With the development of communication technology, mobile terminals are more and more favored by a lot of users, and functions of the mobile terminal are becoming more and more powerful. Specifically mobile phones have been developed into an intelligent mobile phone stage and are comparable to computers. At present, there are various applications (App) for a variety of mobile terminals. However, when users use the Apps at mobile terminals such as the mobile phones, there are various authentication operations. For example, when logging into a user account, a user needs to enter a password for authentication. When doing data interaction with another user, the user needs to enter an authentication code sent by a third party interactive platform.
There are several conventional authentication methods for data interaction by using applications at or through the terminals.
A first authentication method is using a user password. The user sets a login password or data interaction password for a user account. The user needs to enter the preset password when entering into the account or conducting data interaction. The third party interactive platform authenticates the log-in operation or data interactive operation of the user after determining that the password is correct. However, the applications at the mobile terminal are often set up to remember passwords for the convenience of the user. When the mobile terminal of the user is used by another person due to loss of the devices, as the applications remember the password, such applications may be abused by another person and cause loss of personal interests of the user.
A second authentication method is using a one-time password (OTP). To validate the data interaction, the user needs to input a dynamic code of a dynamic password card or hardware token (e.g., a string of characters including numbers and characters). The third party interactive platform conducts the data interaction after determining that the OTP is correct. This method requires the user to have one more step(s) of inputting the OTP in addition to the normal data interactive process, thereby increasing complexity and reducing user experiences.
A third authentication method is using an OTP authentication based on short message. This method is a type of the OTP authentication and is mainly used at mobile phones. When the user needs to conduct the data interaction, the user needs to obtain the OTP from the third party interactive platform through the mobile phone that is bound with the user account in a form of short message and inputs the correct OTP at an interactive page. However, when the mobile phone is lost, such authentication method cannot be used and may cause the failure of data interaction within a short period of time.
Thus, an authentication method that secures the application at the terminal of the user is needed.