The Internet is providing more and more services. However, thefts of identifies of authorized users for enjoying services thereof are becoming a commonplace. To interrupt services provided for the authorized users whose identifies or services have been stolen, a serving terminal providing services performs security verification to the identities of the users before providing services, to confirm the user identities. Accordingly, a security verification method is critical to ensuring the authenticity of a user to which services are provided.
At present, there are two security verification ways. In the first security verification way, security verification is performed using a user name and password; whereas in the second security verification way, security verification is performed using second identity verification. With regard to the first security verification way, before a serving terminal provides services, a user is required to input a user name and password capable of identifying the identity of the user over a user terminal; and then the serving terminal provides, after verifying that the user name and password input by the user are correct, services for the user, where the password is made up of letters and digits. With regard to the second security verification way, before a serving terminal provides services, in addition to the case that a user is required to input a user name and password capable of identifying the identity of the user over a user terminal, the serving terminal sends a random verification code to the user terminal or other apparatuses designated by the user separately; then, the user inputs the received verification code over the user terminal; and the serving terminal verifies whether or not the verification code input by the user is correct after verifying that the user name and password input by the user are correct, and then provides services for the user if the verification code input by the user is also correct.
During implementation of the present disclosure, the inventor finds that the above security verification methods have at least the following defects:
Since the password in the first security verification way is composed of letters and digits, it is quite difficult for the user to memorize the password and the password is likely to be intercepted and cracked by Trojan. As a result, the password is subject to thefts. With regard to the second security verification method, unauthorized users often steal a verification code of a user by creating a website which is the same as that provided by a service provider and inducing the user to enter the verification code in the website created by the unauthorized users, and further steal the identity of the user by using the stolen verification code before the verification code becomes invalid. Consequently, the function of the security verification is weakened.