Apple CEO Tim Cook on iOS 13's Sign In with Apple: 'We're Not Really Taking a Shot at Anybody'

[abhibeckert]

Apple's entire strategy is based on closing off its customers inside its prison/"walled garden" and only allowing contact with the external world on their terms

Do you have any evidence at all that this is the case?

They developed a mobile OS that doesn't allow any code to run if not authorised by Apple, and now even call this a "computer replacement"

I run code on my iOS devices without being authorised by Apple. Sure, if I want to deploy a binary without sharing the source code I have to get approval. But that's mostly a quick check to make sure I'm not shipping malware.

They include NFC chips in phones but only for using Apple Pay, no other services allowed

There is an NFC API for pretty much arbitrary NFC use that has been in place since iOS 11.

There was a delay of about 9 months between the initial hardware and releasing a public API, but honestly for those months there weren't that many users with the hardware anyway. They might not even have been shipping to all countries by that point.

As a developer I like their slow roll out strategy for drivers and new hardware. Several months of "in the wold" deployment gives them a chance to find and fix any serious bugs before locking down a public API that shouldn't ever be changed.

They include bluetooth chips in HomePods but only to connect to an Apple device to set up, no use for streaming audio from non-Apple devices allowed

HomePods use AirPlay. There are literally hundreds of third party devices that also support AirPlay - including any Android phone by simply installing an app.

AirPlay is better than Bluetooth. Why would anybody use bluetooth if they can use AirPlay?

Now they're targeting the internet itself with Safari and now apps putting an extra layer between the user and 3rd parties. It's true this means 3rd parties can't collect data as easily, but Apple reserves the right to collect data themselves and use their unique position to sell advertising products to 3rd parties

What? No, that isn't what Apple is doing at all. You need to go back and read up on it again. Feel free to ask if anything doesn't make sense.

 

[SDJim]

I am sincerely excited for this feature.

 

[I7guy]

Apple's entire strategy is based on closing off its customers inside its prison/"walled garden" and only allowing contact with the external world on their terms

They developed a mobile OS that doesn't allow any code to run if not authorised by Apple, and now even call this a "computer replacement"

They include NFC chips in phones but only for using Apple Pay, no other services allowed

They include bluetooth chips in HomePods but only to connect to an Apple device to set up, no use for streaming audio from non-Apple devices allowed

Now they're targeting the internet itself with Safari and now apps putting an extra layer between the user and 3rd parties. It's true this means 3rd parties can't collect data as easily, but Apple reserves the right to collect data themselves and use their unique position to sell advertising products to 3rd parties

What third parties does Apple sell to? Got proof?

 

[calzon65]

So what … we shift power from one powerful company(ies) to another … why should we believe Apple is so honorable … especially since today it looks like the DOJ and FTC are starting antitrust probes into all the major tech companies including Apple, Facebook, Google, etc.

 

[DipDog3]

Randomized e-mail for each app, sounds like a great idea. Can’t wait!

 

[Westside guy]

Funny that I log into apple with my gmail ID..

Oh, great. First time you "Log in with Apple", the Internet is gonna break.

 

[Zachari]

As a developer, I don’t like this new rule that I “have” to use Apple’s solution with other third party login option of my choice. I guess I should just only have my app available on other competing app stores...oh, wait. There isn’t one.

I do. I won’t use apps that don’t use Apple Sign On.

 

[HeinMeling]

especially with such a quick deadline.

How hard can it be to add this? Does this take more than a day to implement? I suspect less than a few hours... but I’m not a Swift/app developer.

 

[Abazigal]

As a developer, I don’t like this new rule that I “have” to use Apple’s solution with other third party login option of my choice. I guess I should just only have my app available on other competing app stores...oh, wait. There isn’t one.

And as a user, that’s precisely why I am glad Apple is making it mandatory for you developers.
[doublepost=1559628326][/doublepost]

Apple's entire strategy is based on closing off its customers inside its prison/"walled garden" and only allowing contact with the external world on their terms

They developed a mobile OS that doesn't allow any code to run if not authorised by Apple, and now even call this a "computer replacement"

They include NFC chips in phones but only for using Apple Pay, no other services allowed

They include bluetooth chips in HomePods but only to connect to an Apple device to set up, no use for streaming audio from non-Apple devices allowed

Now they're targeting the internet itself with Safari and now apps putting an extra layer between the user and 3rd parties. It's true this means 3rd parties can't collect data as easily, but Apple reserves the right to collect data themselves and use their unique position to sell advertising products to 3rd parties

I don’t see it as a bad thing. It basically means that developers and third parties can only get access to us users on Apple’s terms, and that’s a boon to me.

Now, if only Apple could go one step further and force developers to update their apps with the latest APIs...

