Mark: thanks for your reply.
We need something else(other than username-password) to identify a user.
As regards MSISDN, google pointed to a
thread which suggested this:
to identify a Handset; but with a caveat: this simply identifies the device, not the user(Echoing what you've said
).
A few google searches later, I found something called
ASID(Anonymous Subscriber ID), which some of the operators already use to identify a user. Maybe, we can use something like that.
Haven't decided anything yet; this is still open...