Back in 2016, Apple introduced the ability to unlock your Mac with your Apple Watch — a very cool and useful trick to allow Apple Watch users to keep their computer more easily secured while away from it while still being able to return to work quickly and effortlessly. While proximity based security is far from a new thing — some of us have been hacking around with it for years, and there were great solutions like MacID even before Apple baked the feature directly into watchOS and macOS. However, in typical Apple fashion, the company’s own implementation brought it into the mainstream and made it far simpler and accessible to everyone.
Now it looks like Apple is preparing to take using the Apple Watch as an authentication method to next level. According to 9to5Mac’s Guilherme Rambo, who has been on fire lately with fairly accurate iOS and watchOS feature predictions, Apple is considering allowing users to “authenticate other operations” beyond simply unlocking the Mac. While it’s unclear exactly how far this could go, Rambo speculates that there’s really no reason that it couldn’t extend to everything that users can currently use Touch ID for on newer MacBook models.
One of the main benefits to the Apple Watch is that it’s able to use a security model that’s based simply on the user physically wearing it. Unlike an iPhone or Mac, which requires Face ID, Touch ID, or a passcode for secure actions (such as making payments with Apple Pay), the Apple Watch “Wrist Detection” feature allows these transactions to occur much more transparently. Apple Watch users unlock their watch with a PIN or a paired iPhone when they first put it on, and it remains unlocked as long as it’s not removed from the wrist.
While some secure actions require user-initiation simply to prevent them from being triggered accidentally — an Apple Pay card has to be brought up by double-tapping the side button, for instance — there’s no further authentication required as long as the user hasn’t removed the watch. In fact, Wrist Detection is such a key feature that Apple doesn’t allow Apple Pay or Mac unlocking to be used without enabling it first; if you turn Wrist Detection off, you can’t revert to another authentication method, you just can’t use those features at all.
In addition to unlocking a MacBook from the screensaver, the Apple Watch can also be used to authenticate Apple Pay transactions for users who don’t have a Touch ID equipped MacBook. However, it’s easy to see how Apple could expand this capability to other actions, such as logging into a Mac in the first place, autofilling usernames and passwords from the iCloud Keychain, and even authenticating third-party apps like 1Password. While unlocking a Mac occurs transparently, it seems likely that at least some of these additional features would require the user to confirm their operation on the Apple Watch, similar to how Apple Pay works now, but we’d like to see users given the option for less highly secure operations, such as autofilling passwords and opening third-party apps; we’re visualizing a world here where simply wearing an Apple Watch would make these operations on a Mac as seamless as they currently are on a FaceID-equipped iPhone.
It’s also not clear exactly which Macs would be supported, or if there will be hardware dependencies. There are already rumours that Face ID could be coming to the Mac. Further, if the Apple Watch is a replacement for Touch ID, is it going to be Apple’s intention to primarily support it on non-Touch ID equipped Macs, or will it actually require some integration with Apple’s T1/T2 chip for additional security? However, with the feature expected to debut in macOS 10.15, we’ll likely find out in a few weeks when Apple unveils the developer preview of macOS at WWDC.