Google reacts to “Sign in with Apple”

Written by

If you haven’t already, take a few minutes to read Sarah Perez’s excellent Answers to your burning questions about “Sign in with Apple”.

Once you’ve got your head wrapped around that, follow the headline link for The Verge’s interview with Google product management director Mark Risher. A few highlights:

Apple shook up the world of logins last week, offering a new single sign-on (or SSO) tool aimed at collecting and sharing as little data as possible. It was a deliberate shot at Facebook and Google, which currently operate the two major SSO services.

Not so sure it was a shot at anyone, but more of a safer, privacy respecting solutions for Apple users.

Once you start federating accounts, it means that maybe you still have a few passwords, but some new service you’re just trying out doesn’t need a 750-person engineering team dedicated to security. It doesn’t need to build its own password database, and then deal with all the liability and all the risk that comes with that.

This comment gets to the heart of the value of “Sign in with Apple” (SiwA). One of the benefits of SiwA is that it lets app developers ride on Apple’s safer, more secure coattails. And saves them from having to reinvent the wheel.

I will take the blame that we have not really articulated what happens when you press that “sign in with Google” button. A lot of people don’t understand, and some competitors have dragged it in the wrong direction. Maybe you click that button that it notifies all your friends that you’ve just signed into some embarrassing site.

With SiwA, you can bank on Apple respecting your privacy. Same thing with Apple Pay. Apple breaks the direct link between your identity-tied information and the validation process. And that’s a good thing.

I honestly do think this technology will be better for the internet and will make people much, much safer. Even if they’re clicking our competitors button when they’re logging into sites, that’s still way better than typing in a bespoke username and password, or more commonly, a recycled username and password.

Yup. Good read.