Passwords are the worst. Tech companies large and small have been trying to kill them off for years, even as an entire industry has sprung up to meet the challenge of storing and managing all of those keys to our digital lives. Nevertheless, passwords persist. Single sign-on (SSO) services have emerged as a potent tool that helps consumers both manage access to online services while also providing greater security and control of that access.
However, there's often a privacy trade-off, as the most popular consumer SSO services are offered by Facebook (FB +0.83%) and Alphabet (GOOG 0.51%) (GOOGL 0.31%) subsidiary Google. Apple (AAPL 1.14%) wants to address that trade-off, offering the security and convenience without the privacy costs with its new Sign In with Apple feature (which is clearly a shot at Facebook and Google, even if CEO Tim Cook won't admit it). It turns out Google is welcoming the competition.
Image source: Apple.
In an interview with The Verge, Google product management director Mark Risher -- who leads Google's identity, security, and SSO services -- laid out why the search giant sees Apple's SSO entry as a good thing, even if it incrementally hurts the amount of data that Google can scoop up. Here are three key takeaways from the sit-down.
Google doesn't use SSO data for ad targeting
A natural expectation is that Facebook and Google collect as much data as possible and then proceed to monetize that data through ad targeting. However, Risher says that isn't accurate as it relates to Google's SSO service, even as he acknowledges why that perception is there in the first place. Apple's emphasis on privacy has only exacerbated those concerns.
"We only log the moment of authentication," Risher told the outlet. He said:
It's not used for any sort of retargeting. It's not used for any sort of advertising. It's not distributed anywhere.
Google isn't responsible for Facebook's privacy sins
Due to the fact that both companies rely on advertising driven by data collection, Facebook and Google oftentimes get lumped together in the broader privacy debate. As a result, Facebook's privacy transgressions sometimes get applied unfairly to Google.
Image source: Apple.
"We have a competitor who was collecting phone numbers as a security challenge, but then allegedly also using them to build up a graph for advertising retargeting," Risher said. "That's bad for the whole ecosystem because it makes people not trust us."
Risher appears to be referring to a blockbuster Gizmodo report from last year. Researchers discovered that when users would provide the social network with a phone number that was supposed to be used explicitly for two-factor authentication, Facebook would in fact turn around and immediately (i.e., within hours) use that phone number for ad targeting. Facebook had maintained that it would never use such contact information for advertising purposes.
Fewer passwords overall are "better for the internet"
Ultimately, if Apple's SSO offering can reduce the total number of passwords that are out there, Risher considers that a good thing. In many ways, an alphanumeric string of letters, numbers, and symbols is an anachronism in an age when consumers have access to biometric security protocols like Apple's Face ID and Touch ID, particularly when you factor in flawed human tendencies like laziness. Risher said, "We think that it's much more important to reduce the total number of passwords out there."
"I honestly do think this technology will be better for the internet and will make people much, much safer," Risher added. "Even if they're clicking our competitor's button when they're logging into sites, that's still way better than typing in a bespoke username and password, or more commonly, a recycled username and password."
