Identity-based security is a type of security that focuses on access to digital information or services based on the authenticated identity of an entity. It ensures that the users and services of these digital resources are entitled to what they receive. The most common form of identity-based security involves the login of an account with a username and password. However, recent technology has evolved into fingerprinting or facial recognition.

While most forms of identity-based security are secure and reliable, none of them are perfect and each contains its own flaws and issues.

The earliest forms of Identity-based security was introduced in the 1960s by computer scientist Fernando Corbató. During this time, Corbató invented computer passwords to prevent users from going through other people's files, a problem evident in his Compatible Time-Sharing System (C.T.S.S.), which allowed multiple users access to a computer concurrently. Fingerprinting however, although not digital when first introduced, dates back even further to the 2nd and 3rd century, with King Hammurabi sealing contracts through his fingerprints in ancient Babylon. Evidence of fingerprinting was also discovered in ancient China as a method of identification in official courts and documents. It was then introduced in the U.S. during the early 20th century through prison systems as a method of identification. On the other hand, facial recognition was developed in the 1960s, funded by American intelligence agencies and the military.

The most common form of Identity-based security is password authentication involving the login of an online account. Most of the largest digital corporations rely on this form of security, such as Facebook, Google, and Amazon. Account logins are easy to register, difficult to compromise, and offer a simple solution to identity-based digital services.

Fingerprint biometric authentication is another type of identity-based security. It is considered to be one of the most secure forms of identification due to its reliability and accessibility, in addition to it being extremely hard to fake. Fingerprints are also unique for every person, lasting a lifetime without significant change. Currently, fingerprint biometric authentication are most commonly used in police stations, security industries, as well as smart-phones.

Facial recognition operates by first capturing an image of the face. Then, a computer algorithm determines the distinctiveness of the face, including but not limited to eye location, shape of chin, or distance from the nose. The algorithm then converts this information into a database, with each set of data having enough detail to distinguish one face from another.

A problem of this form of security is the tendency for consumers to forget their passwords. On average, an individual is registered to 25 online accounts requiring a password, and most individuals vary passwords for each account. According to a study by Mastercard and the University of Oxford, "about a third of online purchases are abandoned at checkout because consumers cannot remember their passwords." If the consumer does forget their password, they will usually have to request a password reset sent to their linked email account, further delaying the purchasing process. According to an article published by Phys Org, 18.75% of consumers abandon checkout due to password reset issues.

When individuals set a uniform password across all online platforms, this makes the login process much simpler and hard to forget. However, by doing so, it introduces another issue where a security breach in one account will lead to similar breaches in all remaining accounts, jeopardizing their online security. This makes the solution to remembering all passwords much harder to achieve.^{[citation needed]}