问题
I have 2 questions, from a WEBSITE perspective (not a native mobile app), is it possible to
A) Retrieve a users phone number without asking them (I'm assuming no for security reasons). This is purely with the user's consent with this service, this isn't anything sketchy. In fact, we would probably directly ask "Can you confirm this is your number?" YES/NO)
B) If the answer is no, which im sure it is, is there a way to unique identify a user so they dont need to enter their number in manually every time (only the first time)? Do cookies work the same as they do on websites as on mobile browsers? Like could i store a permanent cookie with their number so if they visit the website on their mobile device the description changes to "Click here to change your number from _____". We could store the phone number in our database rather than in the cookie.
回答1:
I think the best way to deal with this would most likely be to use an approach such as that of Google App Engine servers used in mobile service servers, in which the user is assumed to have (or create) a google account, and an appropriate API is used, which will consequently allow you to identify the user.
Of course that you are not forced to use a Google account nor make the users make one, and you can have your own system of accounts and/or cookies, although Google accounts are broadly used in many of these servers since Android users necessarily have Google Accounts associated with their devices. I'm aware though, that your question also includes the iPhone tag.
回答2:
There are four ways:
Create user-accounts
I guess that is out of discussion, when someone has to log-in he can as well enter a number. Plus you need one of the below to actually match the login with the request.
Try your best at all possible cookies (yes there are different ones):
http://samy.pl/evercookie/
Or identify the user with other properties:
Location, IP, http://lucb1e.com/rp/cookielesscookies/ , http://browserspy.dk/ , etc
Second is not really secure, so random number can be "proposed" to you, which can be a privacy concern. So you should blank out a few Digits (eg replace them by a * or something).
I think actually you can pretty much rely on cookies nowadays. If someone deletes the cookies he want every website to forget about him and I feel it as a Penetration of my privacy if someone tries to work around that.
Last, but maybe best:
- Custom Links. I mean thats awesome. You can bookmark it, you can just put a "?nr=123512351" at the end of every URL. That's it. Works 100% (even on 1990 Browsers. 1990 BC :P). No issues.
来源:https://stackoverflow.com/questions/11585082/can-i-uniquely-identify-a-mobile-device-from-a-website