'Sign in with Apple' aims to replace Facebook authentication to keep user data private

Posted:
in iOS edited June 5
In a bid to increase the security of an iPhone owner's identity, Apple revealed a new log-in option for apps called Sign In with Apple, an authentication system that minimizes the amount of the user's data used, as well as helping prevent tracking by social networks.




Many apps allow users to log in and set up accounts by authenticating with a social network, such as Facebook or Google, saving the user time. The tradeoff is that the authentication system can provide the app developer with a lot of data shared from a social media account, or could allow the company behind the authentication to track the user.

Apple's answer in iOS 13 is "Sign in with Apple," an API where supported apps place the user in a fresh new account without any identifying information or other data already filled in. This gives the users the ability to add just relevant data or the information they are prepared to share, without the potential oversharing offered by Facebook authentication.

The solution also goes further in protecting a user's email account, as for apps that require an email address, the user has the option to use their actual address or an anonymous one. For the latter, Apple creates a custom email address for the user specific to that app, which automatically forwards all email from that app to the user's actual email account.

As the email addresses are specific to an app, it also means an address can be shut down if the user does not want any more emails from that service after closing their account, minimizing potential unwanted messages.

AppleInsider will be reporting live throughout WWDC 2019, starting with the keynote on Monday, June 3. Get every announcement as it happens by downloading the AppleInsider app for iOS, and by making sure to follow us on YouTube, Twitter @appleinsider, Facebook and Instagram.
«1

Comments

  • Reply 1 of 25
    rotateleftbyterotateleftbyte Posts: 1,091member
    But...
    To many millions of people, their whole world is Facebook, Twitter and everything Social Media. They won't want to change anything unless they can help it.

    As someone who has blocked every FB domain and IP address at my Router I say well done Apple but TBH this is only 5 years too late.
    supadav03AI_liaswatto_cobra
  • Reply 2 of 25
    StrangeDaysStrangeDays Posts: 7,625member
    But...
    To many millions of people, their whole world is Facebook, Twitter and everything Social Media. They won't want to change anything unless they can help it.

    As someone who has blocked every FB domain and IP address at my Router I say well done Apple but TBH this is only 5 years too late.
    This doesn't replace Facebook. It's an alternative to signing into apps that require or push you to authenticate with Facebook or Google so the app dev doesn't have to manage authentication data. Now the app dev can get the same benefit but you the user don't have to trust Google or Facebook whatsoever.
    supadav03lostkiwin2itivguylolliverradarthekatAppleExposedwatto_cobrajony0
  • Reply 3 of 25
    anantksundaramanantksundaram Posts: 19,163member
    This is brilliant. Much needed!

    I hope, however, that it will not mutate over time to involve the use of Apple's 2-factor authentication process (which is a bit of a pain IMHO).
    lostkiwin2itivguyminicoffeeAppleExposedwatto_cobrajony0
  • Reply 4 of 25
    airnerdairnerd Posts: 664member
    THANK YOU APPLE!  I have never used Facebook to log into anything, because I trust them (somehow) less than I trust Google.  I just imagine if I use Facebook to sign in then they will target friends and family with whatever the site wants to sell.  Instead I'll just use my anonymous email to sign up for sites so I stay somewhat anonymous except for what they can glean from me reading/writing/etc their site.
    allmypeoplelostkiwiAI_liasn2itivguywatto_cobrajony0
  • Reply 5 of 25
    kkqd1337kkqd1337 Posts: 199member
    Good idea. But whilst our data is someone else’s business model we will never be safe. Why should we trust Apple more than any other company? I wouldn’t.
    edited June 3
  • Reply 6 of 25
    StrangeDaysStrangeDays Posts: 7,625member
    kkqd1337 said:
    Good idea. But whilst our data is someone else’s business model we will never be safe. Why should we trust Apple more than any other company? I wouldn’t.
    Because Apple's business model is selling to and supporting end users. Google & Facebook's is selling to and supporting advertisers. Big difference. If you think they're the same and don't trust Apple more than the other two, that's your choice, but it doesn't reflect the behavior we see here IRL.
    lostkiwillamaminicoffeemacxpresslolliverradarthekatairnerdAppleExposedwatto_cobrajony0
  • Reply 7 of 25
    lostkiwilostkiwi Posts: 600member
    airnerd said:
    THANK YOU APPLE!  I have never used Facebook to log into anything, because I trust them (somehow) less than I trust Google.  I just imagine if I use Facebook to sign in then they will target friends and family with whatever the site wants to sell.  Instead I'll just use my anonymous email to sign up for sites so I stay somewhat anonymous except for what they can glean from me reading/writing/etc their site.
    100% agree.
    I haven’t seen the keynote yet - will this work for websites too, or just apps?
    airnerdwatto_cobracornchipjony0
  • Reply 8 of 25
    AI_liasAI_lias Posts: 295member
    Amen! Good job Apple!
    airnerdwatto_cobrajony0
  • Reply 9 of 25
    Cool idea, but all those apps that use Sign in with Facebook/Google WANT that user data so most will most likely NOT offer the sign in with Apple on their apps, sadly
    pigybankwatto_cobracornchip
  • Reply 10 of 25
    mjtomlinmjtomlin Posts: 1,858member
    Cool idea, but all those apps that use Sign in with Facebook/Google WANT that user data so most will most likely NOT offer the sign in with Apple on their apps, sadly

