Nowadays, various devices are becoming more intelligent, and one very important reason is that a large quantity of application software may provide functions of being downloaded by users and expanding devices. However, in this way, security problems become increasingly serious, and if a user downloads malicious software, the malicious software may cause a serious threat to a device. For the most sensitive mobile payment, a password entered by a user may be stolen by malicious software, and a paid amount may also be tampered with. To resolve this problem, a hardware switching isolation architecture is put forward in the industry, that is, software may run in a security mode and a normal mode, and software are completely isolated from each other. In the security mode, many hardware resources such as a touch screen and a memory in a device are exclusively used by software, which may ensure that key operations performed by a user are not attacked or stolen by malicious software. Therefore, generally, to improve security, a part requiring high-level security protection runs in the security mode, for example, an interface for entering a password by a user or an interface for confirming a payment. When an application program (such as a payment program) needs to use these interfaces, an invoking request is sent, and a device switches to the security mode. If malicious software runs in the device, the malicious software prevents the device from switching to the security mode. Therefore, a user needs to verify whether the device is in the security mode, and when confirming that the device is in the security mode, the user performs related operations, for example, enters a password. To allow the user to confirm that the device is in the security mode, the device must carry a security indicator. When the device switches to the security mode, the security indicator starts, outputs a security mode prompt signal, and prompts the user to perform related operations, which ensures that operations performed by the user are not stolen by malicious software.
An existing security mode prompt method is that, a secret picture only known by a user is placed in secure storage that can be accessed only in the security mode, and when a device enters the security mode, a system reads the secret picture and displays the picture on a screen; because the picture can be obtained only in the security mode, when seeing the picture, the user can believe that the device enters the security mode. In the security mode prompt manner, if an attacker has a specific target, the attacker may acquire the secret picture in another manner, such as peeking or image shooting, when the secret picture is displayed, then forge the secret picture, and embed the secret picture into malicious software. When the device needs to switch to the security mode, the malicious software runs, the device is prevented from switching to the security mode, the secret picture is displayed, and a security mode environment is forged, which makes the user mistakenly consider that the device is in the security mode and perform key operations. Therefore, the method for directly displaying secure storage information is easy to be stolen by others, and is not secure.