OpenID Foundation, the organization behind the universal sign-in platform called OpenID Connect, has released a public letter to Apple, calling for the company to make a series of changes to its Sign In with Apple system.
The reason, the group says, is that the current platform “exposes users to greater security and privacy risks” and, at the same time, reduces the number of places where this feature can be used.
Sign In with Apple was announced at WWDC
OpenID Foundation is a group backed by several industry giants, including Google and Microsoft. Apple isn’t yet a member of the non-profit organization, but in the letter, the Cupertino-based tech firm is invited to join the effort and work together with the other companies on improving the universal sign-in platform.
“The current set of differences between OpenID Connect and Sign In with Apple reduces the places where users can use Sign In with Apple and exposes them to greater security and privacy risks. It also places an unnecessary burden on developers of both OpenID Connect and Sign In with Apple. By closing the current gaps, Apple would be interoperable with widely-available OpenID Connect Relying Party software,” the letter reads.
The foundation says Apple should address the gaps between the two systems using the feedback, adopt the OpenID Connect Self Certification Test Suite to improve the interoperability and security of its feature, join the foundation, and announce publicly that the two systems are fully compatible.
The group has also published a list of differences between OpenID Connect and Sign with Apple, and the company is recommended to address these in order to improve interoperability.
Apple hasn’t offered a response to OpenID Foundation’s letter, but given the message includes a warning of privacy and security risks, the firm should at least discuss the mentioned issues.