The OpenID Foundation has criticized Apple’s new Sign In With Apple feature.
Announced at this year’s WWDC 2019 last month, Apple confirmed that Sign In With Apple would serve as an alternative to login features offered by Google and Facebook, which offer users convenience but give those technology firms the ability to track users across the web.
The feature has been widely praised amongst technology fans and security specialists as an alternative to single sign-in features, as it allows users to authenticate their login via Touch ID or Face ID, but the implementation of the new technology has been questioned by some.
The OpenID Foundation (OIDF) is a non-profit organization with members including Google, Microsoft, and PayPal.
Speaking in an open letter to the company, OIDF praised Apple’s protocols but raised concerns that the feature could put users’ security at risk.
“Users’ security is at risk”
“The current set of differences between OpenID Connect and Sign In with Apple reduces the places where users can use Sign In with Apple and exposes them to greater security and privacy risks,” the organization said in its open letter.
“It also places an unnecessary burden on developers of both OpenID Connect and Sign In with Apple. By closing the current gaps, Apple would be interoperable with widely-available OpenID Connect Relying Party software.”
To overcome the challenges, the foundation suggested that Apple should “address the differences” between Sign In with Apple and OpenID Connect.
The OIDF certification team has already recorded those differences and presented them in a BitBucket file.
OpenID also invited Apple to use its suite of certification tests to improve the relationship and interoperability of the platforms and become a member of the OpenID Foundation.
After Apple had unveiled Sign In With Apple, the company confirmed that developers that allow users to log in via Facebook and Google, they must also provide an option to sign in with their Apple ID.
The company’s Human Interface Guidelines also now asks developers to place Sign In With Apple above other third-party sign-in options.
What are your thoughts on this story? Should Apple listen to the OpenID Foundation, or is the non-profit simply dragging its heels now a new, more secure system is being introduced to counteract Google and Facebook’s options? Let us know on Twitter using @AppleMagazine, and check back soon for more news and rumors on Apple, when we get them.
