I see that most of the applications (SnapChat, WhhatsApp) do the phone number verification through a OTP/verification code.
I was just wondering why not avoid this if public String getLine1Number () gives you a valid phone number and only do verfication code based auth if the above method returns null or empty string.
I don't know how reliable is this way of doing things. Any advice is much appreciated.
Thanks
Somebody could implement a fake client and can then send whatever he likes. The server should never trust information it gets sent from the client.
No it isn't advised to do so. Phone numbers are not available in SIM for all operators, for eg in INDIA Tata teleservices you can not retrieve this number. However in some countries the operators have stored phone numbers on SIM, and we can get those. However if present it can be used to prepopulate on the Edittext and let user change it and only later SMS should be sent, if user accepts.
Most mobile operators does not store MSISDN(phone number) in the SIM.
Even if getLine1Number() returns a String, the String might not be reliable. (due to porting/MSISDN change etc.)
Programmatically obtain the phone number of the Android phone
It will be best to ask the user for the MSISDN for verification SMS.
Alternatively, you can consider to use other identifier.
Is there a unique Android device ID?
Yes, and in fact not all android devices + SIM card combinations will pour the phone number in that method. Plus, what happens if someone is using a Dual SIM card, or attempting to use their personal phone number on their second phone? You should rely on the user input when it comes to the phone number they want to be identified with.
