CN105897699A

CN105897699A - Information security control method, mobile terminal, and server

Info

Publication number: CN105897699A
Application number: CN201610182733.0A
Authority: CN
Inventors: 路洋
Original assignee: Nubia Technology Co Ltd
Current assignee: Nubia Technology Co Ltd
Priority date: 2016-03-28
Filing date: 2016-03-28
Publication date: 2016-08-24

Abstract

The invention discloses an information security control method, a mobile terminal, and a server. The method comprises: turning on of a first application is detected; a first communication list in a mobile terminal is extracted, wherein the first communication list includes information, stored in the mobile terminal, of at least one contact; a verification request is generated by at least using the first communication list and then is sent to a server side, and thus the server side carries out verification based on the first communication list in the verification request as well as a stored second communication list of the mobile terminal, thereby obtaining a verification result; and whether the first application is logged in is determined based on the verification result. Therefore, when a user needs to log in a certain application, a processing way of verification based on communication lists is added, thereby guaranteeing security of application logging in of the user through the mobile terminal.

Description

A kind of information security control method, mobile terminal and server

Technical field

The present invention relates to the information management technique in field, particularly relate to a kind of information security control method, shifting Dynamic terminal and server.

Background technology

Along with mobile phone science and technology is more and more flourishing, payment software becomes the requisite part of people, mobile phone Fast save time again although paying, but there are some potential safety hazards.People pay user at input handset Name and during password, it is possible to can be seen by others, others may will log in you number, the property of user Will suffer damage.Visible, in prior art, log in application by mobile terminal, only pass through user name And password carries out the processing mode verified, it may appear that the problem that user security cannot be ensured.

Summary of the invention

Present invention is primarily targeted at a kind of information security control method of proposition, mobile terminal and server, Aim to solve the problem that the problems referred to above that prior art exists.

For achieving the above object, a kind of information security control method that the present invention provides, it is applied to mobile whole End, described method includes:

Unlatching the first application detected；

Extracting the first communication list in described mobile terminal, wherein, described first communication list includes At least one associated person information preserved in described mobile terminal；

Generate checking request at least with described first communication list, send described checking request to server Side, so that described server side is based on the first communication list in described checking request and the institute of preservation The second communication list stating mobile terminal is verified, gets the result；

Determine whether to log in described first application based on described the result.

A kind of information security control method that the present invention provides, is applied to server, and described method includes:

Receive the checking request based on the first application that mobile terminal side is sent, in described checking request extremely Include the first communication list being made up of at least one associated person information less；

Extract the second communication list that described mobile terminal is corresponding；

The second communication list based on the first communication list in described checking request and preservation is tested Based on the result, card, determines whether that described mobile terminal logs in described first application.

A kind of mobile terminal that the present invention provides, described mobile terminal includes:

Information extraction unit, is used for unlatching the first application being detected；Extract first in described mobile terminal Communication list, wherein, described first communication list includes at least one preserved in described mobile terminal Associated person information；

Processing unit, for generating checking request at least with described first communication list, based on server The result of feedback determines whether to log in described first application；

Communication unit, is used for sending described checking request to server side.

A kind of server that the present invention provides, including:

Communication unit, for receiving the checking request based on the first application that mobile terminal side is sent, institute State in checking request and at least include the first communication list being made up of at least one associated person information；

Authentication unit, for extracting the second communication list that described mobile terminal is corresponding；Based on described checking The first communication list and the second communication list of preservation in request are verified, true based on the result Determine whether to allow described mobile terminal to log in described first application.

Information security control method, mobile terminal and the server that the present invention proposes, is detecting unlatching the During one application, obtain the first communication list being made up of at least one associated person information in mobile terminal, And sending described first communication list to server side so that server is based on the first communication list and former guarantor Whether the second communication list deposited is verified, and allowed described mobile terminal to log in the first application The result.So, it becomes possible to make user when needs log in some application, increase based on communication List carries out the processing mode verified, thus when further ensuring user by mobile terminal login application Safety.

