Apple Wants to Assure Users Of Its Privacy With ‘Sign-in Feature’

Apple introduced a slew of new software updates at the 2019 WWDC, with new operating system for its Mac computers, new iOS (13) to run on the iPhones, new WatchOS for the Watch, tvOS on the Apple TV and a brand new iPadOS.

The iOS 13, however, was one of the most sought-after upgrades from the Cupertino-based giant. The company announced new features like the Dark Mode and improved privacy, among other things for iOS 13.

As we have seen while signing up for new apps/services, there are options to log in from other sources – like Facebook, Google, etc – something that is used to bypass filing out large forms where one has to give personal details.

However, giving your Facebook/Google sign in directly provides your email address/personal details to the respective third-party. Apple will now let you bypass this, not giving anything to the third-party app/service.

Here’s how Sign in With Apple will work:

• In order to Log on to a new service/application, an option of ‘Sign in With Apple’ will appear along with other third party signups.
• Clicking on Sign in With Apple will activate your Face/Touch ID authentication, bypassing setting up a password, username step
• Authenticating with one’s touch/face ID will allow Apple to generate a dummy or hashed Email ID, to provide to the application/service.
• This dummy ID can be used to create your account on the application/service, not your actual email ID. It will use proxy settings that forwards to the real ones.

According to a TechCrunch report, Apple is going to force developers to add its sign in tool. It’s also mandating use of its new location sharing permissions screen that offers one-time access for developers instead of just permanent snooping.

That means the tech giant will have to convince developers to offer Sign In With Apple as prominently as Facebook and Google’s options…even though privacy could be detrimental to their business.

How Apple Can Use Proxy Emails

Since Apple has not given too many details on how the technology will work, let’s look at a few approaches the company could take in order to prevent sharing your email with others:

1. Tempmail, or Temporary email, is a service used mostly by WiFi owners, forums, websites and blog owners in order to receive or send mails via a temporary address that self-destructs after a certain period of time. Apple can use temp mails for the third-party service in order to maintain user privacy.

2. Email Aliases: Apple has already been using technology that creates email aliases to keep your actual email private. “When you send emails using an alias, your recipients never see your actual email address,” the company says. This approach can also be taken while using Sign in With Apple.

3. Proxy Server: A proxy server is basically a computer on the internet having its own IP address known by your computer. Hence, when you send a web request, your request goes to the proxy server first. The proxy server then makes the web request on your behalf, collects the response from the web server, and forwards you the web page data so you can see the page in your browser.

A proxy server can change your IP address, so the web server doesn’t know exactly where you are in the world. It can encrypt your data, so your data is unreadable in transit. And lastly, a proxy server can block access to certain web pages, based on the IP address.

Given Apple’s vast server network, doing this seems like something the company won’t have a lot of trouble with. In fact, the alias email already in place for Mac is an example of proxy servers itself.

(With inputs from Tech Crunch)