- Apple’s upcoming OS version will use automatic verification to prove you’re not a robot.
- Like Apple’s new password-free login, it uses public key cryptography.
- This works because we always carry our phones with us.
iOS 16 Can prove to the website You are a person, not spam or anything like that. This means that iOS and Mac users have far fewer verification codes.
Apple’s next-generation Mac, iPhone and iPad operating system will include automatic verification, which generates a private token that is shared with the website to verify that you are human. It uses a similar technology to the equally amazing passwordless login in this fall’s OS update, and also builds on the standards that could make it to Google’s Chrome browser.
“Apple – via iCloud – will automatically and invisibly verify your device and Apple ID account, without requiring apps and websites to display CAPTCHA verification prompts,” Software Engineer Abdul Sabur Tell Lifewire via email.
Captcha is a very annoying aspect of the web, and some sites are especially bad. It makes sense that you have to identify a bunch of fire hydrants, crosswalks, or bridges when you first sign up for an account, but some sites force you to complete a captcha every time you log in, and to make matters worse, these always seem to be automatic after a day or so. The website you are logged out from.
But it doesn’t have to be like this. Apple has worked with Google, Cloudflare and CDN providers quickly to Create a private access token† This is a very clever system and it boils down to Apple verifying that you are human because you are using an iPhone.
Because the iPhone doesn’t really function unless you’re logged into your iCloud account, which means you can bet a pretty good bet that you’re you and not a robot. Apple provides a private access token for the website you register with, but does not provide any personal data.
Apple (via iCloud) will automatically and invisibly verify your device and Apple ID account.
The web is full of annoyances we’ve just gotten used to, but would be laughed at if someone invented the internet today and put them on a spec sheet. Passwords are one of the biggest examples.
Just imagine. We should create and remember a complex, long and unique string of letters, numbers and punctuation marks for each of the hundreds of websites we interact with. Doing anything incorrectly can have dire consequences. Even with a password manager app, it’s still a lot of subtle hectic work.
This is exactly what computers are supposed to do. Like being told, yes you can have a spreadsheet, but you have to add up all the numbers yourself.
These new private access tokens work similarly to iCloud Passkey, another big Apple move in iOS 16 and macOS Ventura.This uses a method called public key cryptography, which includes a private key kept on the device and a public key that can be shared with anyone. Both keys can lock data, but only the private key can unlock it. So your device and the fact that you own it is used in place of a password.
In this new automatic validation, a similar framework is used. But what other network annoyances does this solve?
“Apple wants its entire ecosystem to be the safest in the world. They’ve done a great job in this space,” tech writer Sayandutta Tell Lifewire via email. †[Next they] May eliminate cookie popups, unnecessary idle timeouts, right-click hijacking, and bring upgraded smart tracking protection to Safari. ”
What about email? There are two main problems with email. One is that it’s completely unencrypted, just plain, readable text circulating on the web. Another is that you don’t really know who sent it. Signed and encrypted emails are entirely possible, have been around for years, and use the exact same public key cryptography. There are just so many email providers out there and no one has been able to integrate them all into the whole email.
Apple wants its entire ecosystem to be the safest in the world. They are doing well in this area.
If Apple and Google take this seriously and partner with a big email provider like Fastmail, email could be fixed in no time.
One of the points of these new features is that they are based on having personal devices that are always safe with us, and that enough of us carry them. This is the key to your security and authentication. Another part is that big companies like Apple, Google, and Microsoft work together to create standards that make it easier for third parties to join.
With these egalitarian, open-minded attitudes, there is nothing we can’t fix.
Thanks for letting us know!
Tell us why!
not detailed enough
difficult to understand