Sign In With Apple Will Be Required for Apps That Offer Third-Party Sign-In Options

[lec0rsaire]

Using Facebook to sign in everywhere is a really bad idea. People do it out of laziness and convenience. What happens if your FB gets hacked? Or banned? Or you want to leave FB?

iCloud Keychain already made it easy to manage passwords but this is a cleaner solution a la 1password just without the sub.

 

[Ferc Kast]

Just curious, is it restricted to native apps or are websites also able to take advantage of the new feature?

 

[countryside]

Using Facebook to sign in everywhere is a really bad idea. People do it out of laziness and convenience. What happens if you’re FB gets hacked? Or banned? Or you want to leave FB?

iCloud Keychain already made it easy to manage passwords but this is a cleaner solution a la 1password just without the sub.

I agree... however, is 1password theoretically more secure since the passwords are (if used correctly) different for each service? With this system, Apple ID compromised = everything is compromised. I do not know about yall, but my 1password "master password" to just get into service (the equivalent of an apple id password) is much more intensive than my Apple ID, as I am prompted for Apple ID much more frequently.

...I guess, how much longer till our face or finger is our Apple ID?

Then again, I would bet my life that Apple being compromised would never happen compared to 1password. Plus, if Apple was compromised, the world as we know it would (not to be melodramatic) in ruin.

 

[BootsWalking]

Suck on that Facebook and Google.

 

[BWhaler]

Love, love, love.

THANK YOU Apple. This is meaningful.

 

[mrongey]

Why not make Apple Pay required on any app taking payment methods such as Paypal?

While it would be nice from a privacy standpoint, Apple is already facing anti-trust investigations in Europe, and there's a new widespread tech antitrust investigation in congress, so they probably won't be allowed to implement something like this.

Incorrect. Apple Pay uses the same number every time. It is different from your physical card number, but it is kept for the life of the virtual card.

Won't the Apple Card randomize the number?

Edit: Yes, ApplePay (and the card) uses a static device ID coupled with a dynamic security code for each transaction.

 

[hank moody]

Can i choose to hide my name too?

 

[countryside]

While it would be nice from a privacy standpoint, Apple is already facing anti-trust investigations in Europe, and there's a new widespread tech antitrust investigation in congress, so they probably won't be allowed to implement something like this

Good point... However, it does not seem much different than with Apple. ID situation.

Won't the Apple Card randomize the number?

Yes.
[doublepost=1559605481][/doublepost]

Can i choose to hide my name too?

I think you would just put a fake name. The apps that ask for a name, generally, do not make it optional.

 

[lec0rsaire]

I agree... however, is 1password theoretically more secure since the passwords are (if used correctly) different for each service? With this system, Apple ID compromised = everything is compromised. I do not know about yall, but my 1password "master password" to just get into service (the equivalent of an apple id password) is much more intensive than my Apple ID, as I am prompted for Apple ID much more frequently.

...I guess, how much longer till our face or finger is our Apple ID?

Then again, I would bet my life that Apple being compromised would never happen compared to 1password. Plus, if Apple was compromised, the world as we know it would (not to be melodramatic) in ruin.

They could maybe solve this problem by offering optional 2 factor. The only problem with 2 factor is that it takes more time and people want to instantly sign in.

 

[Rogifan]

Why are people saying this is anti-trust? Apple’s not forcing you to use it, just that developers have to list it as an option when they offer other options.
[doublepost=1559605830][/doublepost]

Not sure why everyone is getting so defensive about a genuine question, already being asked by a number of security folks (ref Twitter).

How does it work now if you get rid of your Facebook or Twitter or Google account?

 

[smithrh]

as he speaks to an auditorium filled with app developers..

I noticed this too, and I think it was entirely on purpose.

It's a two-sided statement: as consumers, you developers are entirely aware of how crappy this is when other developers/companies do this. Here's our solution, and hey, you're on notice too. Don't spam our customers.

 

[CrysisDeu]

How easy is it to untangle when you want to jump ship from Apple?

impossible
[doublepost=1559605958][/doublepost]

Just don't use it. It's not required of customers. It's required of devs who's apps offer other sign-in options.

LOL, it just ****s up a lot devs who uses react-native, time to build native apps

 

[countryside]

How easy is it to untangle when you want to jump ship from Apple?

I would assume the same difficulty as if you wanted to jump ship from Facebook or Google. Good point and should be considered when using this feature. Hopefully it is as easy as changing the email.

 

[CrysisDeu]

Just curious, is it restricted to native apps or are websites also able to take advantage of the new feature?

Yeah, wondering how ppl are going to sign on on webs

 

[Nermal]

Just curious, is it restricted to native apps or are websites also able to take advantage of the new feature?

It works with the Web.

https://developer.apple.com/documen...nfiguring_your_webpage_for_sign_in_with_apple

 

[MoreRumors?]

I like the idea of sending a random email instead of your actual email.

 

[CrysisDeu]

It works with the Web.

https://developer.apple.com/documen...nfiguring_your_webpage_for_sign_in_with_apple

Its nice having it on web, but I think it still requires you to have an apple device for auth or appleid login.

 

[riverfreak]

Not sure why everyone is getting so defensive about a genuine question, already being asked by a number of security folks (ref Twitter).

No easier and no more difficult than if you were to use other third party platforms to login. Or for that matter an email/password combination of your own choosing.

Since Craig said that you can disable the random emails if you get tired of hearing from an app, that implies there will at least be some UI where you can map the random emails to websites. That would make decoupling from Apple supplied privatized emails easier.

 

[gavroche]

Since it's just one of the options, I really don't see an issue either. It's not like a person has to choose the A.ID sign in option. They can still use their Google, FB, Twitter, Disqus, etc. More choice for users.

I tried to play a poker app once (forget which)... and the only sign in option was Facebook. As I hate Facebook and have no account, i couldn't play. this will prevent that from happening any more!

 

[macsforme]

Anyone know how they will enforce this requirement? Will they turn you down from the App Store, or refuse to notarize your application, if you don’t implement this? I’m getting more and more concerned about how Apple set themselves up as the gatekeeper over their devices.

 

[ChristianVirtual]

This I will use; the FB and Google I just never trusted/liked.

 

[ipponrg]

Anyone know how they will enforce this requirement? Will they turn you down from the App Store, or refuse to notarize your application, if you don’t implement this? I’m getting more and more concerned about how Apple set themselves up as the gatekeeper over their devices.

If you have Google and/or Facebook SSO, you are required to implement Apple SSO

 

[Cosmosent]

BIGGER than this is the "One-Shot Background Tracking" limit announced @ the exact same time that this feature was announced !

That's the BIG news of earlier today !

 

[macfacts]

how easy is it to untangle when you want to jump ship from gmail?

Using Gmail doesn't lock you in to android devices forever.

 

[SoSickSadNslOw]

This is the only option I’d always use now, great work there Apple