'Sign in with Apple' aims to replace Facebook authentication to keep user data private
In a bid to increase the security of an iPhone owner's identity, Apple revealed a new log-in option for apps called Sign In with Apple, an authentication system that minimizes the amount of the user's data used, as well as helping prevent tracking by social networks.
Many apps allow users to log in and set up accounts by authenticating with a social network, such as Facebook or Google, saving the user time. The tradeoff is that the authentication system can provide the app developer with a lot of data shared from a social media account, or could allow the company behind the authentication to track the user.
Apple's answer in iOS 13 is "Sign in with Apple," an API where supported apps place the user in a fresh new account without any identifying information or other data already filled in. This gives the users the ability to add just relevant data or the information they are prepared to share, without the potential oversharing offered by Facebook authentication.
The solution also goes further in protecting a user's email account, as for apps that require an email address, the user has the option to use their actual address or an anonymous one. For the latter, Apple creates a custom email address for the user specific to that app, which automatically forwards all email from that app to the user's actual email account.
As the email addresses are specific to an app, it also means an address can be shut down if the user does not want any more emails from that service after closing their account, minimizing potential unwanted messages.
AppleInsider will be reporting live throughout WWDC 2019, starting with the keynote on Monday, June 3. Get every announcement as it happens by downloading the AppleInsider app for iOS, and by making sure to follow us on YouTube, Twitter @appleinsider, Facebook and Instagram.
Many apps allow users to log in and set up accounts by authenticating with a social network, such as Facebook or Google, saving the user time. The tradeoff is that the authentication system can provide the app developer with a lot of data shared from a social media account, or could allow the company behind the authentication to track the user.
Apple's answer in iOS 13 is "Sign in with Apple," an API where supported apps place the user in a fresh new account without any identifying information or other data already filled in. This gives the users the ability to add just relevant data or the information they are prepared to share, without the potential oversharing offered by Facebook authentication.
The solution also goes further in protecting a user's email account, as for apps that require an email address, the user has the option to use their actual address or an anonymous one. For the latter, Apple creates a custom email address for the user specific to that app, which automatically forwards all email from that app to the user's actual email account.
As the email addresses are specific to an app, it also means an address can be shut down if the user does not want any more emails from that service after closing their account, minimizing potential unwanted messages.
AppleInsider will be reporting live throughout WWDC 2019, starting with the keynote on Monday, June 3. Get every announcement as it happens by downloading the AppleInsider app for iOS, and by making sure to follow us on YouTube, Twitter @appleinsider, Facebook and Instagram.
Comments
I hope, however, that it will not mutate over time to involve the use of Apple's 2-factor authentication process (which is a bit of a pain IMHO).
I haven’t seen the keynote yet - will this work for websites too, or just apps?
You've got it backwards. The service gets to see what sites you log into - that's how they track you. The upside to using them, is that your site can possibly be plastered all over those services via that users account. The incentive to using something like Apple badge is that you may attract more security/privacy conscious users to your site.
I, myself, do not have an account for either Google or Facebook. So the apple badge will be a welcomed addition.
As strangedays says, Apple has historically not used personal information to generate revenue, unlike Facebook, Amazon and Google. If you don’t trust Apple then by all means don’t use the service. For many people it’s a welcome addition.
The ability to mask the real email address is not a new technology. Namecheap.com's WhoisGuard feature is the same approach which masks real email address with random generated email address and it changes every 7 days (at max setting).
Nonetheless, it is really great that Apple is offering this feature with its 'Sign In with Apple' service offering.
Many ignorant people out there might not care about privacy, but Apple has always been way better than anybody else when it comes to privacy.
Those FB/Google logins have always annoyed me, since I use neither, but I will not have any hesitations at all using Apple log in. Bring it on!
I'm not a Facebook user so no idea how they operate. TBH it looks like Apple's system may be an improvement on Google's so maybe something they might entertain "copycatting", tho I've not read what exactly Apple will share with the user's permission completely detailed nor how sites that interact with it will do so.
FB/Goog: 0
I read somewhere that all Apple apps will require it. With FaceID support this will catch on faster than any competitor.
Why are people confusing this as a social media platform???
Oh please. You remind me of the iKnockoff Knights who claim Apple sells user data and when asked for proof their reply is "YOU don't know!" All while using Google devices/services.