 

[meaning-matters]

I designed a 'sign in with Apple' 5 years ago. I did this to avoid users to enter email address & password, which then needs to be verified; a process I hated myself. I wanted a sign-up procedure that was a smooth as possible.

This is how it works: A user purchases a free restorable In-App Purchase item. An IAP item has a unique ID which our server uses to retrieve the user's data.

Once a user has purchased the free restorable IAP, re-login to the app (e.g. on another device) is very smooth. Because it is just a restore of the earlier purchased IAP, iOS handles this without the user typing in anything if she/he is logged in to their App Store account, or occasionally logging in (e.g. after a device restart).

So the sign in is piggy-backed on the user's App Store account. I do not hold any personal data, nor can any 3rd party get any user data.

I had to explain twice to Apple's review team how this worked and why it's perfectly fine, does not violate rules, and is actually better for the user. My app was then accepted both times.

Reasoning: By definition an IAP restorable item requires the app to restore user personal data. This means that the user data/account must be found back based on the IAP ID. Other apps have their own user sign in system in which they need to store IAP IDs, and indirectly lookup a user's data using an IAP ID. Because a restorable IAP ID must always be used to lookup a user, there is nothing against cutting out a custom sign in system.

In the years after that, Apple started disallowing the use other IDs that app developers were using to identify users and/or devices (e.g. UDID). Apple could not touch the use of IAP IDs; my Apple sign in is still working

 

[Morgenland]

As you're a developer, then you know that this is for many companies and organizations more involved than just "adding one more button." It's not nearly as trivial as you're making it out to be, and there potentially lots of other considerations that come with it.

This is a rather big onus to put on product and development teams, especially with such a quick deadline.

My company supports email and Facebook sign-in — and that's it — for very good reasons. It's pretty integral to what we do, and we're very straightforward about why that is. This thing really backs us into a corner...not to mention that our dev roadmap for the rest of the year was already pretty set. For us, this is a real mess, and while I'm sure we're in the minority, I'm also sure we aren't alone.

Welcome to your corner. Others will implement that game changer very fast and soon.

 

[Michael CM1]

Apple's entire strategy is based on closing off its customers inside its prison/"walled garden" and only allowing contact with the external world on their terms

They developed a mobile OS that doesn't allow any code to run if not authorised by Apple, and now even call this a "computer replacement"

They include NFC chips in phones but only for using Apple Pay, no other services allowed

They include bluetooth chips in HomePods but only to connect to an Apple device to set up, no use for streaming audio from non-Apple devices allowed

Now they're targeting the internet itself with Safari and now apps putting an extra layer between the user and 3rd parties. It's true this means 3rd parties can't collect data as easily, but Apple reserves the right to collect data themselves and use their unique position to sell advertising products to 3rd parties

If you don't like it, there is literally a solution based on Android for I think everything you listed.

 

[Alan Wynn]

As a developer, I don’t like this new rule that I “have” to use Apple’s solution with other third party login option of my choice. I guess I should just only have my app available on other competing app stores...oh, wait. There isn’t one.

Pretty sure that Google runs an app store called Google Play, and that Microsoft also runs an App Store. If you do not want to support this, you are welcome to sell your apps in either or both stores. They have the bulk of the smart phone market as I keep hearing.

 

[ds2000]

I’m a developer and I support it 100%. We abandoned third party sign in long ago.

Completely agree, I've never used FB / Twitter / Other to sign up for sites. I'm old and still use my email.

 

[The Game 161]

One of the best features of the event for me...

 

[Cybbe]

I'm fairly agnostic with regards to using Facebook, Google or Apple for logins. What I would like to know though is how this would work on other platforms. I use many apps/services on other devices, including non-Apple devices. If this is another walled garden which you cannot easily take with you elsewhere it will be a hard no for me.

 

[truthertech]

As a developer, I don’t like this new rule that I “have” to use Apple’s solution with other third party login option of my choice. I guess I should just only have my app available on other competing app stores...oh, wait. There isn’t one.

Well then don’t develop apps for iOS, cause thems the rules like every other company has, along with a hundred other rules Apple has.

Your attitude is exactly the problem. This feature is something that hundreds of millions of Apple’s customers want, but you think you should be able to dictate to us whether we get this privacy protection. Thank heavens Apple is looking out for its customers.
[doublepost=1559638989][/doublepost]

Understand where you’re coming from, but how many developers would bother to take the time to implement if it were optional?

This wouldn’t exactly be at the top of any developers list... especially if they’re developing for both platforms.

Are you kidding? There’s no down side for a developer and it’s a simple add for them to meet consumer demand. Craig pointed out that developers have been clamoring for it as well.

 

[FFR]

Apple's entire strategy is based on closing off its customers inside its prison/"walled garden" and only allowing contact with the external world on their terms

Didn’t know people paid a lot of money to go to prison.
Wait they don’t.

You sound bitter, you must be an android user.
Samsung or Huawei.

