Apple CEO Tim Cook on iOS 13's Sign In with Apple: 'We're Not Really Taking a Shot at Anybody'

[raghu8912]

Remember, Apple sells a targeted advertising service for 30% commission

They want advertisers to know they have to pay the Apple Tax to advertise to Apple customers, the same as app developers need to pay to be on the app store

They do make some money by advertisements and free apps make money by targeted advertisement, but there are settings in iPhone to restrict this, and Apple's revenue from advertisements is minuscule compared to others, Apple's revenue doesn't depend on advertisements.
Apple is lot better than others when it comes to privacy.
people should stop looking at this as either 0 or 1.
[doublepost=1559667717][/doublepost]

Apple's entire strategy is based on closing off its customers inside its prison/"walled garden" and only allowing contact with the external world on their terms

They developed a mobile OS that doesn't allow any code to run if not authorised by Apple, and now even call this a "computer replacement"

They include NFC chips in phones but only for using Apple Pay, no other services allowed

They include bluetooth chips in HomePods but only to connect to an Apple device to set up, no use for streaming audio from non-Apple devices allowed

Now they're targeting the internet itself with Safari and now apps putting an extra layer between the user and 3rd parties. It's true this means 3rd parties can't collect data as easily, but Apple reserves the right to collect data themselves and use their unique position to sell advertising products to 3rd parties

They include NFC chips in phones but only for using Apple Pay, no other services allowed
They are opening up NFC for other uses, like in universities, it can be used for tickets in public transportation.

 

[Timemaster]

I am also a developer. Have been for years...this is actually great...why not give users the option? I mean, if you have added in, "Log in with Facebook" or "Login with Twitter" as an option, then you know its not a big deal which one a user presses to get into the app. Adding one more button my app is not a big deal at all and I don't think it would be for any other developer.

I am for the options as a developer but I am against ramming it down and forcing me to have to use it and double sure if I have to do it this year. I want at least a year from non beta release to get it up and running. That would mean iOS 14 at the soonest.
Reason being is updating the App easy. Updating my back end web side not so easy. Big time if it requires some huge changes to the user database tables.

For example something I have seen other apps do is allow me to link to my account other sign in options. One of my accounts I use I can sign in with Github, Google, facebook, or user name/ Password. I have all of them linked together so I can use any of them and all of them go the same account.

 

[gavroche]

Randomized e-mail for each app, sounds like a great idea. Can’t wait!

I was so excited for this when they talked about it. But was disappointed to learn it will only be required when third part logins are offered. If they just require you to create a username and password, not required. I really really wish it was required all the time. I'm curious how many apps will offer it as an option that currently only have username/password and thus are not required.

 

[mtngoatjoe]

Why do I feel like most of the negative comments are from Google and Facebook employees who have been tasked with spreading fear, uncertainty, and doubt?

Seriously, if you're hear talking about how Apple takes advantage of its users, then I can't help but feel you have dubious motives.

No corporation is "all good", and as users, we should questions Apple when it falters. But there just isn't any evidence to suggest that Apple doesn't care about our privacy. Are they perfect? No. Are they trying harder than everyone else? Absolutely.

 

[iMEric984]

To lock people more deeply into Apple so that it's more difficult to leave.

Apple doesn’t force or “lock” anyone into using iOS or any other apple software.

 

[gavroche]

I don't understand this, how is this any better than FaceBook or Google?
This will mean that instead of Facebook or Google, Apple will be able to track you

apple already knows who you are. You don't need to provide any additional information than what they already have. And in addition to that, you don't have to create and remember another login credential for every single app. And you don't have to give every app your email that then starts receiving spam.

 

[iLLUMI]

Yep, brilliant idea!!
So sick of the nonsense of having to sign in with Facebook or Google. Actually I'm just sick of seeing Facebook shoved in my face all the time.
I don't mind using Google but with the increased privacy of Apple I'm more in favour of Apple.
This is the stuff I love to see coming from Apple.... making life better!
Well done to Apple!!

 

[scottct1]

As a site owner who allows logins with Facebook Logins, i am concerned about this as I fear this will lead to a lot of fake accounts and the user will be untraceable. The person can close the account and open up another one and keep on doing bad things over and over again. At least with Facebook accounts the accounts are established accounts and its a pain to make a new facebook account. With Apple Login you can create a new one instantly with just a push of a button.

I see that as a problem.

