Apple’s high-profile assault on third-party tracking continues.
Starting with iOS 13 in the fall, users will be able to log in to apps and services using Apple Face ID without sharing other personal information.
The new “Sign in with Apple” button, an unconcealed jab at Google and Facebook, is a way to sign in “without all the tracking,” said Craig Federighi, Apple’s SVP of software engineering, speaking at the company’s Worldwide Developer Conference in San Jose on Monday,
A social account login can be convenient and provide a more personalized in-app experience, Federighi said, “but it can also come at the cost of your privacy.”
After authenticating with Face ID, users are logged in with a brand-new account. People can still share their name and email address with an app if they want to, but they’ll now also have the option to hide that information.
In that case, Apple will automatically generate a unique email address – a string of arbitrary numbers and letters – that forwards to the person’s real email address. A different hashed address will be created for each app, which makes tying email to device ID borderline impossible and pointless.
“This entire experience is meant to help you have control over your data,” Federighi said.
While that may be the case, Apple still makes boatloads of money through its App Store, home to tens of thousands of apps crammed with third-party trackers.
But that hasn’t stopped Apple from banging the drum on privacy ever louder over the last year, from calling for federal privacy regulations in the United States and marketing its products as privacy safe – “What happens on your iPhone, stays on your iPhone” – to multiple iterations of Intelligent Tracking Prevention in Safari.
And so, Apple continues its clampdown. In addition to the new sign-in functionality, iOS 13 will include more granular control over location tracking.
“Sharing your location with a third-party app can really enable some useful experiences,” Federighi said, “but we don’t expect to have that privilege used to track us.”
Users will be able to share their location with an app once and then require the app to ask each time it wants subsequent access. If someone does grant an app permission for continual tracking in the background, Apple provides reports to the user that show what that app is doing with the data.
Apple will also scramble any efforts than an app makes to use fingerprinting-like tactics to track location, like scanning Wi-Fi and Bluetooth signals, to deduce where someone is.
“We’re shutting the door on that abuse as well,” Federighi said.