New User (Again)

Hi,

I have just built a small messaging app where users sign up with their mobile number, and a verification code is then sent to their mobile.

As soon as a user enters their name on the Sign Up screen, the account is created and the status is set to ‘created’.

Once the enter their phone number, the account status is updated to ‘pending’.

As soon as the enter the verification code, the account status is set to ‘live’.



How should i handle the following case:

A user signs up and is live on the app. They use it for 1 week, sending and receiving messages. The user looses their phone, and downloads the app on their new replacement phone, however the mobile number is the same as their previous account.

What is the best option:

A - allow the user to sign up on multiple devices with the same number (does this mean push notifications will be sent out to all of the devices AND all data will be downloaded to two devices)
B - make the mobile number unique and destroy all the previous data when a user enters a new mobile number AND verification code (if they have entered the verification code, then they obviously own the phone, so we should delete all previous data for this person)
C - any other suggestions

Thanks in advance for your help.
oo7mlAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Big MontySenior Web Developer / CEO of ExchangeTree.org Commented:
I'm not sure but when someone loses their phone and gets a new one, the phone number associated will only work with the new phone once it's set up and will automatically stop working on the first phone.

If your app uses the phone number to identify users you shouldn't need to change anything.
0
Scott Fell, EE MVEDeveloper & EE ModeratorCommented:
BM is on the right track.   You want to identify the installation of the app not the device.  There are multiple ID's you can associate to your app but in this case, it is suggested to no use a physical device.  

http://android-developers.blogspot.com/2011/03/identifying-app-installations.html

How you actually do this will depend on the os or app system you are using.

I would also suggest building in some type of fraud detection.   If a user typically sends 10 messages a day and you detect 30 messages in an hour, some type of alarm should go off.    If you are using a 3rd party messaging app, there may be triggers available in the api.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Development

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.