'Sign In With Apple', And How It Can Hurt Google And Facebook

The internet has seen single-sign-on (SSO), which allows users to use their Google or Facebook accounts to access third-party services.

SSO essentially centralizes the process of signing up and signing in, to a more secure login that users can better and actively monitor and maintain.

In short, users can access many services on the web without having to create unique username and password for each service they want to use.

Among others Apple introduced in its 2019 Worldwide Developers Conference, is called 'Sign In With Apple'. And this could create a huge impact on how users work on the web for years to come.

Sign In With Apple looks similar enough to Google's and Facebook's SSO, with the main difference is giving users the option for users to use their Apple ID.

But as part of its broader, years-long privacy push, Apple has added some extra protections that distinguish its version. Here, Apple somehow reimagines the mechanism, and blend the convenience with its products.

And this can certainly hurt Google and Facebook.

First of all, and for the most obvious, Sign In With Apple integrates seamlessly with Apple's authentication offerings - like Face ID and Touch ID - which are already known for providing strong security, while at the same time, also being quick and easy to use.

Because Sign In With Apple requires no passwords to remember, users have lesser things to take care off. This is an advantage since other SSO methods largely haven't added support for biometric authentication yet.

The second thing that makes Apple's SSO even more convincing is that, Apple said that it can also hide users email addresses from third-party services.

This is unlike Google and Facebook. Apple's SSO can protect users' privacy even more by randomly generating an email address on user's behalf, which then forwards communications from companies and institutions to their real address.

And third, Apple's intermediary email option may also undermine popular digital advertising and marketing strategies that use people's email addresses to track online habits and preferences. Google and Facebook use SSO systems to tether apps to their data-gathering ecosystems, and with Sign In With Apple, companies like Google and Facebook could see losses of revenue.

Google and Facebook dominance of the online advertising market, control nearly 60 percent of the U.S. digital ad market according to eMarketer. Their closest competitor is Amazon, with 9 percent of the market.

Apple is far behind since the company never put advertising as its main business model. But here, Apple controls 14 percent of the global smartphone market. As the company rolls out its mandatory SSO system, it could sever Facebook and Google's ties to plenty of iOS users.

Sign In With Apple
At its Worldwide Developers Conference, Apple shows how Sign In With Apple can generate randomized email addresses

According to Will Strafach, an iOS security researcher:

"Email address collection has always bothered me. Sign In With Apple allows for best of both worlds. We can now send email updates to users without needing to know who they are, similar to how we leverage Apple's in-app purchases as the only payment method so we can take payments without knowing user identities."

While on paper, the product can be seamless, in practice, things can be rather difficult.

First of all, Apple needs to make sure that the emails it forwards don't accidentally get blocked or caught in spam folders. From user's perspective, they need things like two-factor authentication to their Apple ID account if they don't already have it.

While this is certainly a good thing, but adding two-factor authentication is an added extra step they need to take. This is not the thing users are probably hoping for when using SSO.

And as convenient as Touch ID and Face ID may be, in practice users won't always be logging into accounts from their iPhone. Users may use non-Apple devices, and this makes Sign In With Apple a lot like using any other single-sign-on scheme.

And for last, Apple needs to really secure its SSO method. Since Apple's offering creates a single place for signing up and signing in, it also creates a single point of failure for numerous logins, if ever its system gets breached.