With continuous development of Internet technologies, an increasing number of users choose to operate on web pages and access various services provided by service providers. For example, for access to services provided by a service provider, a user may operate an account on a web page, such as account registration, account login, account activation, and account log out.
To avoid that an account of a legitimate user is intercepted by an illegitimate user in practical applications, a service provider needs to perform identity authentication of a user by a server before providing various services to the user. If the identity authentication of the user is successful, the service provider provides corresponding services to the user. Otherwise, the service provider refuses to provide the user with corresponding services.
In existing technologies, a server performs identity authentication of a user mainly by verifying identity information about the user, such as a personal identity card number.
When a user registers an account, the server may display an authentication page to the user via a terminal. After the server receives identity information input by the user on the authentication page, the service may verify whether the identity information is legitimate through a third party system. If yes, the server determines that the identity authentication is successful. Otherwise, the server determines that the identity authentication is not successful.
However, the above identity authentication method in existing technologies can merely determine whether the identity information is legitimate. It cannot determine whether the user who inputs the identity information is the legitimate holder himself/herself of the identity information. Therefore, the reliability of the identity authentication result obtained by the identity authentication method in existing technologies is low.