I do not think that it is a marathon " who has it bigger ".
But if you want, to " count it ", I have 18years now exprerience, doing B2B for companies where you would only dream to work for and coding private systems, which you will only see in your dreams. ( so, the 10 years doing mobile apps, is a joke for me ).
Going further, every device has a unique number, which is identifing the device.
The devices can send that ( and they do ) when you visit a site or something similar.
There are options and systems that allow users to login, only with the unique number and nothing else is needed.
Those codes can also be different, if the login is from a WiFi or Data streaming, but again, there are other types of validation that can be combined, example is identify the ID together with an SMS or something similar.
Again, it is all about the person who codes and if you