Portable terminal apparatuses are being widely used due to the convenience of use thereof, and the usability thereof is gradually increasing. For example, a portable terminal apparatus provides various functions, such as a game, banking, the use of public transport, health care, shopping, and the like, that a user needs, and thereby enables not only a voice call but also the processing of various pieces of information and communication even during movement of the portable terminal.
The convenience of use of the portable terminal increases the usability thereof. Accordingly, poor use is made of the above-described property of the portable terminal, and there is also a gradual increase in security incidents, such as smishing in which a malicious code is installed when an Internet address within a message is clicked and small-sum settlement damage occurs or financial information is extorted while a potential victim does not know, and phishing in which criminals pose as a financial institution or a public institution, require, through a telephone or an email, a potential victim to enter a serial number and a code number of his/her security card on an Internet site, and extort financial information.
Conventionally, in order to prevent the security incidents, when an Internet address is included in a message, most frequently used methods are a method for verifying a text message by authenticating the Internet address through an authenticated application, or a method for verifying an originator of the message by representing a predetermined mark signifying that a received text message does not include an illegal element and/or a security element.
However, the conventional method for verifying the contents of the message or verifying the originator thereof after the message is received may be exposed to another security danger by a man-in-the-middle in a process of delivering the message from the originator to the recipient.
For example, when a man-in-the-middle attack occurs in a process where the originator delivers a secure message to a service apparatus, and in a process where the service apparatus delivers the secure message, which has been received from the originator, to the recipient, the secure message may be extorted as it is, and the contents of the message may be changed and the message including the changed contents may be delivered to the recipient.
Also, even when a message is encrypted, encryption/decryption keys may be exposed in a process of decrypting the encrypted text message, or the contents of the decrypted text message may be leaked by using a method for capturing a screen of a reception terminal apparatus.