During communication between a terminal and a server, a Hyper Text Transfer Protocol over Secure Socket Layer (HTTPS) is usually adopted to authenticate an identity of the server and establish a trusted channel. Specifically, a server certificate is authenticated through a Certification Authority (CA) certificate of a browser, thereby acquiring a public key of the server. An asymmetric key is negotiated by the public key of the server and a private key stored in the server, and is held in a session object once being negotiated. The terminal and the server use the asymmetric key for encryption in a subsequent session.
A symmetric encryption system may also be developed by the terminal and the server for the communication between the terminal and the server through a service. A symmetric key is hard-coded in the terminal to achieve relatively high symmetric encryption efficiency.