I hope they fix this soon. It is really frustrating. I’ve lost days and lots of dollars trying to get my phone number set up via long codes.
As an earlier poster pointed out mobile phones can be bought cheaply so whilst they are a better unique ID than an email address, they’re not much better. Using an email address and verifying that is well established and painless. Using an SSL cert is the opposite end of the scale where you have to have someone vouch for you. Mobile phones are somewhere in between. The usual solution to verifying a mobile number is to send a PIN to it and then have the recipient key that in to a web page. That confirms they have that phone. Banks do this all the time and it doesn’t require a complex sequence of SMSes all arriving in the right order. If they could do that and just let you type your phone number into a box on your twitter account page, that’d provide a reasonable way of proving who you are. (I don’t know how well this works in other countries. It works well in Australia). For companies with multiple apps (lots of examples above) the ability to register lots of apps against one, company, mobile would be needed. If they needed to enter a PIN sent to the mobile that’d prove that they have the mobile and it’s not not just everyone using that one number.
If the concern is abuse perhaps most of that could be stopped by preventing apps posting “too many” tweets in a time frame. It’d need to be based on “app and username” because if I sold or gave away 1000 copies of an app that tweets once a day the app’d seem to tweet 1000 times a day. Not that that stops apps posting mean / hateful / copyright-infringing tweets. Or people doing the same. The real problem with apps is they can post more bad things faster.
Setting a rate limit should work for most of us. It mightn’t work for the guy with the contest app. If that logs in with a single account (the developer’s) it might generate a lot of tweets (with the entrants’ mobile number or details) Perhaps they’d need a special limit, a probation period, then unfettered access.
There are pros and cons to lots of this. It seems hard to come up with something that will work for everyone and can’t be abused. They’ll need to automate what is and isn’t allowed somehow. I’d hate to have to personally vet every twitter user that want’s to use an app. Perhaps levels with greater scrutiny as the level of use goes up. Eg r/w 48 or 96 tweets per day is automatic. More requires a bit of vetting (eg account established for over a month). Even more requires more vetting.
Ideas only. If they need something, it does need to be better than the current approach.
