Have you ever comes across social logins such as ‘Sign in with Google’ or ‘Sign in with Facebook’ on a website or an app? Did you try using any of those methods to sign in to access any service? If yes, then you already have some idea of what Sign in with Apple is. And, therefore, comprehending it shouldn’t be that difficult. As, all these authentication methods rely on the SSO (single-sign-on) service, which allows you to log in to third-party services using your existing (supported on the platform) account to prevent the service from accessing your password and other account information. However, in case you haven’t used any of those methods and are unaware of what these services and how they work, allow us to explain.
What is Sign in with Apple and how does it work?
Before delving into what Sign in with Apple is, let’s first understand what an SSO (single-sign-on) service is. SSO is a session and user authentication service that offers users the convenience to sign in to third-party accounts and its related services using a single account (email address and password). For this, the service uses OAuth, which is an open-source standard protocol for delegating access.
In simpler terms, it is a way for the end-users to sign in and start using a service without having to manually sign up, all without requiring the need to give away their password and other personal information. Using SSO minimizes the need for users to sign up for accounts that they plan to use rarely (or once), and in turn, takes away the need to remember the username and password for such accounts. Most importantly, it mitigates the risk (to a certain extent) of passwords and other personal information ending up on the servers of third-party services.
Until Apple introduced the idea of Sign in with Apple (its own SSO service), there have been numerous SSO services from the likes of Google, Facebook, Twitter, LinkedIn, etc that have been offering users the convenience to log in to third-party services without much hassle. Although, over the past few years, there were several questions raised on the credibility of the companies offering these services. Of which, some even speculated that a few companies have been keeping a tab on user activity to serve targeted ads and sell their personal information.
The only thought of this concern leads to one of the most crucial aspects of SSO, which, nowadays, is causing a lot of users to refrain from using such services. Even though using SSO allows you to limit the data (and user credentials) that would otherwise go to third-party services, it still allows the companies (offering the SSO services) to access your user activity (and the related data), which may or may not be used for illicit purposes. As a result, it eventually boils down to the end-user who needs to decide whether the service that they are going to use to sign in to a third-party service is from a company that they trust and whether they would like to proceed further.
With Apple’s take on SSO, ie Sign in with Apple, introduced with iOS 13, users on the Apple-ecosystem (iPhone, iPad, Mac) get a unique way to sign in to third-party services without revealing a lot of personal details. When compared to other SSO services, Apple’s take on SSO is pretty much the same, except for a few changes. The biggest of which is the use of a random ID. With Sign in with Apple, rather than sharing the original email address of its users with the third-party service, Apple offers users the option to hide their email address from the third-party service. For this, the service generates a unique, random email address, which is back-linked to the user’s original email address and shared with the app/service. Since this random email address is back-linked to the original email address of the user, every time the service wants to communicate with the user, it can do so using the random email address (and not the original email address) of the user. In this way, the personal email address of a user is not shared with third-party services, which prevents them from spamming into users’ inbox. And this, in turn, ensures some privacy to the user. Furthermore, to offer better ease-of-use, Apple allows users to use a passcode, TouchID, or FaceID (on newer devices) to authenticate themselves, taking away the need to enter passwords manually each time they want to sign in.
Besides the use of a random email address, the other thing that Apple claims to be different on its implementation of SSO is with regard to user privacy. Apple says that it does now keep a tab on its users’ activity, and therefore, does not involve in offering targeted ads to its users. This does not come as a surprise though, as, over the past few years, it is pretty evident that compared to most other companies, Apple advocates its users’ privacy and security. And to a large extent, it does manage to keep up with its promises.
How to use Sign in with Apple?
To be able to use Sign in with Apple, the first requirement is that the service you want to sign in to must have Sign in with Apple implemented on its platform. While Apple has made it a clear requirement for upcoming apps on its platform, which use some sort of SSO, to provide the Sign in with Apple functionality, it has also asked its app developers to implement the feature on the existing apps, for which, it has extended the deadline until April 2020. The other thing that you need to make sure to be able to use Sign in with Apple is that the 2FA (Two-Factor Authentication) option should be enabled on your Apple ID.
Currently, there are not a lot of services offering the Sign in with Apple SSO service. As a reason, you might not be able to use it across different apps and services. However, if you do happen to come across one that supports the service, here’s how you can use it.
1. First, make sure you are signed-in to your Apple ID on the device you are accessing the app or website.
2. Next, open the app or service that you want to use and tap on the button that says Continue with Apple or Sign in with Apple.
3. On a pop-up that appears on the next screen, tap Continue.
4. Now, on the next screen, you will be given the option to change your Name and share or hide your original email address. If you wish to prevent the service from getting access to your email address, you select Hide my email.
5. Finally, tap on Continue and authenticate your Apple ID using a passcode, TouchID, or FaceID.
That’s it. By now, you must be signed-in and ready to use the service that you wanted. In pretty much the same way as a regular account (that you would have signed up for manually), you can use the app or service (by signing in using Sign in with Apple) without encountering any problem. And when the service provider (app or website) needs to communicate with you, they can use your pseudo (unique random ID) email ID to contact you, and you would receive the message on your original Apple ID.
In our opinion, while using Sign in with Apple allows users to keep their email address private and prevent unsolicited emails from filling up their inbox, it does not ensure complete privacy. As even though users are preserving their email addresses from different services, they are still leaving other footprints, such as their IP address or any other account-related information, for these services to access. And this, in turn, could still allow these services to track some information of its users.