5

The firebase phone auth documentation states: 

Phone numbers that end users provide for authentication will be sent 
and stored by Google to improve our spam and abuse prevention across 
Google services, including but not limited to Firebase. Developers 
should ensure they have appropriate end-user consent prior to using the 
Firebase Authentication phone number sign-in service.

I believe I will have to display some sort of disclosure when asking for a user's phone number, but I'm not really sure what it should say. Can anyone provide an example? I used Digits/Fabric at one point, and it had a bunch of links to various privacy policies and ToS on the phone number collection screen, but now that they've joined with Firebase I'm kind of confused about what's necessary.
Thank you!

Sid Mani
  • 369
  • 3
  • 9

1 Answers1

1

firebaser here

FirebaseUI-web displays the following before sending the SMS:

By tapping Verify, an SMS may be sent. Message & data rates may apply."

On the screen where the user enters the confirmation number, it displays:

By tapping Continue you are indicating that you agree to the <a href="tos">Terms of Service</a>

With the tos link being one that you as the developer provide. The reason it leaves the exact content open to you is that it partially depends on the jurisdiction that your app is under.

All we can do is tell you what we use the phone number for:

Phone numbers provided for authentication will be sent and stored by Google to improve our spam and abuse prevention across Google services, including but not limited to Firebase.

Frank van Puffelen
  • 565,676
  • 79
  • 828
  • 807