Embodiments of the present disclosure provide an information access control method performed by a computer server, the method including: receiving an image sharing request from a first terminal, the image sharing request including a first image to be shared among a user group of a social networking application; identify one or more faces in the first image through face recognition; randomly selecting one of the faces in the first image; applying a mask to the first image except a predefined portion of the randomly-selected face; sending the partially masked first image to a second terminal; receiving an image viewing request from the second terminal in response to a user selection of the partially masked first image and a user-initiated resource transfer from the second user account to the first user account; and returning a version of the first image not being partially masked to the second terminal.