• thatsnothowyoudoit@lemmy.ca
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    1 year ago

    They do indeed: https://httptoolkit.com/blog/apple-private-access-tokens-attestation/

    From the article:

    The focus here is primarily on removing captchas, and as such it’s been integrated into Cloudflare (discussed here) and Fastly (here) as a mechanism for recognizing ‘real’ clients without needing other captcha mechanisms.

    Fundamentally though, it’s exactly the same concept: a way that web servers can demand your device prove it is a sufficiently ‘legitimate’ device before browsing the web.