How Apple’s "Sign In With Apple” button exposes users to more security risks
(27)
Apple announced the availability of "Sign
In with Apple" button at WDDC 2019,
which feature presents new option of
accessing applications now that
everyone is more concerned about
privacy; but the safety of the sign-in
button is currently being questioned by
the OpenID Foundation.
According to the OpenID Foundation,
there isn't much difference between
Apple’s implementation of the “Sign In
With Apple” and OpenID Connect
protocol, with the former
implementation taking some clue from
the latter, though it isn't completely
aligned.
The major differences between OpenID
Connect and Sign In with Apple reduces
only in places where users can use Sign
In with Apple, and it exposes them to
greater security and privacy risks, with
unnecessary burdens saddled on
developers of both the OpenID Connect
and Sign In with Apple.
Apple will be required to adopt the
OpenID Connect Relying Party software,
the identity protocol built on OAuth 2.0
to become interoperable in order to
close the current gaps, and enable third-
party login to applications in a standard
way.
The OpenID Foundation, however
applauds Apple’s efforts in allowing
users to login to third-party applications
with the Apple ID, and calls on the
company to implement the OpenID
Connect Self Certification Test Suite to
improve the interoperability and security
of Sign In with Apple.
Apple Sig-in button is coming on the
heels of the single sign-on (SSO) buttons
of Google and Facebook, which are
other options available for web users in
accessing third-party web and mobile
applications.

(07-11-2019, 06:08 PM )
Quote


Possibly Related Threads…
Thread
GitHub Sponsors: All About The New ‘Sponsor Me‘ button to receive funding
WhatsApp introduces more blocks, users could get new phones
Facebook leaked Apple user data in exchange for cover