Following is the scenario:
I have an web application accessible via mobile browser.
I need to detect a mobile device IMEI and sim IMSI whenever an user clicks on link in my app page accessible via web browser. This is to track the same device with same SIM and provide him/her next level of access. User cannot be tracked using loginid as there is no user login kind of option in my page.
The question is how to get unique device id/sim id via mobile browser for a specific mobile device.
For now I am focusing on android based mobile devices. But the target is to make it generic to devices.
Focus of most of the ideas is, what is the kind of access a browser has over the phone and its app?
From a browser link we can open a local app in the following way:
Get Details
here productcateory will uniquely identify a local app and invoke it. But its one way communication. How to get back some response from the point of invocation and populate some hidden form field dynamically.
Via webpage scripts we can store some data locally at client machine and retrieve it later. but the scope is limited and it is no way connected to IMEI or IMSI number.
Is there a way to get a hook to mobile browser app(remember it's like any other mobile application) from the webpage and get the id details via scripts in my page?
Is there any option that html5 provides in this regard? I know there is a localstorage tag in HTML5 and one can store an id in the client location and retrieve it later. But this is limited to the same device and same mobile browser and also this is a different solution to get the imei/imsi number
Let me know if there is any other option without asking user to installing a local app or browser plugin on the device?
~inkriti
For very good reasons it is impossible for the web browser to access the IMEI or IMSI numbers of a mobile phone, without some dastardly hacking that the dev teams hadn't expected.
Also the android browser doesn't support plugins.
Your only option is to create a native app. This answer has some info that will be useful to you: Programmatically obtain the phone number of the Android phone. Its not a perfect solution however.
I would also ask why you want access to the users phone number? If its just to track session just use javascript to generate a unique id and store it in a cookie.
The original issue is probably closed, however for future reference of anyone (like myself) that comes across this question would be something like 2-factor registration with confirmation via text. The closest to getting an IMEI (impossible without native apps) would be to get the user to register and include a text confirmation - the mobile phone number in most cases will be unique, only non-unique when changing devices, and some assumptions can be made from the client-side to guess what device they have, you could even go a step further and ask them to identify the make/os of their device if you were that concerned about unique-ness. However in most use-cases a mobile number confirmation will do the job
The only reliable way is to write an app and have it send a SMS and then track the number on that end; assuming the subscriber has SMS/text service enabled. This won't work on non-phones (tablets).
It is not important, nor is it necessary and it is probably illegal to track the device (IMEI); simply track the subscriber.
Related
I have a mobile application in iOS and Android formats. I run a server containing a database of user telephone numbers, for the purposes of sending an SMS message via Twilio. However, I don't know what operating system each number is associated with. The app does not make HTTP contact with the server.
I want to send a link to each of my users by SMS, which will redirect to the appropriate app store depending on their operating system. Facebook does this - does anyone know how they do it? Do they detect the operating system via the phone number?
Basically, once user click on that link it should automatically redirects to appropriate app store.
Ah. You have users DB represented by the phone number only, right? So you don't actually know which smartphone user has Android or iOS. In this case you should use a special universal url (sent in SMS, most probably shortened) linked to a special webpage on your server with special js (JavaScript, web devs should help on this) intergated. This script should detect which type of device user is using while viewing a webpage and simply redirect to the corresponding market. Also you could provide just both app market links on your page so it will be up to user to choose - in this case no js needed, it could be a very simple html page.
I am making a webapp which will coordinate with an iOS and Android application. There will be a two types of accounts. One will be primarily on the website and the other will be primarily on the Android or iOS app. This question may be too broad, but I'm looking for an authentication pattern which will work for this setup and make sure that the right web account is pairing with the right mobile account. Here's what I've got so far and am hoping you can provide some feedback...
When a mobile app is installed, it will reach out to the server with information such as name and phone number to which a UUID will be returned.
If the web account wants to link with a mobile account, the web account must enter the phone number of the mobile app they want to link to. The server then sends a message to the mobile device so that user can confirm the pairing.
Are there drawbacks to basing the account id on a phone number? Is there a better way to do such two factor authentication? Sorry if this is too vague or undirected and thanks for any help!
Phone number is a bad UUID because there is no way to get the phone number. Other than asking the user. Not reliably. Also, some devices allow dual sims (home and work) and thus would have multiple phone numbers.
A better way is to use the android device id. But even that isn't that great- I could write an app that calls your service with whatever id I want. There's a reason RSA keys use a cryptographic token that changes every minute- it requires you not only to know the id, but to know what the id is now. Otherwise you'd just need to have found out the secret id once and you're in for life.
Is it possible to get a device's telephony ID, MAC Address, serial number, and/or Android ID through a mobile website?
That is, not through a downloadable app, but through a link that the user goes to in the browser on their mobile device?
If so, how?
No, this is not possible. Even for native apps, device identity information is safeguarded behind the READ_PHONE_STATE permission.
As websites cannot request permissions, you cannot retrieve this information outside of an app.
You said you need a unique(ish) ID on a website.
Look into UserAgents: http://en.wikipedia.org/wiki/User_agent which will tell you what kind of device/browser is viewing your webpage
And you can also retrieve the IP address of the user, which may change in future requests to your website.
You could also attempt to store a cookie, but the user may delete their cookies at any time.
For specifics on how to get these, it depends on what your web site is built with.
I am developing a sencha based application for iPhone & Android. As a S/W requirement, i need to identify device (on the basis of IMEI or MAC address) accessing the service.
e.g. If a user of iPhone visits my sencha-web-app first time, he will need to register. And if he visits again, Application will detect and registration process will be skipped.
Q: How can i get IMEI or MAC of device using sencha, to identify it uniquely?
You will need to wrap your Sencha application in a native wrapper. I recommend using PhoneGap, they have a nice UUID property as documented here: http://docs.phonegap.com/en/1.3.0/phonegap_device_device.md.html#device.uuid
If this is a web app running in the browser there is no way to get that information. On iOS, the IMEI is actually restricted information that you can't access anyway. If you simply want to remember users, the standard way would be to just use a cookie. Is there a particular reason you want to tie this to a hardware identifier and not use a cookie?
I am currently building a system for mobile phones, the system requires some sort of a login sequence and at the moment I am just using an MD5 generated API which is connected to the user in the database but this is using sessions and so on and has so far proven to not be as good as I had hoped, so now I am trying to build a new login where the user enters the API once and the system detects some sort of ID from the phone, like the SID or MIN or something like that, I have no idea this is possible or not. So to recap
Is what I have described possible?
What is the most reliable ID that I could fetch from the mobile device?
How would I go about fetching this ID?