Currently, there are some credential verification application scenarios in daily work and life, for example, an identity card, a bankcard, a bus ticket, a concert ticket, and an access control card. In some application scenarios, credential verification only needs to be completed by using specific entities, for example, a bus ticket, a concert ticket, and an access control card. For some credential verification scenarios with relatively high security requirements, a specific entity and private information need to be used together to complete verification, for example, a bankcard and a home/company fingerprint access.
In practice, in an application scenario with credential verification that only needs to be completed by using a specific entity, credential verification can be completed by obtaining a corresponding specific entity. For example, a user can buy a paper bus ticket or a paper concert ticket from a ticket window, and can get on the bus or go to a concert after verification is completed at the ticket barrier. This verification mode depends on a specific entity (a bus ticket or a concert ticket), and requires the user to carry the specific entity. However, if the specific entity is lost or damaged, a process of deregistering or post-registering the specific entity is complex.
For an application scenario with a relatively high security requirement, security can be ensured by an additional security authentication auxiliary device, for example, a secure keyboard or a fingerprint recognition device. As such, usage costs are increased. Although this method can prevent private information leakage, a threat of private information leakage still exists.
In both of the previous two application scenarios, there is a problem that credential verification is less convenient with relatively low security, and costs of a credential publishing party are relatively high. To alleviate the previous problem, a user in the existing technology can buy an electronic credential online. A string of random codes are recorded in the electronic credential, and during credential verification, verification can be completed by verifying a random code in the electronic credential, thereby improving convenience and security of credential verification, and reducing publishing costs of the credential publishing party. However, a static random code is used in the electronic credential, and if the electronic credential is copied or stolen through photographing, security of the electronic credential cannot be ensured.