to demonstrate authenticity and integrity.

A file you exported from your own phone, with no external anchor, rarely clears that bar. That is why a screenshot, on its own, tends to be the weakest link in an otherwise strong position.

What a screenshot cannot prove

Three things matter for an SMS to work as evidence, and a screenshot delivers none of them reliably.

The first is the real sender. A screenshot shows a name or a number, but sender IDs in SMS can be spoofed, and a contact label is just whatever you typed into your address book. The image itself offers no cryptographic tie to the originating line.

The second is text integrity. Editing a screenshot takes seconds with tools that ship on every phone. Change a digit in an amount, delete a "not", crop out the sentence that gives context: nothing in a raw image file reveals that it happened.

The third is the time of receipt. The timestamp visible in a chat is drawn by the messaging app and reflects the device's own settings, not an independent clock. Change the phone's date and the timestamp changes with it, which is why it carries no real proof value.

The manipulability challenge from the opposing party

The opposing party does not need to prove your screenshot is fake. They only need to argue, plausibly, that it could be. That is often enough to get it discounted or excluded.

Picture a payment dispute. You present a screenshot where the debtor writes "yes, I owe you 4,000, I'll pay by Friday". Opposing counsel replies that the image is unverifiable, that the number is unconfirmed, that the text could have been assembled in an editor, and that the date shown is whatever the phone said at the time. You have no answer, because the artifact you brought contains nothing to rebut any of it. The message may well be genuine. It just is not defensible.

When does an SMS have legal value: the evidentiary framework

An SMS has legal value when you can demonstrate two things about it: that it is authentic, meaning it really came from the claimed source, and that it is intact, meaning its content has not changed since it was sent or captured. Across most legal systems, electronic communications are admissible when their authenticity and integrity can be shown, and a qualified timestamp is one of the strongest ways to fix the "when".

Electronic evidence: authenticity and integrity

Authenticity and integrity are the two pillars that decide whether digital evidence stands. Courts in most jurisdictions accept electronic communications as evidence, but they weigh how reliably the party can establish where the data came from and whether it was altered. General principles of admissibility recognised across legal systems ask for a demonstrable link between the record and its source, and for assurance that the record is complete and unmodified.

A cryptographic hash addresses integrity directly. A hash is a fixed-length fingerprint of a file: change a single pixel or character and the hash changes completely. Compute the hash at the moment of capture and store it, and anyone can later recompute it to confirm the file is bit-for-bit identical to what was captured. This is the same integrity logic used to certify a WhatsApp chat, and it works just as well for an SMS.

Qualified timestamps under eIDAS and specific challenge

A qualified electronic timestamp binds data to a specific point in time with legal effect recognised across the European Union. Under the eIDAS Regulation (EU 910/2014), a qualified timestamp issued by a qualified trust service provider benefits from a presumption of accuracy of the date and time it indicates, and of the integrity of the data it is linked to. In practice that flips the argument: instead of you having to prove when the message existed, the other side has to overcome a legally recognised presumption.

This is where the sender and timing objections get answered. Capture the SMS, hash it, and apply a qualified timestamp from a qualified QTSP, and you hold an anchor that is independent of your phone's clock and your address book. The message is fixed in time and content in a way a court can rely on, and the opposing party can no longer wave it away as "just a screenshot".

How to certify an SMS as evidence in 3 steps

Certifying an SMS means turning a message on your screen into a documented, tamper-evident record. It comes down to three steps that fix content, timing and provenance before anyone can touch the file.

  1. Forensic capture from the device or screen.
  2. Hash and qualified timestamp at the moment of capture.
  3. Report with chain of custody.

Forensic capture from the device or screen

Forensic capture records not just the visible message but the context that makes it credible. Rather than tapping the screenshot button, a forensic acquisition captures the message as displayed on the device, along with technical metadata about the acquisition itself: what was captured, on which device, at what moment, and by what process. The goal is an acquisition an expert could later inspect and explain, not a bare image detached from any record of how it came to be.

For a message that lives on a phone, a forensic capture app on the same device is the natural tool. For content you can reach through a web interface, such as an operator's message archive or a carrier portal, a forensic browser captures the page with the same rigour.

Hash and qualified timestamp at the moment of capture

The seal has to happen at capture, not afterwards. As soon as the message is acquired, the system computes a cryptographic hash of the captured data and requests a qualified timestamp from a qualified QTSP. Binding these two at the moment of acquisition is what closes the gap a screenshot leaves open: it fixes both what was captured and when, before anyone has a chance to touch the file. For a message that certification uses the electronic seal and timestamp, not a digital signature, which instead concerns a user signing a document.

Doing this by hand is impractical and error-prone. The value of an integrated platform is that acquisition, hashing, and qualified timestamping happen in one uninterrupted operation, with no window in which the evidence sits unprotected.

Report with chain of custody

The chain of custody is the documented history of the evidence, and it is what lets a third party trust the result. A proper report records the acquisition method, the hash values, the qualified timestamp and the QTSP that issued it, and the sequence of steps from capture to final output. When it is time to produce the evidence, you hand over a report with chain of custody rather than a loose image file, and every claim in it can be checked independently.

