Wired
iOS16 includes a new auto-authentication feature that lets you avoid CAPTCHA prompts by automatically and privately authenticating a user’s device and Apple ID account via iCloud. With the announcement from Cloudflare this time, it became clear that the feature is expected to become even more popular.
Auto-authentication turned on by default
Automatic CAPTCHA authentication is limited to websites and apps that support private access tokens, but Cloudflare announced on September 28th local time that any website that wants to eliminate CAPTCHAs will be able to use Turnstile, even if they are not Cloudflare customers. We have announced that we will provide the API for free, and it is expected that the adoption of this function will progress greatly.
Cloudflare explains:
Private access tokens are built directly into Turnstile. Turnstile requires unchallenged inspection of some session data (headers, user agents, browser characteristics, etc.) to authenticate the user, whereas private access tokens ask Apple to authenticate the device. Data collection can be minimized. Furthermore, Turnstile does not look for cookies (such as login cookies) or use cookies to collect or store information of any kind. Cloudflare has a long history of investing in user privacy and plans to continue that with Turnstile.
Turnstile is available in beta via the Cloudflare dashboard or application form. It is speculated that annoying CAPTCHAs on websites and apps will decrease over time as websites start adopting Turnstile.
Automatic authentication is turned on by default in iOS16, and the function is expected to be supported by macOS Ventura as well.
Source: MacRumors
Photo: Apple
(lexi)
Source: iPhone Mania