When it comes to security, we often think first and foremost about protecting our data: encrypting them to ensure no one else can access them. But as important as it is the concept of authentication: to prove that we are who we say we are.
Apple has made great strides in authentication in recent years. Biometric measures such as Touch ID and Face ID help make it easier for users to identify themselves and ensure that only they can access their private data.
In Apple's use, this authentication has generally turned inward: users control access to their own files and data, and the system checks to see if we are the person to allow it. But from iOS 1
Hi, my name is
We have all experienced using iMessage or SMS and not knowing who is at the other end (or as the kids say, "New phone, who's that?"). Whether it is because it is a wrong number or someone we have met but have not yet entered our contacts, it can be frustrating to just have a string of numbers that identify. Apple has been trying to curb this in recent years, using information from your email or other apps to try to guess who's calling or texting you. For example, if you e-mailed to someone and their number is in the signature, iOS may cross the reference to that information and tell you what it finds.
iOS 13 will take this further by allowing iMessage users to voluntarily share the names and a photo of their choice with contacts, even though they have never been in contact before. (Users get control over whether everyone can see this automatically, just the existing contacts, or if they're asked every time.) This makes iMessage something a little closer to a social network, but – more to the point – it also potentially provides an identification degree by associating a name with an iMessage account.
From what we can see about this system so far, it does not go far enough to be considered authentication, since users can enter their own name and image. It is currently unclear how or if this feature will prevent anyone from forgiving another person. But it's a step closer to providing a framework where users don't have to guess who is contacting them.
You sign in, Apple logs out
Similarly, Apple's new Login with Apple system, which is launching this fall, is also trying to provide a degree of authentication and identification with external services. Since Face ID and Touch ID are keyed in, the login can authenticate you and then send the authentication information to the site or app in question. While it may not seem very different from our current situation, the major change here is that Apple can do all this without sharing that information with the service in question.
Part of Sign in with Apple is Apple's ability to protect your personal information, such as your email address; As previously discussed, the system will even generate a random email address pointing back to your own account. Apple essentially mediates the authentication process, which puts the company in the interesting position of being the arbitrator for who claims to be who.
This isn't exactly a new role for Apple, either: Apple Pay is built on a similar idea, with Apple revealing your real credit card number to prevent fraud. Payment providers and banks have agreed to rely on Apple's judgment as an intermediary.
Nice to meet you
In rare cases Apple is able to take this even further. The company has already implemented a network of authentication, with systems in place to help individuals prove themselves to be who they claim to be, including knowledge factors (passwords and PINs), ownership factors (devices such as an iPhone or Apple Watch ), and heredity factors (biometric data), which together can make quite a definite call on the user's identity.
But if Apple pointed these systems outward, it could help provide more certainty that humans users are coping with what they say they are too. Consider whether such a system can be used to confirm that you are exchanging email with the right person (and even encrypt these messages seamlessly). Or if you can easily exchange, say, a password-protected note or file that could only be opened by the intended participant, without the users having to deal with the cumbersome process of exchanging a password.
Admittedly, authentication systems already exist, but they are largely technical and unfriendly, which means they are not the kind of thing used by the people who no doubt need them most. Apple has already taken steps in the right direction with things like end-to-end encryption in iMessage, but authentication is something that is often overlooked. Apple's combination of hardware, software and services positions the company adroit to provide simple and seamless authentication to customers. And in the long run, it makes it possible to make authentication accessible to everyone on one platform for everyone on that platform.