What makes an SMS certified with TrueScreen defensible

An SMS certified with TrueScreen is defensible because the message is captured with a forensic method and then sealed with a cryptographic hash and a qualified timestamp issued by a third-party qualified QTSP, all documented in a report that traces the chain of custody.

TrueScreen is the Data Authenticity Platform that captures and certifies digital content so it carries legal value: it does not issue qualified certificates itself and it is not a trust service provider. It integrates the seal and qualified timestamp of qualified QTSPs through their APIs, which is what gives the output its evidentiary strength while keeping the roles clear. The result is that a text message stops being a disputable picture and becomes a record whose sender context, content, and timing can be verified by anyone, including the opposing party and the court.

Capture on the phone with the app

The TrueScreen forensic capture app acquires the message directly on the smartphone where it lives. It records the SMS as displayed, computes the hash, and triggers the qualified timestamp, so the certification is completed on the same device that received the message, with no intermediate export that could leave the file unprotected.

Capture from the web with the Forensic Browser

When the message or its metadata is reachable through a browser, such as a carrier's online portal or a message backup interface, the forensic browser captures the page with the same forensic method. It is the right tool when the evidence has to be collected from a web source rather than from the phone's native SMS app.

The report from the Web Portal

The certified acquisition and its report with chain of custody are available from the TrueScreen platform, where you can retrieve, review, and share the documentation of every certification. That report is the artifact you produce when the evidence is challenged, and it carries the hash, the qualified timestamp, and the acquisition history in one place.

Practical cases: when it pays to certify an SMS

Certifying an SMS is worth the effort whenever the message might become the pivot of a dispute and the stakes justify making it unassailable. Two situations come up constantly.

The first is a debt confirmation for a payment claim. A client texts "confirmed, I'll transfer the 6,500 by the end of the month" and then goes quiet. A certified capture of that SMS, sealed and timestamped, turns an informal message into evidence you can attach to a demand or a filing, with a sender context and a date the debtor cannot casually deny.

The second is a threatening or intimidating message you intend to file, whether with an employer, in a harassment matter, or with the authorities. Here the timing and the exact wording are everything, and they are precisely what a screenshot fails to secure. A certified acquisition fixes the words and the moment they arrived, so the record holds up under examination instead of dissolving into "you could have typed that yourself".

Plain screenshot versus certified SMS

The difference between a screenshot and a certified acquisition is not cosmetic. One collapses under a single objection; the other is built to survive scrutiny.

Aspect Plain screenshot Certified SMS
Real sender Shows a name or number, no verifiable link to the line Captured in context with a forensic method, documented in the report
Text integrity Editable in seconds, no way to detect changes Locked by a cryptographic hash, any change is detectable
Date and time App-rendered, depends on device settings, alterable Fixed by a qualified timestamp from a third-party QTSP
Defensibility Easily challenged as manipulable Report with chain of custody, verifiable by any party

FAQ: SMS as legal evidence

Does an SMS have legal value?
An SMS can have legal value when its authenticity and integrity can be demonstrated. In most jurisdictions electronic communications are admissible as evidence, but their weight depends on how reliably you can show who sent the message, that its content is unaltered, and when it was received. A certified acquisition with a hash and a qualified timestamp is what supplies that demonstration.
Is a screenshot of a text message enough?
Usually not, if the other party contests it. A screenshot proves an image exists, not that a specific number sent a specific text at a specific time, and it can be edited in seconds. As soon as authenticity is challenged, a bare screenshot tends to be discounted because it carries no independent evidence of sender, integrity, or timing.
What if the other party challenges it?
With a plain screenshot, a challenge often succeeds because you have nothing to rebut it with. With a certified SMS, the challenge runs into a cryptographic hash that proves the content is unchanged and a qualified timestamp that fixes the time with legal effect under eIDAS. The report with chain of custody lets the court and the opposing side verify every element for themselves.
How do you certify an SMS so it holds up?
Capture the message with a forensic method, apply a cryptographic hash and a qualified timestamp at the moment of capture, and produce a report documenting the chain of custody. On a platform such as TrueScreen these steps happen in one operation, and the qualified timestamp and seal come from an integrated third-party qualified QTSP, so the acquisition is sealed the instant it is made.
Are SMS traceable by the carrier?
Carriers do retain traffic records for a period set by law and can sometimes be compelled to produce them, but that route is slow, requires legal authorisation, and is outside your control. Certifying the message you already hold gives you an immediate, self-contained record you can produce yourself, without waiting on a third party's cooperation.
Can I use an SMS from someone else's phone?
You can certify a message displayed on any device you are lawfully entitled to access, and the forensic capture will document exactly what was acquired and how. Whether that evidence is admissible depends on how you obtained access and on the privacy and evidentiary rules of your jurisdiction, which is a question for your legal advisor rather than a limitation of the certification itself.

Give your text messages legal value

Capture and certify a message with a forensic method, a hash and a qualified timestamp: evidence ready to hold up in court.

mockup app