    You've got it backwards. The service gets to see what sites you log into - that's how they track you. The upside to using them, is that your site can possibly be plastered all over those services via that users account. The incentive to using something like Apple badge is that you may attract more security/privacy conscious users to your site.

    I, myself, do not have an account for either Google or Facebook. So the apple badge will be a welcomed addition.
    radarthekatAppleExposedwatto_cobracornchipjony0
  • Reply 11 of 25
    SpamSandwichSpamSandwich Posts: 31,131member
    This is brilliant. Much needed!

    I hope, however, that it will not mutate over time to involve the use of Apple's 2-factor authentication process (which is a bit of a pain IMHO).
    Two-factor is a bit of a pain, but it has saved some of my accounts from being hijacked multiple times.
    lolliverwatto_cobra
  • Reply 12 of 25
    But...
    To many millions of people, their whole world is Facebook, Twitter and everything Social Media. They won't want to change anything unless they can help it.

    As someone who has blocked every FB domain and IP address at my Router I say well done Apple but TBH this is only 5 years too late.
    I, like you, wanted something like this 5 years ago but the future has to start somewhere.  Hoping this will be adopted quickly by developers. I will certainly be utilizing it!
    chaickalolliverradarthekatwatto_cobrajony0
  • Reply 13 of 25
    mjtomlin said:
    Cool idea, but all those apps that use Sign in with Facebook/Google WANT that user data so most will most likely NOT offer the sign in with Apple on their apps, sadly

    You've got it backwards. The service gets to see what sites you log into - that's how they track you. The upside to using them, is that your site can possibly be plastered all over those services via that users account. The incentive to using something like Apple badge is that you may attract more security/privacy conscious users to your site.

    I, myself, do not have an account for either Google or Facebook. So the apple badge will be a welcomed addition.
    Don’t get me wrong, I hope this catches on like California wildfires. But I seem to recall there were articles a few months back stating that apps and sites that use the Facebook/Google sign ins have access to The users Facebook/ Google date, including things like contacts, even when privacy setting were set to not share those items on those services.
    watto_cobra
  • Reply 14 of 25
    pigybankpigybank Posts: 164member
    This is gonna suck for gaming and playing friends. 
  • Reply 15 of 25
    MplsPMplsP Posts: 1,373member
    kkqd1337 said:
    Good idea. But whilst our data is someone else’s business model we will never be safe. Why should we trust Apple more than any other company? I wouldn’t.
    Because Apple's business model is selling to and supporting end users. Google & Facebook's is selling to and supporting advertisers. Big difference. If you think they're the same and don't trust Apple more than the other two, that's your choice, but it doesn't reflect the behavior we see here IRL.
    Any time you store anything on an external server, you are trusting someone else with your data, whether that’s facebook, Amazon or Apple. Everyone has their own level of comfort. Some people actually believe Facebook cares about privacy. 

