HomeNewsCompanySign in With Apple Poses Security Risks

Sign in With Apple Poses Security Risks


We independently research, test, review, and recommend the best products—learn more about our process. If you buy something through our links, we may earn a commission. learn more

Last Updated on 02/07/2019 by TDH Publishing (A)

At WWDC 2019 earlier this month, Apple announced Sign in With Apple, a new privacy-focused login feature that allows macOS Catalina and iOS 13 users to sign into third-party apps and websites using their Apple ID. However, OpenID Foundation this week is questioning some of the decisions Apple made for Sign in With Apple.

The OpenID Foundation is a non-profit organization with members like PayPal, Microsoft, Google, and more. It controls numerous universal sign-in platforms using the OpenID Connect platform. OpenID Connect platform was developed by a large number of companies and industry experts within the OIDF. It is a modern, widely-adopted identity protocol built on OAuth 2.0 that enables third-party login to applications.

The current set of differences between Sign in With Apple and OpenID Connect reduces the places where users can use Sign in With Apple and exposes them to greater privacy and security risks. It also places an unnecessary burden on the developers of both OpenID Connect and Sign in With Apple. By closing the current gaps, Apple would be interoperable with widely available OpenID Connect Relying Party software. 

In order to resolve these issues, OpenID Foundation is calling on the giant company to close the gaps between both Sign in With Apple and OpenID Connect, publicly state that Sign in With Apple is interoperable with OpenID Connect, and join the OpenID Foundation. This has been recorded in a document managed by the OIDF certification team.

Shortly after unveiling Sign in With Apple, the tech giant also told developers that is an application allows users to log in using their Google or Facebook logins, then it must also provide an alternative Sign in With Apple option. The company also got offended when it emerged that its updated Human Interface Guidelines asked app developers to place its authentication feature above other rival third-party sign-in options wherever they appeared. 


Kelley is a tech enthusiast, a programmer, and a football player. She deeply believes that technology has now the capability to shape the future of people if used in the right direction.
- Advertisment -

Must Read

Data Science Drives Personalized Marketing and Customer Engagement to New Heights...

Personalized marketing and customer engagement are crucial for businesses to thrive in the current digital era. Because data science makes it possible for marketers...