Of all the things Apple announced yesterday, the most interesting one was a small feature they casually dropped - an Apple-branded SSO or their own version of a ‘social login’. While it seems similar to the Facebook or Google login buttons you see on many sites, this third-party login doesn’t share your email address with the service providers you use it to register with and goes so far as to generate and maintain separate unique alias email addresses.
The service providers get access to the relevant information they need to provide you with whatever service they offer but it’s up to you to share your name or email address. At face value, this is almost too good to be true because it shifts the locus of control to the user. In true Apple fashion, they’ve made this mandatory for developers that use third-party logins.
I’m cautiously optimistic and excited about Apple’s pivot to a privacy-conscious organisation but as with all these things, the detail is in the fine print.