With the continuous development of Internet technologies, an increasing number of users can conduct interactive activities or obtain services via the Internet. Under many circumstances, an identity of a user needs to be verified in situations in which the user conducts an Internet or mobile Internet activity, such as in scenarios of registration, login, etc. At present, a verification method primarily includes performing verification using a short message verification code. This method includes sending a short message verification code to a mobile phone number provided by a user who inputs the short message verification code in a corresponding position according to a prompt. A background server may then verify whether the short message verification code entered by the user is consistent with the short message verification code previously sent to the user, and verification is passed if they are consistent. However, short message verification codes are easily intercepted by a third party or Trojan during transmission or after arriving at mobile phones, the security thereof is relatively low. Furthermore, as an arrival rate of short messages cannot be guaranteed, a success rate of identity verification cannot reach an ideal value, thus affecting user experience.