There’s another small but notable change coming to the App Store. Apple has revised its App Store guidelines to remove the requirement that apps using third-party log-in options such as Google, Facebook, and Twitter must also use Sign in with Apple.
There is, however, a big asterisk to this change. While developers aren’t technically required to use Sign in with Apple, they are required to offer an “additional login service with certain privacy features.”
Previously, the App Store Guidelines said:
“Apps that use a third-party or social login service (such as Facebook Login, Google Sign-In, Sign in with Twitter, Sign In with LinkedIn, Login with Amazon, or WeChat Login) to set up or authenticate the user’s primary account with the app must also offer Sign in with Apple as an equivalent option. A user’s primary account is the account they establish with your app for the purposes of identifying themselves, signing in, and accessing your features and associated services.”
With this week’s announcements, Apple has revised the App Store Guidelines to say that apps using third-party or social login services “must also offer as an equivalent option another login service” with the following privacy features:
- the login service limits data collection to the user’s name and email address
- the login service allows users to keep their email address private as part of setting up their account
- the login service does not track users as they interact with your app
This change applies to the App Store Guidelines worldwide. Apple also mentioned the changes in its press release published on Thursday.
Like before, Apple has the same four carveouts for when developers don’t have to offer a privacy-focused login option:
- Your app exclusively uses your company’s own account setup and sign-in systems.
- Your app is an education, enterprise, or business app that requires the user to sign in with an existing education or enterprise account.
- Your app uses a government or industry-backed citizen identification system or electronic ID to authenticate users.
- Your app is a client for a specific third-party service and users are required to sign in to their mail, social media, or other third-party account directly to access their content.
Are there sign-in services out there that meet these requirements other than Sign in with Apple? My guess is that Apple has carefully thought through the wording of this guideline to ensure that it basically means developers will still have to use Sign in with Apple, even if the guidelines don’t explicitly say that.
As you may remember, this isn’t the first time there’s been some drama around the App Store Guidelines for Sign in with Apple. When Sign in with Apple debuted in June 2019, Apple initially had strict guidelines on when and how developers were required to offer it as an option. After pushback, Apple softened those guidelines a few months later.
FTC: We use income earning auto affiliate links. More.