If you're tired of relying on Facebook or Google to sign into sites and apps (and connecting those apps to your social media) Apple has an alternative. During its iOS 13 preview at its June developer conference, Apple unveiled its own single sign-on (SSO) service, dubbed prosaically "Sign In with Apple," to compete with those other services — with the promise that it won't use that information to sell ads or track you.
And now that iOS 13 is here — you can download it today — we'll get to see if Apple can deliver on that promise.
Ever use Facebook or Google to sign into a non-Google or Facebook website? It's certainly convenient, and it reduces your data's exposure if any of those third-party sites get compromised in a data breach. But it also gives Facebook and Google greater insight into your online activities, which those companies then use to sell ads.
Even better, Apple's SSO solution gives you the option of signing up for third-party sites and apps using a unique, disposable email address that automatically forwards to your iCloud email address. Services and apps with which you use this feature won't know your real email address.
"Users are mostly lazy, so they use the Google and Facebook log in 'cause it is convenient," Carolina Milanesi of Creative Strategies told Tom's Guide back when Apple first announced this feature. "Giving them an option to log in and keep their data private will appeal [to] users."
How to use Sign In with Apple
First of all, you'll need to find a site that supports Sign In with Apple, which might be tough considering that it's in its early, nascent days. (A handful of apps support the feature at launch, though more are expected now that iOS 13 is out.) When you visit a site or download an app that supports Sign In with Apple, such as the travel deal-finding Kayak or the recipe app Kitchen Stories, you'll see a big button that simply says Sign In with Apple.
Then, select a login option. Since you're probably looking to protect your privacy, I suggest you tap "Hide My Email."
On some apps, once you're signed in, you can see your privacy by looking where it lists your email address. Here's the gibberish-filled email address provided by Sign In with Apple.
How Sign In with Apple works
Using the example Apple software-engineering head Craig Federighi presented at WWDC 2019, when Sign In with Apple was unveiled, a user named "Kim Kilgo" — there are at least three Americans on LinkedIn with this name — could sign up for an account with the guitar-training app Fretello using Sign In with Apple.
The fictional Kim could choose to use her real iCloud email address for this by choosing to "Share My Email" in the Sign In with Apple interface. (We really hope the email address that Federeghi displayed onscreen doesn't belong to any of the real Kim Kilgos.)
But Kim could also choose the "Hide My Email" option, in which case Fretello would receive "firstname.lastname@example.org" as her email address, and the guitar-training service would be none the wiser about her actual identity. (Tech-savvy users will recognize that string of gibberish as an 40-bit number rendered in hexadecimal notation.)
If Kim decides to delete her Fretello account, Apple will stop forwarding emails sent to email@example.com to her iCloud address.
How many similar services exist?
Signing up for online accounts using bogus or throwaway email addresses has been possible for a long time. Services such as Mailinator, Guerrilla Mail or E4ward provide this for free or for a small yearly fee.
You can also do this using Gmail by appending text beginning with "+" to your regular Gmail address. For example, if you're John Smith and you're signing up for Dropbox, emails sent to "firstname.lastname@example.org" will go to email@example.com. But that's not exactly anonymous.
You can also set up completely random email address using Gmail or Yahoo Mail, setting each new account to forward to another email address, but you've got to at least nominally manage those email addresses.
For the most part, these services only work through web browsers. Apple's new system is the easiest, most convenient way that we've seen to set up disposable email address when dealing directly with smartphone apps.
Apple told us in part that "customers can simply use their Apple ID to authenticate and Apple will protect users' privacy by providing developers with a unique random ID."
"Sign In with Apple makes it easy for users to authenticate with Face ID or Touch ID" instead of a password, the statement said, "and has two-factor authentication built in for an added layer of security."
We've also learned that no iOS or macOS device is needed to use Sign In with Apple, so Windows and Android users should be able to use the feature as well provided they have Apple IDs.
What's the holdup with Sign In with Apple?
If you're wondering why you don't see Sign In with Apple on your favorite service, there's a good reason: app developers need to add it themselves. Also, they don't have to do it any time soon. While Sign In with apple is a required feature for new apps (per an update to Apple's App Store Review Guidelines), developers of existing apps have until April 2020 to add the feature.
In other words, by next summer, if an app lets you sign in using Facebook, Google or a lesser-known SSO service, it will need to offer Sign In with Apple as well.
We assume this is limited to iOS apps, but are checking with Apple to make sure that this does not cover Mac software as well.