Engadget started their coverage of Apple’s “Sign in with Apple” announcement on Monday this way:
“Apple’s WWDC 2019 was full of announcements, but few of them garnered as big a cheer from the crowd as when Sign in with Apple was introduced. The feature, which lets people use their Apple IDs to sign up for sites and services on the web, is being touted as a privacy-oriented alternative to Login with Facebook and Sign in with Google.”
Engadget went on to quote Craig Federighi, Apple’s Senior VP of Software Engineering, from his WWDC keynote:
“We’ve all seen buttons like this, asking us to use a social account login to get a more personalized experience with an app, and these logins can be used to track you. We wanted to solve this, and many developers do too, and so now we have the solution.”
What is Apple’s solution?
It’s the same centralized social login service as Facebook and Google with two differences:
1) Apple will automatically generate a private email address whenever the user chooses not to share a real email address; and,
2) Apple promises not to track your activities when you are using Login with Apple.
Engadget goes on to interview four security and data privacy experts for their opinions on the announcement. All of them praise Apple for taking another step in the direction of privacy and personal data protection. But all of them also warns that Apple’s solution still puts a commercial company in the middle of all your online relationships. Engadget quoted Ray Walsh, a data privacy expert at ProPrivacy.com, who put it this way:
“Allowing Apple to sign you into a service simply connects the service to Apple rather than Google or Facebook. However, it is still allowing a connection to be made between two services that could lead to data being accessed and shared across those platforms. Thus, it really depends how much you trust Apple over Facebook or Google as to how much better having them sign you in really is.”
It’s better, but…
From our perspective at Evernym, Apple is making a noble effort to solve the wrong problem. Instead of trying to make a centralized login service more privacy-respecting, why not eliminate the “man in the middle” completely? In fact, why not eliminate the conventional notion of login altogether?
By this, we don’t mean abolishing the need for digital authentication altogether—the person accessing an account still needs to prove they are the rightful controller. But we can eliminate forcing individuals to go through the process of “login” in order to provide that proof.
How? By enabling individuals to form direct secure digital relationships and share verifiable credentials peer-to-peer with the party they’re interacting with. This technology, widely known as “decentralized identity,” “self-sovereign identity,” or “SSI,” is one of the fundamental premises behind the new Hyperledger Aries open source project at the Linux Foundation (which builds on the two-year-old Hyperledger Indy project).
The goal of Aries is to standardize how decentralized digital identity wallets and agents interoperate so they can be used as ubiquitously as we use browsers or email clients today. In fact, within a decade we believe these digital wallets and agents will likely be built directly into our browsers and email clients so we won’t even have to think about using them—they will just work automatically.
For the past year, Evernym has used this simple set of diagrams to explain this phase shift. The current federated model using by Facebook, Google—and now Apple—looks like this:
The new model looks like this:
The replacement for “logging into an account” is having a direct, peer-to-peer connection between your digital agent (with access to your digital wallet and your private keys/credentials) and the relying party’s digital agent (with access to their digital wallet and private keys/credentials). You form the connection by doing an initial exchange of unique DIDs (Decentralized Identifiers) that you are able to create yourself in your respective wallets. You don’t need a Google or an Apple or a Facebook to do this for you. First-use trust is then established through the exchange of digital credentials that each party can cryptographically verify are authentic.
From then on, whenever you need to access each other—in either direction—your agents can automatically perform mutual two-way authentication by signing messages with your private keys that the other agent verifies with your public key.
While is sounds technically complex, the actual user experience will be simple and seamless, and importantly it will be consistent. It’ll be like your phone’s address book has been given new privacy superpowers.
What this means is that every digital relationship you have will be unique, private, and secure. There is no need to log in “with” anybody. This is a new type of relationship that has never been possible before and it is set to revolutionize the way that we interact with each other online.
With this architecture, the login process that we have all come to know and love so well (not!) is gone for good. Replaced by more equitable, direct, and entirely private peer-to-peer relationships. Intermediaries performing the job of digital authentication will become as antiquated as footmen for your horse-drawn carriage once the age of the automobile arrived. And our digital lives will become simpler, safer, and far more private as a consequence.
Apple’s move should be lauded as another sign of their strong public stance on privacy. Their solution to centralized federated login systems is objectively an improvement on other more privacy-intrusive implementations. It demonstrates that, finally, privacy is becoming a competitive differentiator.
But there is a much better solution. Privacy shouldn’t be just for those who buy into Apple’s closed ecosystem. Privacy should be for everyone, regardless of who you buy your phone from. New technologies and protocols like Hyperledger Aries and Hyperledger Indy will truly enable Privacy For All—permanently removing the barriers set up by those who seek to keep you locked in.
This new approach spells the end for login, and the start of a new way of doing things that will deliver both reduced friction AND better security, with privacy by default.