 

[OnoYouDidnt]

Funny that I log into apple with my gmail ID..

Did you watch the keynote? It creates fake forwarding e-mails.

 

[Amazing Iceman]

Recently I’ve been removing or changing any accounts I created that sign in with Facebook, Twitter and Google, due to the privacy implications.
I certainly welcome this move by Apple. Can’t wait to have this feature available.
I’ll be testing it in the Beta soon.

 

[Appleman3546]

As a developer, I will just avoid third party login solutions in order to avoid the Apple sign-in ID requirement. That way, Apple can’t force me to have fake email addresses to market to. This button is great as an option for consumers, but forcing it on devs is tonedeaf (it should be an option for developers using third party logins, thus encouraging Apple to be competitive). In the end, this policy only hurts google and Facebook since most developers will just avoid third party logins now. But Apple can taketh away since they forbid other app stores on their platform or downloads from the internet to compete with their monopolistic developer rules. Competing App stores would really solve this arbitrary decision making by Apple, since the developers and consumers should be the one making the decision
[doublepost=1559679883][/doublepost]

Do you realize your contradiction in philosophy? This new policy benefits users, by offering them an additional option for signing in. It's a complete win for the consumer. While I get that a developer might not want to have to implement it, you shoot your argument right out of the water when you make a dig at not having an alternative app store. You want more options in the latter case, but don't want the same consumers to have more options in the former. So options only matter when they benefit you...?

My argument is that competing app stores lets consumers and developers decide what is right as “options.”

While it is true that this is great for consumers, the developers are the ones that have to implement it for the consumers to take advantage of this choice in the first place. If the developer cares about its customers or consumers demand it, the developer will add it without Apple needing to “force” it on developers. But it should be a choice led by the competitive market, not a monopolist requiring it to reach the consumers or requiring it for developers to give those consumers with a choice of login options in the first place. It seems to me that developers probably weren’t going to implement this extreme consumer friendly option (randomized fake emails disrupting marketing) since it has no real incentives to developers in exchange, so Apple is forcing it on the developer without letting the competitive market decide for itself.

 

[212rikanmofo]

This is great news. Since I deleted facebook and no longer use that crap and have been slowly phasing google out of my life as well. I avoid those 2 Sign in with FB or Sign in with Google buttons like the plague. Those buttons are just screaming "give up your privacy".

Don't be fooled by those buttons.

 

[JohnDoe98]

As a developer, I will just avoid third party login solutions in order to avoid the Apple sign-in ID requirement. That way, Apple can’t force me to have fake email addresses to market to. This button is great as an option for consumers, but forcing it on devs is tonedeaf (it should be an option for developers using third party logins, thus encouraging Apple to be competitive). In the end, this policy only hurts google and Facebook since most developers will just avoid third party logins now. But Apple can taketh away since they forbid other app stores on their platform or downloads from the internet to compete with their monopolistic developer rules. Competing App stores would really solve this arbitrary decision making by Apple, since the developers and consumers should be the one making the decision

You can take away third party login solutions but don’t kid yourself, the jig is up. Once I have at least one of those fake emails, that is all I will be using for apps and services. No one will ever get a real email again other than close friends, my bank, etc. All apps will get fake emails. You will be marketing to fake emails from now on.

 

[I7guy]

As a developer, I will just avoid third party login solutions in order to avoid the Apple sign-in ID requirement. That way, Apple can’t force me to have fake email addresses to market to. This button is great as an option for consumers, but forcing it on devs is tonedeaf (it should be an option for developers using third party logins, thus encouraging Apple to be competitive). In the end, this policy only hurts google and Facebook since most developers will just avoid third party logins now. But Apple can taketh away since they forbid other app stores on their platform or downloads from the internet to compete with their monopolistic developer rules. Competing App stores would really solve this arbitrary decision making by Apple, since the developers and consumers should be the one making the decision
[doublepost=1559679883][/doublepost]
My argument is that competing app stores lets consumers and developers decide what is right as “options.”

While it is true that this is great for consumers, the developers are the ones that have to implement it for the consumers to take advantage of this choice in the first place. If the developer cares about its customers or consumers demand it, the developer will add it without Apple needing to “force” it on developers. But it should be a choice led by the competitive market, not a monopolist requiring it to reach the consumers or requiring it for developers to give those consumers with a choice of login options in the first place. It seems to me that developers probably weren’t going to implement this extreme consumer friendly option (randomized fake emails disrupting marketing) since it has no real incentives to developers in exchange, so Apple is forcing it on the developer without letting the competitive market decide for itself.

