0

So I am trying to have users in my app find each other via their address book (a la Snapchat). How do I go about this?

I can have access to the user's address book so I would be able to associate each number with a user (I verify this via text for each user). Once I have all these users associated though, would I have to compare each phone number to my data base (Parse) in order to have a section of "Friends who have MyApp"? Otherwise, how can I grab an address book of X user and tell them which of his contacts have the App already installed?

Also, I have read in many places I should not upload their contacts info to my backend.

Help?

apolo
  • 441
  • 4
  • 18
  • Yes, you would upload the user's phone number to your server and use it to compare against people's contacts lists, essentially building out a "graph" of friends. – Dima Aug 22 '14 at 05:40
  • I'm really interested to know what solution you ended up going with? I'm thinking of doing something very similar – brian Scroggins Sep 30 '15 at 08:15

1 Answers1

0

First thing that comes to my mind is to store each user's phone number as well. However, you might be right about not to upload their contacts to your server even though you do ask for confirmation that you're going to access their contact list.

I'll put forward another idea, how about storing their contact list as encrypted data? Thus, even you personally won't be able to reach any of the contact info. Use an irreversible encryption algorithm like sha512 and then store these phone numbers as encrypted strings. Each time a user requests if his/her contacts are exist in your database, encrypt each phone number locally and make a request if those strings exist in your DB. This implementation is really similar to common password storing techniques and I believe it is quite secure -and ethical.

Related: How can I compute a SHA-2 (ideally SHA 256 or SHA 512) hash in iOS?

Community
  • 1
  • 1
kubilay
  • 5,047
  • 7
  • 48
  • 66