In today's life, people enjoy the use of intelligent, mobile, or Internet of Things (IoT) devices, e.g. the convenience achieved by using various services and applications of mobile phones, smart watches and other wearable devices. However, these services also create lingering security and privacy issues. These issues include the following: 1) people are less aware of security when using various devices, resulting in the leak of personal information, and 2) variety of trojan or virus with the purpose of silently intercepting sign-in information of the public and pervasive attack on people's various devices in order to steal the wealth of the public. In addition, the application softwares of many devices collect user information and personal information without the user's knowledge.
Although there are some identity authentication technologies to protect user's information, however, the existing identity authentication technologies, such as SMS authentication, biometric authentication, etc. have inherent deficiencies. SMS authentication is easy to be intercepted by trojan. Biometric authentication has problems such as personal privacy, no secrecy (easy to copy), cannot convert in case of loss of biometric characteristics, etc. If it is combined with other authentication methods, it causes poor experience to the user. Many authentication techniques or methods require the user's cooperation. In the absence of independent third-party verification, true and false of the user cannot be 100% determined. It also needs to find out how to avoid misuse of the authentication mechanism and stealing of user's personal information, and how to prevent mobile terminals or devices from trojan, virus, and middleman invasion, or crack of mobile terminal software. Hence, security and personal privacy issues always exist.