The competitive market can decide. The dev can go to android if this does not work to a devs advantage. If the business model for an app includes selling email addresses, maybe the dev should closely examine the business practices.

 

[Timemaster]

As a developer, I will just avoid third party login solutions in order to avoid the Apple sign-in ID requirement. That way, Apple can’t force me to have fake email addresses to market to. This button is great as an option for consumers, but forcing it on devs is tonedeaf (it should be an option for developers using third party logins, thus encouraging Apple to be competitive). In the end, this policy only hurts google and Facebook since most developers will just avoid third party logins now. But Apple can taketh away since they forbid other app stores on their platform or downloads from the internet to compete with their monopolistic developer rules. Competing App stores would really solve this arbitrary decision making by Apple, since the developers and consumers should be the one making the decision

I think you are thinking about it wrongly. If you force me to use an email address to something I do not care to much about I have a few dummy accounts that I cycle between. I will use those accounts only to confirm yes it is a real email address and if need be a password reset but beyond that they are never check. One of them has a lot of unread messages as guess what I never log into them.
At least with Apple's solution you would have an email address that until you piss me off gets forwarded to my main account.
Middles I
Sadly my main email address is one that will just get caught in easy spam as it is my first.Middle Initial.Last@gmail.com (Time.W.Master) but with my real name. I also have a common enough name that it gets hit in the generators. Yes my gmail account is one of the early ones so I got my hands on it early one. Good thing Gmail does a good job of filtering out promotions and spam.

 

[Abazigal]

I don't understand this, how is this any better than FaceBook or Google?
This will mean that instead of Facebook or Google, Apple will be able to track you

Better Apple than google or Facebook.

And that’s the point that developers are missing as they complain.

The truth is, whenever I come across a website that requires facebook or twitter login, I stop and refuse to go any further. By not supporting Sign in with Apple, you will lose me as a customer. Support said feature, and I can still consider using your product.

 

[jeremiah256]

Apple's entire strategy is based on closing off its customers inside its prison/"walled garden" and only allowing contact with the external world on their terms

They developed a mobile OS that doesn't allow any code to run if not authorised by Apple, and now even call this a "computer replacement"

They include NFC chips in phones but only for using Apple Pay, no other services allowed

They include bluetooth chips in HomePods but only to connect to an Apple device to set up, no use for streaming audio from non-Apple devices allowed

Now they're targeting the internet itself with Safari and now apps putting an extra layer between the user and 3rd parties. It's true this means 3rd parties can't collect data as easily, but Apple reserves the right to collect data themselves and use their unique position to sell advertising products to 3rd parties

Apple, whether you believe they are doing this because they are the good guys, or to corral customers into their walled garden, has identified the abuse and exploitation of personal information as something many are concerned with, and they have come up with solutions. Some damn good solutions.

So walled garden? Maybe. Probably. OK, yes. But, if the other options are perceived as your personal information being passed around like a joint at Woodstock, I think Apple's going to win that battle.

 

[xaqt93]

As you're a developer, then you know that this is for many companies and organizations more involved than just "adding one more button." It's not nearly as trivial as you're making it out to be, and there potentially lots of other considerations that come with it.

This is a rather big onus to put on product and development teams, especially with such a quick deadline.

My company supports email and Facebook sign-in — and that's it — for very good reasons. It's pretty integral to what we do, and we're very straightforward about why that is. This thing really backs us into a corner...not to mention that our dev roadmap for the rest of the year was already pretty set. For us, this is a real mess, and while I'm sure we're in the minority, I'm also sure we aren't alone.

I am interested to know what you are doing that would involve you not wanting to add this as a feature. You will still be able to e-mail your users...you just won’t have there actual e-mail address, which, once again, I am finding the issue with why this is a bad thing. I mean, unless you are using the users data for something that you can only get with the actual e-mail, then I don’t see the problem. I don’t want other apps to access my data, and my users don’t need to give me there data for my app to work. If I need the data, I would ask the users to manually do it them selves, that way, there is no confusion for the customers and it is more straight forward.

 

[dsut4392]

I designed a 'sign in with Apple' 5 years ago. I did this to avoid users to enter email address & password, which then needs to be verified; a process I hated myself. I wanted a sign-up procedure that was a smooth as possible.

