This fall, you can use an encrypted, throw-away email address to sign up for and sign into services you don’t want to share that information with. Here’s how it works.
We’ve all been there. You download a new app that everyone is talking about and the first thing that happens is it asks for your email address to sign you up for an account. You don’t even know whether you want this app yet. You were hoping to just check it out first.
No one wants to risk having their email address sold to a third-party marketing company, or worse, stolen by hackers. If we don’t yet trust an app developer, we’re much less likely to give them this personal information right up front. You have to win us over first. Let us get to know you.
With Sign In with Apple, coming in iOS 13, iPadOS 13, and macOS Catalina, you’ll be able to use an encrypted “burner” email address (if you will) to sign up for and into services that support third-party sign-on services.
At Apple’s WWDC 2019 Designing for Privacy session, we learned some details on how this all works.
So what is Sign In with Apple?
It’s a single sign-on service, similar to the way Google and Facebook allow you to use your account credentials to sign up for and sign in to apps and services. Have you ever went to a website to check out some new thing and been prompted with a request for you to sign up right away? Some prompts, for example, will offer the option to Sign up with Google, Sign up with Facebook, or Sign up with your email address.
If you use the first two, your internet usage, activities, and habits (and location in some cases) are tracked by Google or Facebook. If you decide to sign in with your email, you risk having your email address sold (it’s also a more cumbersome user experience).
Apple’s version doesn’t track you or sell your email address to third-party interests. It allows you to keep your personal email address hidden from companies, while providing a communication relay that’s private and secure.
When you sign up for an account that offers third-party sign-in options, You’ll be able to select Sign In with Apple or one of the other third-party options (like Google or Facebook). When you select Sign In with Apple, you’ll be prompted to select whether you want to share or hide your Apple ID from the company when you create the account. Then, all you have to do is tap “Continue” and Sign In with Apple does the rest of the work. No email and password to keep track of. No worries about your email address being stored by some company with poor security. No fear that your activities are being tracked.
Keep it secret, keep it safe
Sign In with Apple will allow developers to communicate with users, even though they don’t have their personal email address. Developers will get a verified email address associated with the customer’s Apple ID.
When a person chooses to hide their personal email address from a company, Apple will send the developer this verified email address instead. It is managed by Apple so the developer and customer can communicate back and forth, even though the personal address is hidden. Apple does not keep any emails after they’ve been delivered.
Each person gets a different, unique verified email address for different companies. If you hide your email address from Lyft and Spotify, for example, each company is assigned a different address to communicate with you. If you delete your account, Apple will remove that email address from your associated Apple ID.
Are you a robot?
Developers and websites need ways to protect themselves from fraudulent account farming and spamming. Right now, many developers use such methods as CAPTCHAs or asking them to verify their identity with a second layer of personal information (like the street you grew up on or your best friend’s name).
Sign In with Apple uses on-device verification (it doesn’t leave your iPhone or iPad) that happens during account creation. So you’re personal information is your private business and you don’t have to click through a half-dozen pictures of bridges or traffic lights in order to confirm you’re a human and not a spam bot.
Who will use it?
With iOS 13, iPadOS 13, macOS Catalina, and all the software updates later this fall, Apple has updated its App Store guidelines to note that Sign In with Apple will be a required option for apps that support third-party sign-in. This means that any app that currently allows you to use Facebook Google, or another service to sign up or sign in to an account will also have to include Sign In with Apple.
This doesn’t mean every app in the App Store is required to use Sign In with Apple. There are still going to be dozens of apps in the App Store that will ask you for your email address to create an account before you even get a chance to check out the service. In which case, you can still exercise your “Delete” powers as you see fit.
It also doesn’t mean you can’t use Google or Facebook (or another service) to sign up for new accounts. You’ll have options. It’s just the one Apple hopes you’ll take advantage of to protect your privacy.
You’ll be able to use Sign In with Apple on the web, too. Even if you don’t own an iPhone. If you have an Apple ID and you’re offered the option to use Sign In with Apple on the web along with Google and Facebook (or another service), you can use your Apple ID. Tom’s Guide confirmed this with Apple recently.
We’ve also learned that no iOS or macOS device is needed to use Sign In with Apple, so Windows and Android users should be able to use the feature as well provided they have Apple IDs.
Sign In with Apple has great potential to provide us with yet another layer of protection from third-party companies using our information to market to us or allow our data to be stolen. Some day, I hope Sign In with Apple will be on every website and used with every app.
Do you have any questions about Sign In with Apple and how it will work this fall? Put them in the comments and I’ll try to provide as much context as possible.
Source of the article – iMore