Privacy on the internet has been a hot topic over the past few years. From the EU's 2018 GDPR policies to countless data breaches occurring in apps that customers use every day. All of these changes have made users more mindful of their privacy than ever before.
During Apple's WWDC announcement back in June, 2019 - a brand new service was announced that would be rolling out in the Fall: Sign in with Apple. This new sign in service boasts password-less access for the apps that you use everyday and never having to worry about your data being auctioned off to the highest bidder. These perks sound great, but they have left app developers annoyed: do you REALLY need to support yet another identity provider?
The short answer: Yes.
What Apple has introduced is the first cross-platform and cross-device sign-in service that truly takes advantage of already existing hardware to make the experience smooth, and it's that level of quality that users will begin to expect as it becomes adopted over the apps they use often.
What makes Sign In with Apple great?
When a user signs up or signs in to your app or website on their Apple device, the flow is entirely handled by the device UI. If they're signing back in, all they need to do is use either Touch ID or Face ID. If they're new, the device already knows pretty much everything about them.
Sign in with Apple has one killer feature that none other offers: email address privacy. If the user chooses, their email address is never shown to the app that the account is being created for. Instead, Apple will create a forwarding email that will be shared with only that app.
This means that if the user ever chooses to remove the app, all they need to do is disable that forwarding address, and all the communications will stop.
People reuse passwords constantly, making them vulnerable to data breaches, identity theft, and many other attacks that plague the internet today. By centralizing all accounts under a single identity provider, you're eliminating the ability for attackers to gain access to your accounts just because the one site you used 10 years ago just had their data shared with the entire internet.
So, why do I need to add it to my app?
Users will expect it.
The ease of use and privacy features will mean that as users start seeing apps include this new feature, it'll become a question as to why you wouldn't. You'd be forcing your users to trudge through a slow, clunky sign up flow and share their direct personal email address with you, a brand new app that they don't yet trust.
Apple will require it.
Starting March 3rd, any app that includes support for "Sign in with..." for other apps, must include support for Sign in with Apple. There are a few exemptions to this rule. If your app...
- Exclusively uses your own company's sign up or sign-in systems
- Is an enterprise, education, or business app that requires users to use an existing enterprise/education account
- Uses a government or industry-backed citizen identification system to authenticate users
- is a client for another service (like an email app, Twitter app, etc.)
... then you will not be required to support Sign in with Apple. These guidelines may change, so make sure you stay in the loop here.
The Final Takeaway?
Unless you have a very specific app that's focused on one of the categories above, or you do not plan on distributing updates for your app on or after March 3rd, you'll need to support Apple's new sign in service.
If you need help supporting this new feature, please get in touch. Whether you need to add support for it to your iOS app or your website, we can find the solution that works best for you.