Apple has introduced its own authentication service, Sign in with Apple.
This comes as no surprise as its main competitors have dominated the market with Google, Facebook, and Twitter "sign-in" solutions.
While it's always a great thing to have an alternative method of user authentication, the tech giant will require most iOS apps to offer Sign in with Apple. So if you run an iPhone app, read this article to learn whether you need to include it before the deadline which comes in April 2020.
Advantages and disadvantages of Sign in with Apple
The service was announced on June 3rd at the keynote event of the 2019 Worldwide Developers Conference. Sign in with Apple is a new secure authentication method that allows users to create an account for apps and websites using their Apple ID, so they don't have to disclose any personal information to the app’s owner. Apple's service works similarly to Google or Facebook’s authentication services.
Source: Apple for Developers
Why did Apple release its own "sign-in"? The company wants it to be easier to use and offer better protection of private data with features such as Hide my Email.
When you implement Sign in with Apple, your app users won't have to waste time filling out forms, verifying email addresses, or choosing and remembering new passwords. The only data you're going to collect and store is the username and email address.
Apple regards high data protection standards as its competitive advantage over Google and Facebook, with more control and security as the main benefit of using Apple's authentication solution. Not only can users edit their name before sharing it with app owners, but they can also use the Hide My Email feature. It allows app users to hide their email and Sign in with Apple with a unique random email address generated by the service.
Enabling Sign in with Apple is a good opportunity to refresh and optimize the user flow. You can offer users the option to sign in and create an account after checking out some basic features of your app. A good practice is to introduce it when the user wants to save progress or set up a profile.
Do you need to implement Sign in with Apple?
Not every iOS app owner needs to implement Sign in with Apple. You have to do it if your app uses a third-party or social login service. There's a long list of such services, including Facebook Login, Google Sign-In, Login with Amazon, WeChat Login, Sign in with Twitter, and Sign in with LinkedIn.
If you are using any of these, you will need to include a Sign in with Apple option by April 2020.
You don't have to implement Sign in with Apple if your app:
- Uses your own account setup and sign-in systems.
- Requires the user to sign in with an existing education, business, or enterprise account.
- Authenticates users with a government-backed or industry-backed citizen identification system or electronic ID.
- Is a client for a third-party service which requires the user to use their email, social media, or a third-party account directly to access their content.
How to enable Sign in with Apple
The App Store compliance rules are simple:
- New applications uploaded to the App Store must follow the guidelines to be accepted by reviewers.
- Existing applications and updates must follow the guidelines by April 2020
Enabling Sign in with Apple is easy. You don't have to deal with email verification as all users that register with the service are already verified. It works across all Apple devices – iPhone, iPad, iPod touch, Mac, Apple TV, and Apple Watch. Webpages and Android applications can use Sign in with Apple JS.
Apple checks if the person is real (only for iOS devices) by combining on-device machine learning, account history, and hardware attestation using privacy-preserving mechanisms.
All you need to do is follow the instructions by Apple. First of all, you need an Apple Developer Program; only then will you receive users' data, as neither the free or enterprise versions allow Sign in with Apple.
- First, read the official guidelines and make sure your development team has read them.
- Second, register your domains to send messages to users with the Hide My Email option on.
- Third, add a Capability in Certificates. Go to Identifiers & Profiles -> Identifiers -> <Your Application>.
Do I need to make a lot of changes to enable Sign in with Apple?
It depends on your application, but usually an iOS developer only needs to add a button and handle the user authentication process on both sides – app and backend.
For custom implementation inside the app, ask your developers to use the official documentation.
If you are still stressed about the upcoming deadline, let us know. At Netguru, we have experienced iOS developers who will help you with implementation and take this problem off your hands.