As can be seen from the current development of the Internet, user operations have been increasingly transferred from Personal Computers (PCs) to mobile devices, so that identity verification (or identity authentication) becomes a new challenge in the mobile Internet, because intelligent mobile phones with touch screens are prevalent in the mobile Internet but it is difficult for a user to input a user account and a password via the touch screen in a user verification manner based on user accounts and passwords, thus degrading user experiences. In addition, anti-virus software for the mobile devices emerged very recently, so that trojan viruses have been prevalent in the mobile devices currently. Therefore, the conventional user verification manner based on the user account and password cannot sufficiently protect the property security and privacy of a mobile device user, resulting in low security.