 

[mschmalenbach]

As a developer, I don’t like this new rule that I “have” to use Apple’s solution with other third party login option of my choice. I guess I should just only have my app available on other competing app stores...oh, wait. There isn’t one.

As a user I don't care what developers think, unless it goes against what I want and am willing to pay for in time, convenience as well as financial terms. Especially when it comes to matters of personal privacy and government overreach & surveillance.

It's a developer's choice as much as it's a client's choice.

Many folk will agree with your position. And many won't.

My money is on the bigger group being those who want the Apple sign in function.
[doublepost=1559641485][/doublepost]

Apple's entire strategy is based on closing off its customers inside its prison/"walled garden" and only allowing contact with the external world on their terms

They developed a mobile OS that doesn't allow any code to run if not authorised by Apple, and now even call this a "computer replacement"

They include NFC chips in phones but only for using Apple Pay, no other services allowed

They include bluetooth chips in HomePods but only to connect to an Apple device to set up, no use for streaming audio from non-Apple devices allowed

Now they're targeting the internet itself with Safari and now apps putting an extra layer between the user and 3rd parties. It's true this means 3rd parties can't collect data as easily, but Apple reserves the right to collect data themselves and use their unique position to sell advertising products to 3rd parties

I'm reasonably sure Apple is not an agent of the US government, or even suspected of being one. With several Chinese companies, rightly or wrongly, they are suspected of being agents of the Chinese government - that's cause for concern for many folks.

 

[elpamyelhsa]

My company supports email and Facebook sign-in — and that's it — for very good reasons.

Genuinely interested in your very good reason. I don’t like the idea of forcing developers but cannot think of any problems it should cause unless you were trying to abuse client data, eg. posting on their social network feed.

 

[dannys1]

Do you have any evidence at all that this is the case?


I run code on my iOS devices without being authorised by Apple. Sure, if I want to deploy a binary without sharing the source code I have to get approval. But that's mostly a quick check to make sure I'm not shipping malware.


There is an NFC API for pretty much arbitrary NFC use that has been in place since iOS 11.

There was a delay of about 9 months between the initial hardware and releasing a public API, but honestly for those months there weren't that many users with the hardware anyway. They might not even have been shipping to all countries by that point.

As a developer I like their slow roll out strategy for drivers and new hardware. Several months of "in the wold" deployment gives them a chance to find and fix any serious bugs before locking down a public API that shouldn't ever be changed.


HomePods use AirPlay. There are literally hundreds of third party devices that also support AirPlay - including any Android phone by simply installing an app.

AirPlay is better than Bluetooth. Why would anybody use bluetooth if they can use AirPlay?


What? No, that isn't what Apple is doing at all. You need to go back and read up on it again. Feel free to ask if anything doesn't make sense.

Excellent post - that guy seems frustratingly confused and very vocal about things. This is how tech mistruths get spread throughout the internet. Vocal people shouting nonsense which then gets repeated...

 

[KidAKidB]

So why is apple doing this?

To lock people more deeply into Apple so that it's more difficult to leave.

 

[DailySlow]

How hard can it be to add this? Does this take more than a day to implement? I suspect less than a few hours... but I’m not a Swift/app developer.

Trepidation: I think developers that have a deal (standard or complex) with FB for a sign-in API are disingenuous in bemoaning this. Users want it. If you develop and there’s a stipulated/contractual/agreement for data (or other) transaction with FB your biz model is disrupted now. Boo hoo. But that’s your problem. Apple USERS want this.

 

[DoctorTech]

Apple's entire strategy is based on closing off its customers inside its prison/"walled garden" and only allowing contact with the external world on their terms

They developed a mobile OS that doesn't allow any code to run if not authorised by Apple, and now even call this a "computer replacement"

They include NFC chips in phones but only for using Apple Pay, no other services allowed

They include bluetooth chips in HomePods but only to connect to an Apple device to set up, no use for streaming audio from non-Apple devices allowed

Now they're targeting the internet itself with Safari and now apps putting an extra layer between the user and 3rd parties. It's true this means 3rd parties can't collect data as easily, but Apple reserves the right to collect data themselves and use their unique position to sell advertising products to 3rd parties

I understand where you are coming from but I see it differently. I am very tech savvy but I can't devote the amount of time that a web / app developer spends staying current with all the trends in data collection. I view it as Apple is looking out for me by protecting me from online threats to my privacy. Of course Apple is going to find ways to profit from protecting my privacy just as Facebook and Google continually find new ways to profit from invading people's privacy. Whether it is Apple Pay keeping my personal information secure or sign in with Apple or blocking cross site tracking, I greatly appreciate (and am willing to pay the "Apple tax" for) these features.

 

[apolloa]

This was all they had to announce for the privacy issues they have, it seems like a cool idea but we will need to test it in practice.