Electronic payment includes a currency payment or cash flowing through a network by users (including customers, manufacturers, and financial institutions) to use secure electronic means for payment. With the popularization of smart phones, tablet computers, and other mobile terminals, the electronic payment is practically accepted by more people with mobile terminals.
Currently, the security technology of electronic payment includes encrypting communication data, or performing an authentication process to payment software using certificates or other means, or encrypting local data to protect the security of electronic transactions. However, these methods are all set based on transaction data or transaction software itself, which neglects the security of the operating environment of the electronic payment software.
A safe operating environment can provide basic security of the electronic payment. If the operating environment has a security risk, regardless of the safety of the electronic payment software itself, the security of the electronic payment cannot be effectively provided. For example, if screen capture software exists in the operating environment, Trojan programs may fully intercept the inputted image and send to a third person when the user inputs information of payment account. The user payment account information is then unauthorizedly disclosed. In another example, some malicious programs can monitor operations on the user's keyboard. These malicious programs can record the information from the keyboard and then send to the server. Consequently, the security information including user password, verification code, and other information inputted from the keyboard is unauthorizedly disclosed.
Therefore, it is desirable to provide a secure operating environment for electronic payments to effectively increase security of the electronic payments.