If your app is using third party sign-in services, and Sign in with Apple is not included, your app might not pass the App Store review after June.
Here’s a summary of what is happening:
- Sign in with Apple deadline for old applications moved to June 30, 2020.
- New applications already need to have the feature implemented if the requirements listed below are met.
- You only need to implement Sign in with Apple if your application uses a third-party or social login service (such as Facebook Login, Google Sign-In, Sign in with Twitter, Sign In with LinkedIn, Login with Amazon, or WeChat Login). More info in Apple Review Guideline Docs.
In June 2019, I wrote about Apple releasing their own version of set-up- and sign-in services in my blog post about last year’s WWDC. At the time the deadline was set to be at the beginning of May 2020. Now Apple is moving multiple of their deadlines forward to June 30, 2020 to ease the load of developers, as stated by this release from Apple.
In my opinion, the biggest one of the items listed is the Sign in with Apple deadline. Some developers can have a short sigh of relief as the previous time limit at the beginning of May no longer applies. This means two more months to work the changes into the applications. For all new applications submitted to the App Store, the Sign in with Apple feature is already mandatory when the prerequisites are met.
Sign in with Apple is Apple’s way of battling against the growing number of third party login services taking advantage of vulnerable users giving away their data for free. Now Apple is providing their own way for users to sign in to services without giving away any excess user information. Nonetheless, this is not without some controversy as Apple is using their position as a leading tech company to force their own login option into millions of applications. Please note that Apple states that they do not collect any user information from their own login service. Be that as it may, with Apple’s track record of securing user data, I see the Sign in with Apple as the lesser evil compared to other services.
Third Party vs. In-House Implementation
When pondering the pros and cons of third party login services versus creating your own in-house implementation, we need to consider two sides – the users and the service provider.
For users, it can be annoying to create a new account for each service they want to use. To help with this we have third party log-in services that allow users to login to multiple sites with a single account (for simplicity’s sake I’ll use Google’s service as an example). The user simply clicks a `Sign in with Google` button and is automatically taken into the application. No additional information is required as everything the service needs is provided by Google’s Account data that the user authorises to be used when using Google Sign-In.
On the other hand, the user is now also giving Google the information that he is using the service and possibly other additional data. The user might also be giving the service more data about himself/herself than would actually be needed. So the service is easy to use, but the user pays the price by giving more information than is required to the provider. Please note that with responsible service providers, users should not be worried about this, but it is also up to the user to determine which provider is acting responsibly with their data. As of now, there is no easy way to find out how your data is handled. By the way, excess data exchange in login services is something Apple is trying to minimize with their own Sign in with Apple service.
For the service provider, it can be easier to just use the third party service to handle user logins. Creating your own implementation for registering and logging in users can be time consuming and also brings other obligations and challenges. So, I can see why so many are using the third party option – it saves time and money. Yet with great power comes great responsibility to request only the user data that you actually need.
For more information, see Apple’s documentation for implementing Sign in with Apple.