[Openid-specs-mobile-profile] Twitter didgits
sakimura at gmail.com
Thu Oct 23 09:12:50 UTC 2014
My read is the same.
LINE started off in a similar fashion.
In fact, many of the WAP applications in Japan were like this.
It is kind of OK for on-boarding the user.
However, unless you do the following, it will cause problems down the road.
- Generate hardware dependent identifier that is readable from the app
and associate it with the number.
This is to mitigate the impersonation through phone number reassignment
- This implies that you need to have some way of re-associating the user
when the user looses ore changes handset.
- Thus, you need to actually generate a persistent identifier behind the
scene and associate phone number and handset info to it. Also, you need to
establish a secondary credential that the user can use in the circumstances
of lost/changed handset.
>From a brief look at the web page, I could not figure out if they are doing
2014-10-22 23:42 GMT-05:00 Tim Bray <tbray at textuality.com>:
> To some extent, it was WhatsApp taught the world that huge numbers of
> people are happy to be known by their phone number and not much else.
> On the other hand, the new hotness in Enterprise chat is called Slack
> and it’s really very good. It has a traditional login flow but when
> you’re trying to do login/password on your mobile device it pops up
> and says “Would it be easier if we just emailed you a PIN?” and it
> usually is. So email isn’t dead.
> On Wed, Oct 22, 2014 at 9:08 PM, Adam Dawes <adawes at google.com> wrote:
> > That's my read too. Twitter's partial answer to Facebook's Parse. We
> > this is interesting and shows the trend away from email centric accounts.
> > -------
> > sent from my hand phone
> > On Oct 22, 2014 12:51 PM, "John Bradley" <ve7jtb at ve7jtb.com> wrote:
> >> Anyone know anything about this?
> >> https://dev.twitter.com/products/digits
> >> It seems like a simple on-boarding service that confirms a phone number
> >> SMS, but I may be missing something.
> >> John B.
> >> _______________________________________________
> >> Openid-specs-mobile-profile mailing list
> >> Openid-specs-mobile-profile at lists.openid.net
> >> http://lists.openid.net/mailman/listinfo/openid-specs-mobile-profile
> > _______________________________________________
> > Openid-specs-mobile-profile mailing list
> > Openid-specs-mobile-profile at lists.openid.net
> > http://lists.openid.net/mailman/listinfo/openid-specs-mobile-profile
> - Tim Bray (If you’d like to send me a private message, see
> Openid-specs-mobile-profile mailing list
> Openid-specs-mobile-profile at lists.openid.net
Nat Sakimura (=nat)
Chairman, OpenID Foundation
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Openid-specs-mobile-profile