laurahsisson
commented
6 years ago Maybe have the server send back a sort of key back to the user and further calls require that key? Then that would just be sending the emergency ID back to the user which I think is a bad idea.
It is possible to start an emergency without signing the EULA by sending an SMS to the server containing a device id the user made up by themselves. However, if the user enters arbitrary device ids to the server, it is possible for them to hijack an emergency.