The announcement of a new authentication option from Apple became one of the major news of this year’s Worldwide Developer Conference. The main reason it caused quite a stir is that Apple decided to make its sign-in function a mandatory alternative whenever other third-party options (e.g. Facebook and Google) are available. This means that most apps in the App Store have to be upgraded with this new log-in button in order to comply with App Store guidelines.
In this blog post, we will try to answer the hottest questions about ‘Sign In with Apple’ feature. We’ll also outline the benefits it can bring to your business and explain how to add this authentication option to your application.
- How ‘Sign In with Apple’ works
- What devices does Apple’s sign-in service support?
- Benefits of ‘Sign In with Apple’
- How to implement ‘Sign In with Apple’ in your app
How ‘Sign In with Apple’ works
At first sight, Apple’s sign-in functionality is pretty similar to the same services offered by other providers such as Facebook, Google, and Twitter. Simply put, it gives a user an opportunity to set up an app account with just one click using his or her information from Apple ID. However, the solution created by Apple is not only about convenience — the great focus is put on personal data protection.
Unlike other authentication options available today, ‘Sign In with Apple’ allows users to sign in into an app without revealing their real email addresses. After a person tabs on the button, the system will still ask for this information along with the name. Yet, users will have a choice whether to share their email address (just like with other one-click login services) or hide it from an app.
In the latter case, Apple will generate a unique disposable email address that the app will use to send a user its notifications and that the user will be able to disable at any time. The sign-in process will not require confirmation of an email. It’s also worth mentioning that users’ concerns about Apple being able to read their emails because they are sent to an auto-generated email address are completely groundless. This service only routes emails to users’ inboxes, not hosts them.
On top of that, Apple will not track the user’s activity in an app or website after the sign-in. Neither will it share users’ personal data with app creators. Actually, it won’t even have what to share since the company, unlike its rivals, doesn’t collect such information about users as birthday, location, likes, etc.
What devices does Apple’s sign-in service support?
This is one of the most popular questions from users since many of them use several devices on a regular basis and often not all of such devices come from Apple universe. But, of course, the creators of ‘Sign In with Apple’ have thought it through.
First, it goes without saying that Apple’s one-click login will work across all Apple devices, including Apple TV and Apple Watch. In case an app also runs on other devices, e.g. Android-based, users will also have an opportunity to choose this authentication option despite the fact that Apple doesn’t provide Android developers with native SDK.
In particular, a user will be able to log into an app, for example, on a non-Apple smartphone via web view he or she will be sent to after clicking ‘Sign In with Apple’ button. To enable access to the user’s account, the system will request Apple ID and password. The same is true for web apps. Reportedly, ‘Sign In with Apple’ will work in all browsers. In these two instances, two-factor authentication is implemented by sending a 6-digit code to a user’s trusted device or phone number.
Benefits of ‘Sign In with Apple’
When introducing Apple’s sign-in service, Craig Federighi, a company’s chief software engineers, heavily emphasized on the need to offer users an effective way to protect their private data. And it’s no wonder. News about major data leakages has become so common lately that it’s no longer possible to think about them as one-time incidents. But what about businesses? Do they get any benefits? The answer is “yes”. Let’s look at this in greater detail.
When app creators add ‘Sign In with Apple’ button to their apps, they not only comply with Apple requirements but they also show users respect for privacy. Apple has a reputation for treating user privacy seriously and the company, unlike its competitors, hasn’t been involved in any data leakage breaches yet. In the modern world, this means a lot. Many people would rather delete a certain application or replace it with an alternative solution than deliberately give away their personal data as it may potentially be used for a manipulative purpose.
Enhanced user experience
With ‘Sign In with Apple’, users can log into apps faster. The system will require neither filling out any forms nor even creating a new password. Authentication with Touch ID or Face ID will be sufficient to set up an account and start using an app. As a result, an app will deliver a better user experience and people will like your product more.
Advanced fraud detection
Apple sign-in service uses machine learning technology that gives app creators confidence is people who start using their apps. In particular, Apple’s built-in fraud detection functionality helps developers determine if a user is real or a bot without revealing any personal information to them. If a user is verified as being “a bot”, developers will get a signal which they can treat as a red flag and take another look at the suspicious account.
‘Sign In with Apple’ offers two-factor authentication. This means that every account with this sign-in option has two layers of protection. The first one comprises a username and a password. And the second one is Touch ID or Face ID for Apple devices and a 6-digit code sent to a trusted device or phone number for non-Apple devices. Such improved security is equally beneficial for both — app creators and users.
How to implement ‘Sign In with Apple’ in your app
If you want to add this authentication option to your app, you can find all necessary guidelines on Apple’s website. In general, to get started with ‘Sign In with Apple’, you need to follow these steps:
- Enable your app’s App ID with the Sign In with Apple capability as instructed here.
- Register your outbound email domains to allow users to receive notifications via a disposable email address as instructed here.
- Use the Authentication Services framework to enable ‘Sign In with Apple’ on Apple devices as instructed here.
- Use Sign In with Apple JS to enable ‘Sign In with Apple’ on other platforms (e.g. web apps, Android devices) as instructed here.
- Use the Sign In with Apple API to connect to Apple’s authentication servers as instructed here.
- Update your devices to the latest beta versions of iOS, macOS, tvOS and use the latest beta version of Xcode 11 to test your app. The latest beta software is available here.
Although there are many discussions around ‘Sign In with Apple’ feature, it’s definitely a step forward in terms of data protection. Users’ opportunity to use applications without revealing too much personal information has the potential to change the rules on the whole market. And contrary to what many app creators believe, such changes will bring many benefits to businesses as well since it’ll be much easier for them to greatly improve product security and user experience.
Need help with adding ‘Sign In with Apple’ to your app or website?