Active Incident? 24/7 Response →
SleuthX

For Attorneys

How to Authenticate Text Messages in Court (FRE 901 & 902)

A low prima-facie bar, two self-authentication shortcuts with a notice trap, and the case law that says a name on a screenshot proves nothing about who wrote it. Written for family-law and litigation counsel.

All articles·9 min read·June 30, 2026

The short answer

Authentication is the gate every text message has to pass before a judge will even consider it. The bar is lower than people fear, but a screenshot alone rarely clears it. Under the Federal Rules of Evidence, you authenticate a text one of two ways: with a witness or circumstances that show it is what you say it is (Rule 901), or with a forensic examiner's certificate that lets the extraction authenticate itself (Rule 902) — and that shortcut comes with a notice requirement counsel forget at their peril. This is informational, not legal advice, and the state-court numbering varies; authenticate to your forum's rule.

Rule 901: a low bar, three practical routes

Rule 901(a) asks only for evidence sufficient to support a finding that the item is what the proponent claims. The judge screens; the jury (or the family-court fact-finder) decides what weight it carries. That is a prima facie standard, not proof beyond doubt.

The illustrations in Rule 901(b) are non-exhaustive, but three carry text messages:

Rule 902(13) and (14): self-authentication by certificate

The 2017 amendments added two provisions that matter enormously for digital evidence. Rule 902(13)self-authenticates a machine-generated record on a qualified person's written certificate. Rule 902(14) self-authenticates data copied from an electronic device and verified by hash value or other digital identification— the engine that lets a forensic examiner's certificate admit a phone extraction without live testimony at trial.

Here is the trap. “Without live testimony” is not the same as “automatically admitted.” Both 902(13) and (14) are conditioned on the 902(11) clause: before trial you must give the opponent written notice of the intent to offer the certified record and make the record and certification available for inspection, so the opponent has a fair chance to object to the certificate. Miss the notice and you forfeit the shortcut — you are back to putting your examiner on the stand under 901. The certificate streamlines authentication; it does not strip the other side of the right to challenge it.

Why a screenshot usually isn't enough

Two cases anchor the skepticism a careful judge brings to a phone-camera photo of a screen. In Griffin v. State, Maryland's high court reversed a conviction that rested on a printed social-media page bearing the defendant's girlfriend's name, photo, and birth date — that, the court held, showed the account existed, not that she authored the specific post. The Second Circuit reached the federal echo in United States v. Vayner: a page that looks like the defendant's proves a page existed, not who typed it. The authorship gap is the whole problem, and a screenshot does nothing to close it.

A forensic extraction closes it differently. It pulls the message from the database on the device, carries the surrounding metadata and the system context that 901(b)(4) and (9) rely on, and lets the examiner certify the copy by hash. That is the difference between “here is a picture I took” and “here is the message as it sat on the phone, verified.” Grimm's opinion in Lorraine v. Markel remains the roadmap for how the authentication and the rest of the evidentiary chain fit together.

What this means for your case

Authentication and admissibility are separate gates — clearing 901/902 does not answer the hearsay question, which is its own fight (see the hearsay trap in text-message evidence). And a screenshot the other side hands up is exactly the kind of exhibit Griffin and Vayner were written about — see why family-law texts need a forensic extraction. If a contested message will carry weight, a forensic phone extraction handled by a certified examiner is what survives the challenge.

Sources

  1. Legal Information Institute, Cornell Law School, Federal Rule of Evidence 901 — Authenticating or Identifying Evidence. https://www.law.cornell.edu/rules/fre/rule_901
  2. Legal Information Institute, Cornell Law School, Federal Rule of Evidence 902 — Evidence That Is Self-Authenticating. https://www.law.cornell.edu/rules/fre/rule_902
  3. U.S. District Court for the District of Maryland (Grimm, M.J.), Lorraine v. Markel American Insurance Co., 241 F.R.D. 534 (D. Md. 2007). https://www.ediscoverylaw.com/2007/12/01/lorraine-v-markel-am-ins-co-241-f-r-d-534-d-md-2007/
  4. Court of Appeals of Maryland, Griffin v. State, 419 Md. 343 (2011). https://www.courts.state.md.us/data/opinions/coa/2011/74a10.pdf
  5. U.S. Court of Appeals for the Second Circuit, United States v. Vayner, 769 F.3d 125 (2d Cir. 2014). https://nys-fjc.ca2.uscourts.gov/programs/10-23-19%20-%20US%20v.%20Vaynor%20789%20F.3d%20125%20(2014).PDF

Related services

Meet Your Practitioner

Quinnlan Varcoe

Founder & CEO

GIAC-certified · 15 industry certifications

With operational experience across Fortune 50 security programs and the defense industrial base, Quinnlan founded SleuthX in 2022 to provide clients with the caliber of expertise typically reserved for the largest enterprises. Her work in threat intelligence and digital forensics has earned the trust of 26,000+ cybersecurity professionals who follow her analysis.

“26,000 professionals follow my work because I say what others won't — and I can back it up technically.”

Fortune 50 BackgroundDefense IndustryThreat IntelligenceDigital PrivacyIncident Response
Quinnlan Varcoe, Founder & CEO

Authenticating texts: quick answers

Certified Expertise

GIAC · AWS · Splunk · CompTIA

Transparent pricing

Trusted by partners across the practice

DAS Health
Exhibit A Cyber
Ally Security
KIRO Group
Black Mirage
Kalles Group
Gridware
CQR
Archstone Security
Cyvergence
Sentinel Cyber
Cloud Underground
Seron Security
Hexen
Koru Risk Management
DAS Health
Exhibit A Cyber
Ally Security
KIRO Group
Black Mirage
Kalles Group
Gridware
CQR
Archstone Security
Cyvergence
Sentinel Cyber
Cloud Underground
Seron Security
Hexen
Koru Risk Management