    As strangedays says, Apple has historically not used personal information to generate revenue, unlike Facebook, Amazon and Google. If you don’t trust Apple then by all means don’t use the service. For many people it’s a welcome addition. 
    StrangeDayschaickaAppleExposedwatto_cobrajony0
  • Reply 16 of 25
    chaickachaicka Posts: 112member
    Excellent news and I will jump onto it when available.

    The ability to mask the real email address is not a new technology. Namecheap.com's WhoisGuard feature is the same approach which masks real email address with random generated email address and it changes every 7 days (at max setting).

    Nonetheless, it is really great that Apple is offering this feature with its 'Sign In with Apple' service offering.
    watto_cobrajony0
  • Reply 17 of 25
    apple ][apple ][ Posts: 8,657member
    Excellent feature!

    Many ignorant people out there might not care about privacy, but Apple has always been way better than anybody else when it comes to privacy.

    Those FB/Google logins have always annoyed me, since I use neither, but I will not have any hesitations at all using Apple log in. Bring it on!
    AppleExposedwatto_cobrajony0
  • Reply 18 of 25
    gatorguygatorguy Posts: 20,617member
    mjtomlin said:
    Cool idea, but all those apps that use Sign in with Facebook/Google WANT that user data so most will most likely NOT offer the sign in with Apple on their apps, sadly

    You've got it backwards. The service gets to see what sites you log into - that's how they track you. The upside to using them, is that your site can possibly be plastered all over those services via that users account. The incentive to using something like Apple badge is that you may attract more security/privacy conscious users to your site.

    I, myself, do not have an account for either Google or Facebook. So the apple badge will be a welcomed addition.
    Don’t get me wrong, I hope this catches on like California wildfires. But I seem to recall there were articles a few months back stating that apps and sites that use the Facebook/Google sign ins have access to The users Facebook/ Google date, including things like contacts, even when privacy setting were set to not share those items on those services.
    Only when the site requests it and the user grants it where Google is concerned AFAIK. Before clicking OK the site tells you what they would like to link connected to you. Typically it's your name and email. If you're booking a flight on your favorite travel site and logging in with Google it might ask for permission to write to your Google Calendar too for instance, but you still have to agree. 

    I'm not a Facebook user so no idea how they operate. TBH it looks like Apple's system may be an improvement on Google's so maybe something they might entertain "copycatting", tho I've not read what exactly Apple will share with the user's permission completely detailed nor how sites that interact with it will do so. 
    watto_cobra
  • Reply 19 of 25
    AppleExposedAppleExposed Posts: 936unconfirmed, member
    Apple users: 1

    FB/Goog: 0

    mjtomlin said:
    Cool idea, but all those apps that use Sign in with Facebook/Google WANT that user data so most will most likely NOT offer the sign in with Apple on their apps, sadly

    You've got it backwards. The service gets to see what sites you log into - that's how they track you. The upside to using them, is that your site can possibly be plastered all over those services via that users account. The incentive to using something like Apple badge is that you may attract more security/privacy conscious users to your site.

    I, myself, do not have an account for either Google or Facebook. So the apple badge will be a welcomed addition.
    Don’t get me wrong, I hope this catches on like California wildfires

    I read somewhere that all Apple apps will require it. With FaceID support this will catch on faster than any competitor.

    But...
    To many millions of people, their whole world is Facebook, Twitter and everything Social Media. They won't want to change anything unless they can help it.

    As someone who has blocked every FB domain and IP address at my Router I say well done Apple but TBH this is only 5 years too late.

    Why are people confusing this as a social media platform??? 

    kkqd1337 said:
    Good idea. But whilst our data is someone else’s business model we will never be safe. Why should we trust Apple more than any other company? I wouldn’t.

    Oh please. You remind me of the iKnockoff Knights who claim Apple sells user data and when asked for proof their reply is "YOU don't know!" All while using Google devices/services.
    edited June 4 watto_cobrajony0
  • Reply 20 of 25
    gatorguygatorguy Posts: 20,617member
    Oh please. You remind me of the iKnockoff Knights who claim Apple sells user data and when asked for proof their reply is "YOU don't know!" All while using Google devices/services.
    ...who also doesn't sell user data and those that claim they do never have proof of it either. The internet is full of disinformation masquerading as fact. 
    jony0
Sign In or Register to comment.