Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Email confirmation best practices for mobile apps

Tags:

mobile

email-verification

So I'm writing a mobile app and have reached a point where I need to allow users to register a username. I'm doing this by asking for an email address, username and password.

Typically, it's been normal to set this sort of thing up on the web by having the user confirm his email address by clicking on a link sent to his inbox.

Needless to say, on a mobile app this is a bit clunky as the user will be redirected out of your app and into his browser.

So I had a look at how other mobile apps are doing it (WP7) and was surprised to see that DropBox and Evernote both allow you to sign up without confirming your email address. The end result of this is that I was able to sign up with completely bogus email addresses and/or valid email addresses that don't belong to me.

I assume this is done on purpose.

Your thoughts?

like image 469
Senkwe Avatar asked Jun 25 '12 22:06

Senkwe

2 Answers

I came across the same issue when writing a social networking style app. I chose to have the user create a username and then provide and email and password. I do not verify the email address and I've never attempted to send any email to them (yet).

What I would suggest would be alternate ways to validate a users email address. My app allows users to do Facebook Connect. All they have to do is log into Facebook, and the app talks to Facebook to confirm that they are using a valid email address. No need to verify it with a URL in an email.

I believe Twitter has a similar service and there may even be a few others that provide an API.

I've also discovered that a lot of people just want to tinker around in the app and not create an account at all. It's definitely a balancing act

like image 92
Brian Avatar answered Oct 04 '22 17:10

Brian

I'd say it depends on your app and how important it is to ensure users have valid email addresses. In an app I'm creating now, we want to discourage users from signing up with multiple bogus accounts (because our system could be gamed that way) so we're not allowing users to log in until their email address if verified. On other sites however, it might not be such a big deal so why bother users with that extra step?

As for a mobile device, I don't see why you can't still send a verification email that sends them to your website to verify their email address. There are plenty of mobile apps that also have a website users can log into to manage their account.

like image 20
kbosak Avatar answered Oct 04 '22 19:10

kbosak
Sign in to Comment

Related questions

Error Message: emulator-arm.exe has stopped working
Using the new Devise for authentication for a mobile app
Safari Viewport Bug, Issues with Fixed Position and Bottom or Top
Determine and bind click or "touch" event
how to keep jquery mobile header and footer fixed?
Moving to Android from J2ME [closed]
Separate different version of a website
What's the best way to handle longtap and double-tap events on mobile devices using jQuery?
How to deploy Phonegap app to iPhone without having Apple hardware (iPhone + Mac) [closed]
Best Open Source WURFL alternative [closed]
What OpenID Connect authorization flow to authenticate mobile app users?
Why to use sqlite Database in Android?
Flurry Analytics vs Google Analytics on the mobile platform [closed]
What is the best method of re-rendering a web page on orientation change?
is it possible to get a unique identification number from a mobile device?
Rails way to detect mobile device?
Eclipse console shows:'Failed to push selection: Read-only file system'when i try to push a file
OnsenUI vs Ionic Framework
what input field type forces the number pad mobile keyboard to come up when focused?
What is the Best Framework for HTML 5 Based Mobile Development? [closed]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!