Apple Auth

[nelsonic]

Story

As a person who (uses an iPhone and) wants to protect their privacy, I want to be able use Sign in with Apple to authenticate with the @dwyl app So that I can use the app without giving up my email address (but still get email notifications routed via Apple).

Context

One of our key differentiators as an app/company is our focus on privacy. We aren't sending Analytics data to Google/Facebook/etc. and we aren't mining anyone's data to build a "consumer profile" to sell to advertisers. We are treating people's personal data as private and encrypting it wherever we can.

Hypothesis

People who care about personal privacy¹ tend to use Apple iPhone because Apple's business model is high quality hardware and relates services (iCloud, Apps, etc) not harvesting personal data. (_yes, there are plenty of posers who buy iPhones as a status symbol, but let's focus on privacy_)

We expect people who are privacy-focussed to identify strongly with what we are building. And giving them the option to login with their Apple Account will reduce friction to adoption.

Benefits

The benefits of Apple Login accrue to end-users in terms of privacy. People whom we want to help maintain their privacy.

WSJ made an informative video explaining how Apple preserves privacy in their login service: https://youtu.be/pmfjt2PPuVA

Disadvantages

• Quite recently announced (June 2019) so uncertain market demand.
• Strong vendor lock-in tied to the Apple ecosystem.
• A commercial disadvantage is that Apple ID/iCloud is not typically used by teams of people, it's more of an individual/personal account. By contrast many companies/organisations use Google.
• From (briefly) reading the docs it doesn't look simple to implement ... 🙄

Todo

• [ ] Determine how many people using the MVP are using iOS devices.
• [ ] Collect feedback from people using iOS devices on how much they want to use Apple Auth.
• [ ] investigate how to implement "Sign in with Apple" for a web application. https://developer.apple.com/sign-in-with-apple/get-started

---

¹ On the subject of "Which is the most private phone?" available, Some people say the BlackBerry Key2 has even better privacy controls than Apple. see: https://smartphones.gadgethacks.com/how-to/5-best-phones-for-privacy-security-0176106 But BB has only 0.04% market share in 2019 ... Down from 33% percent in December 2011 📉 😮 So it's not really worth spending too much time discussing BB, except as a lesson in strategic failure. 🙄 Also, BB Key2 is powered by Android which means by default it still sends lots of data to Google!

[nelsonic]

A recent HN thread: https://news.ycombinator.com/item?id=22171862 Indicates that "Sign in with Apple" is already pretty popular for the apps that implemented it. I still think we need to actually ship our App before investing any time in supporting it. But it's certainly an interesting sign. People want privacy!

[nelsonic]

Why AnyList Won’t Be Supporting Sign In with Apple: https://blog.anylist.com/2020/06/sign-in-with-apple HN: https://news.ycombinator.com/item?id=23681982

I've not heard of AnyList ... https://www.anylist.com But this blog post made me check out their site:

This is the power of Organic SEO. 💭