Passwords. They’re a pain, aren’t they? Single sign-ins are much more convenient, but when you link accounts together across the internet, there’s a high chance they’re all going to chat about you behind your back. “Andy was looking at coffee machines yesterday,” says one, and the other replies, “Interesting … Best show him some more. Forever.”
Rather than facilitate this kind of gossip, Apple wants you to use its new Sign In with Apple service, which promises to free you from password hell, without selling your soul to the advertising devil. But will it — and at what alternative cost?
Sign in safely
Based on what Apple has told us, Sign In with Apple is a superior alternative. There’s a reason the cheers were so loud when Apple’s software Vice President Craig Federighi talked about Sign In with Apple during the WWDC 2019 keynote; it adds a much needed layer of anonymity to using a competing single sign-in.
Linking your Apple account to a third-party service, where the data won’t be sold or applied to an advertising model (according to Apple) is only the start. The magic happens when you have to provide an email, as Apple assigns a private, random email address that forwards information to you, and is easy to cut ties with.
“This is a really intriguing feature with some clear advantages over Apple’s two main competitors.”
“To my knowledge, Apple is the first company to offer the flexibility of signing into services using a fully anonymous proxy email address, so that emails from the service get redirected to your real email inbox,” Josh Long, chief security researcher at Intego Mac Security, told Digital Trends. “This is a really intriguing feature with some clear advantages over Apple’s two main competitors in the space, Facebook and Google.”
Why is this a major positive? It stops different data sharing companies from linking your email address across different accounts; it ends the need to create new passwords (or in a more realistic scenario, endlessly re-use an existing one), and helps minimize reliance on Facebook and Google. Remember, while Apple wants to portray itself as a trustworthy digital deity and provide a genuinely helpful tool to you, it’s equally as interested in goosing two of its arch rivals and smugly watching them stumble around trying to catch up.
Using Google and Facebook generally, not just for a single sign-in service, has long been a trade-off between privacy and convenience. Someone, somewhere, has to make money from all these products and it’s usually from your data. But recently, scandals have made us wary about not only how skewed this trade-off is in the company’s favor, but also how safe all our data is with them at all.
From the Cambridge Analytica scandal to Google’s data transparency fines in Europe, and Facebook’s data sharing activities making all the wrong headlines, the time is right for a crusading corporation to swoop in and offer us a cleaner, fairer security system that’s less about them and more about us.
“Apple claims that it treats customer data [in a better way], and seeks to protect its users’ privacy,” Long said. “To date Apple has a better track record of maintaining customer privacy than Facebook and Google.”
Is Apple really better?
Apple isn’t an advertising company, and although the data it does collect will inevitably be used to build internal profiles, they are less likely to be used in ways that are annoying, or viewed as invasions of privacy. Then there is the fact Sign In with Apple will be linked to biometric authentication on our iPhone and iPad, has mandatory two-factor authentication, and data will be stored securely on device or in Apple’s servers, giving peace of mind.
Apple also operates a very tightly controlled ecosystem. Just a few moments after becoming part of the Apple family, you’re already in deep. The App Store is only for one set of devices, Apple diligently approves content, doesn’t let anything too risque through the doors, keeps the kids safe, and generally acts like a big, benevolent overlord. Sign In with Apple will only pull you deeper inside.
There are holes in Apple’s strategy. One that has caught attention is how Apple will force developers that already offer single sign-in solutions in an app to provide Apple’s own as well, and display it above other options. I’m sure there are deeply technical reasons (entirely not connected with any data sharing revenue) why some developers are taking umbrage with this, beyond having to find room for another button on the screen, but for you and I, this is excellent news. We will be presented with three options, one of which at the moment is better than the others, at start up.
Long did issue a warning about using the proxy Sign In with an Apple email address:
“All emails from the company with which they’re signing up will pass through Apple-controlled mail servers,” Long said. “In other words, Apple can potentially see or modify the communications you receive from the other company. As long as you trust Apple, that may not be a concern, but it’s something to consider.”
What’s Apple’s angle?
What does Apple gain from all this then, if it doesn’t revolve around data? So far it’s not clear how Apple plans to make money from Sign In with Apple, if it does at all. However, Long provided some insight into Apple’s potential plan:
“If you have connected many services to your Facebook account, for example, it is a lot of additional effort if you ever decide to delete your Facebook account,” he said. “The same applies to the new Apple service: you would have yet another reason to keep buying Apple hardware and avoid switching to competing platforms like Android.”
Sign In with Apple encourages brand loyalty.
Apple is rapidly reinventing itself as a services company rather than a hardware company, but the App Store, iCloud, and Apple Music all still rely on people using an iPhone, an iPad, or a Mac. Sign In with Apple encourages brand loyalty, essential to the continuation of Apple’s money-making services.
Should you use it?
Long talked us through why single sign-in systems work well for us:
“The main benefit of single sign-in solutions is convenience, because you are not required to memorize, or record in a password manager, quite as many unique combinations of usernames and passwords. It can potentially have positive security implications, assuming that you have a unique and strong password with two-factor authentication enabled (ideally not SMS-based); this can help you maintain a good security posture across the many services you have connected with your single sign-in account.”
The random, private email address that can be optionally added to Sign In with Apple is a benefit no others provide, so as long as you don’t mind moving deeper inside Apple’s walled garden. It’s shaping up to be the single sign-in service to use when it launches later this year. If enough people opt for Apple’s more private service, perhaps it’ll encourage Google and Facebook to change their ways for the better too.
