Skip to content


LegitScript Merchant and Website Classifications Guide

LegitScript assigns a legitimacy classification to websites and merchants selling supplements, pharmaceuticals, and other products or services. The core principle: the merchant should comply with laws and regulations where it is located, as well as the laws and regulations in each jurisdiction where it serves customers.

In the interests of public health, LegitScript’s legitimacy classifications for internet pharmacies and other applicable healthcare websites are searchable from LegitScript’s home page. For other merchant types, the legitimacy classifications are a component of our monitoring services for payment processors, e-commerce websites, and other platforms.

As a general matter, we put merchants and websites in five main categories:

  • Rogue. This means that the merchant’s primary purpose is to engage in some sort of illegal, unsafe, or misleading activity, like selling prescription drugs or contact lenses without requiring a prescription, defrauding customers, or selling counterfeit goods. We recommend that payment processors, search engines, registrars, and e-commerce platforms terminate services to these entities.
  • Unapproved. This denotes some problem with regulatory compliance or risk, but is typically less egregious than “rogue.” These sometimes include merchants who are operating legally in one jurisdiction but not in others. Most unapproved healthcare merchants are disallowed from search engine advertising, major e-commerce platforms, and payment processing until they address the regulatory problem.
  • Unverified (or, for some merchants, “Inapplicable”). These are neutral descriptors and usually denote the absence of an obvious problem. Many “unverified” merchants are those that, at a cursory glance, pose no glaring compliance issues, but which have not been subjected to our certification or voluntary monitoring programs.
  • Legitimate. The applicable website is not LegitScript-certified, but has received accreditation or certification from other entities that LegitScript recognizes, such as the NABP.
  • Certified. The website is LegitScript-certified, meaning it has been vetted through LegitScript's rigorous review processes and is monitored on an ongoing basis.

How do you know if a supplement, cosmetic or other similar product is being legally sold or marketed? LegitScript maintains the world’s largest, most authoritative database that classifies such products by type and safety profile or legality. Categories of products include:

  • Red Flag. These products should not be marketed or sold because they (1) contain ingredients that are not permitted or otherwise restricted in certain jurisdictions; (2) are unsafe or have no currently accepted medical use with a high potential for abuse; (3) are tainted with toxins or active pharmaceutical ingredients; (4) intrinsically imply the efficacy of an approved drug or controlled substance; or (5) are marketed or used for psychoactive purposes.
  • Orange Flag. These products are not always illegal, but have significant restrictions for online sales (e.g., most controlled substances, discontinued drugs, listed chemicals, etc.).
  • Green Flag. A Green Flag is reserved for prescription and Over-The-Counter drugs that have been permitted for sale by a regulatory authority. It should be noted that one drug may be “approved” in one jurisdiction but “unapproved” in another.

As part of our monitoring services, LegitScript makes our full product classifications available in bulk to payment processors, search engines, and other partners along with twice-a-month updates. Contact us for pricing.