It’s common for apps to offer the option of third-party sign-in via something like Google, Facebook or Twitter because it’s much more convenient for users than having to create a separate login for every app.
There are, however, two problems with this.
- First, the third-party platform will pass your email address to the developer – you’ll be asked to approve this, but won’t be able to proceed with the login unless you agree.
- Second, the platform itself will learn which apps you are using. This could be a problem with some sensitive apps, but even the aggregate view of all the apps you use could tell a platform quite a lot about your life.
The concerns about Apple’s terms and conditionsThe ‘Sign in with Apple’ button aims to solve this problem. Apple offers the option of sharing or hiding your email address with the developer. If you choose the ‘hide’ option, Apple creates a single-use email address for you – used only with that app – and passes that to the developer. Emails sent to that address are then forwarded to you by Apple.
The condition is that app developers must offer the option of ‘Sign in with Apple’ if they offer any other third-party sign-in. So if a developer offers sign-in with Google, Facebook or Twitter, they have no choice but to offer Apple’s version too. That’s a very different position to today, when a developer could, for example, choose to allow sign-in via Twitter only.
Sign In with Apple will be available for beta testing this summer. It will be required as an option for users in apps that support third-party sign-in when it is commercially available later this year.
But Reuters notes that Apple has a second requirement:
Apple’s suggestion to developers to place its login button above rival buttons is part of its “Human Interface Guidelines,” which are not formal requirements to pass App Store review. But many developers believe that following them is the surest way to gain approval.
As The Verge suggests, Apple might be tempting fate at a time when the company is already coming under the microscope for alleged anti-competitive practices.
I don’t know how precisely to weigh the value of more private login tools against the cost of making an entire developer ecosystem captive to the policy whims of the world’s biggest company. But perhaps that’s where our actual regulators — which is to say, Congress — should intervene. As the House of Representatives begins an inquiry into our tech giants, I hope they will.