This is how it works: A user purchases a free restorable In-App Purchase item. An IAP item has a unique ID which our server uses to retrieve the user's data.

Once a user has purchased the free restorable IAP, re-login to the app (e.g. on another device) is very smooth. Because it is just a restore of the earlier purchased IAP, iOS handles this without the user typing in anything if she/he is logged in to their App Store account, or occasionally logging in (e.g. after a device restart).

So the sign in is piggy-backed on the user's App Store account. I do not hold any personal data, nor can any 3rd party get any user data.

I had to explain twice to Apple's review team how this worked and why it's perfectly fine, does not violate rules, and is actually better for the user. My app was then accepted both times.

Reasoning: By definition an IAP restorable item requires the app to restore user personal data. This means that the user data/account must be found back based on the IAP ID. Other apps have their own user sign in system in which they need to store IAP IDs, and indirectly lookup a user's data using an IAP ID. Because a restorable IAP ID must always be used to lookup a user, there is nothing against cutting out a custom sign in system.

In the years after that, Apple started disallowing the use other IDs that app developers were using to identify users and/or devices (e.g. UDID). Apple could not touch the use of IAP IDs; my Apple sign in is still working

How does that work for family sharing where users with separate apple IDs are using apps & in-app purchases from the parent itunes store account?

 

[john123]

I am interested to know what you are doing that would involve you not wanting to add this as a feature. You will still be able to e-mail your users...you just won’t have there actual e-mail address, which, once again, I am finding the issue with why this is a bad thing. I mean, unless you are using the users data for something that you can only get with the actual e-mail, then I don’t see the problem. I don’t want other apps to access my data, and my users don’t need to give me there data for my app to work. If I need the data, I would ask the users to manually do it them selves, that way, there is no confusion for the customers and it is more straight forward.

Again, yes, that is precisely how we are (very transparently and openly) using users' data. It's an opt-in experience with a super crystal clear, GDPR-compliant privacy policy. I really can't say more than that, and I'm sure you'll understand. There are many companies offering similar products — anything with a real embedded social component, for example.

I get that users want privacy in most cases. I share that desire.

The problem is presuming that principle applies to all use cases. In your post, you acknowledged that yes, there are situations where the social network and direct communications might be important. And that's the problem with this mandatory proposal from Apple. It applies a blanket philosophy indiscriminately.

 

[pratikindia]

Did Tim mention how this would work in China?

Presumably he'll be handing over the logs to the government to comply with local laws?

They don't have Log in with Twitter/Facebook in China. But they have Weibo. Will Apple force developers to add a Login with Apple for those too?

 

[thasan]

Not "abuse," but "use," absolutely. The social aspects and direct contact via email are 100% parts of the very transparent opt-in experience.



Again, it's about everything else that has to happen in certain user experiences. Agreed entirely that for many — even the majority — of apps, if it's just "another form of authentication," then this is a good thing.



See above. "The only way it's an issue." Indeed. We're far from the only company out there with this issue.



Which we were in the process of doing.


In my "corner," it's not a game changer. The way this works (email/FB) is quite necessary. For obvious reasons, I can't really say more than that.

What is the % of your profit comes from selling used data and adverts from these linked accounts?

 

[Abazigal]

They don't have Log in with Twitter/Facebook in China. But they have Weibo. Will Apple force developers to add a Login with Apple for those too?

I won't be surprised if the Chinese government steps in to block the implementation of "sign in with Apple" for this very reason.

 

[john123]

What is the % of your profit comes from selling used data and adverts from these linked accounts?

"Almost all" and "essentially none," respectively. Why? Again...that is the entire product model. It is entirely transparent. It is 100% opt-in. Why shouldn't users have the choice to participate in this product? It's their choice.

I get that you might not want to participate in this product. That's OK! But why should the product have to be fundamentally broken because you don't want to use it and participate in it?

This is such a classic case of a big company taking a good and reasonable principle and applying it blindly without sufficient thought.

 

[Worldspinning]

So what … we shift power from one powerful company(ies) to another … why should we believe Apple is so honorable … especially since today it looks like the DOJ and FTC are starting antitrust probes into all the major tech companies including Apple, Facebook, Google, etc.

I understand the sentiment, but Apple is stating publicly they are the company for privacy. The others don't. It'd be a PR nightmare if it were to be discovered one day that Apple has been lying about it all along.