Accompanying drawing explanation

Fig. 1 is the hardware architecture diagram of the optional mobile terminal realizing each embodiment of the present invention；

Fig. 2 is the wireless communication system schematic diagram of mobile terminal as shown in Figure 1；

The information security control method schematic flow sheet one that Fig. 3 provides for the embodiment of the present invention；

Fig. 4 a is embodiment of the present invention operation interface schematic diagram one；

Fig. 4 b is embodiment of the present invention operation interface schematic diagram two；

Fig. 5 is embodiment of the present invention operation interface schematic diagram three；

Fig. 6 is embodiment of the present invention operation interface schematic diagram four；

Fig. 7 is embodiment of the present invention operation interface schematic diagram five；

Fig. 8 a is embodiment of the present invention operation interface schematic diagram six；

Fig. 8 b is embodiment of the present invention operation interface schematic diagram seven；

Fig. 9 is embodiment of the present invention information security control method schematic flow sheet two；

Figure 10 is that embodiment of the present invention mobile terminal forms structural representation；

Figure 11 is that embodiment of the present invention server forms structural representation.

The realization of the object of the invention, functional characteristics and advantage will in conjunction with the embodiments, do referring to the drawings further Explanation.

Detailed description of the invention

Should be appreciated that specific embodiment described herein, only in order to explain the present invention, is not used to limit Determine the present invention.

The mobile terminal realizing each embodiment of the present invention is described referring now to accompanying drawing.In follow-up description In, use the suffix being used for representing such as " module ", " parts " or " unit " of element only for having It is beneficial to the explanation of the present invention, itself does not has specific meaning.Therefore, " module " can mix with " parts " Close ground to use.

Mobile terminal can be implemented in a variety of manners.Such as, the terminal described in the present invention can include (individual digital helps for such as mobile phone, smart phone, notebook computer, digit broadcasting receiver, PDA Reason), PAD (panel computer), PMP (portable media player), the mobile end of guider etc. The fixed terminal of end and such as numeral TV, desk computer etc..Hereinafter it is assumed that terminal is mobile whole End.However, it will be understood by those skilled in the art that, in addition to being used in particular for the element of mobile purpose, Structure according to the embodiment of the present invention can also apply to the terminal of fixed type.

Fig. 1 is the hardware configuration signal of the optional mobile terminal realizing each embodiment of the present invention.

Mobile terminal 100 can include wireless communication unit 110, user input unit 130, output unit 150, memorizer 160, interface unit 170, controller 180 and power subsystem 190 etc..Fig. 1 shows There is the mobile terminal of various assembly, it should be understood that be not required for implementing all assemblies illustrated. Can alternatively implement more or less of assembly.Will be discussed in more detail below the element of mobile terminal.

Wireless communication unit 110 generally includes one or more assembly, and it allows mobile terminal 100 with wireless Radio communication between communication system or network.Such as, wireless communication unit can include mobile communication Module etc..

It is mobile to control that user input unit 130 can generate key input data according to the order of user's input The various operations of terminal.User input unit 130 allows user to input various types of information, and permissible Including keyboard, metal dome, touch pad (such as, detection due to touched and cause resistance, pressure, electricity The sensitive component of change held etc.), roller, rocking bar etc..Especially, when touch pad as a layer When being superimposed upon on display unit 151, touch screen can be formed.

Interface unit 170 is used as at least one external device (ED) and is connected connecing of can passing through with mobile terminal 100

Mouthful.Such as, external device (ED) can include wired or wireless head-band earphone port, external power source (or battery Charger) port, wired or wireless FPDP, memory card port, for connect there is identification module The port of device, audio frequency input/output (I/O) port, video i/o port, ear port etc..Identify mould Block can be that storage is for verifying that user uses the various information of mobile terminal 100 and can include user Identification module (UIM), client identification module (SIM), Universal Subscriber identification module (USIM) etc..It addition, The device (hereinafter referred to as " identifying device ") with identification module can be to take the form of smart card, therefore, knows Other device can be connected with mobile terminal 100 via port or other attachment means.Interface unit 170 is permissible For receiving from the input (such as, data message, electric power etc.) of external device (ED) and defeated by receive Enter to be transferred to the one or more elements in mobile terminal 100 or may be used in mobile terminal and outside Data are transmitted between device.

It addition, when mobile terminal 100 is connected with external base, interface unit 170 can serve as allowing to lead to Cross it provide the path of mobile terminal 100 by electric power from base or can serve as allowing to input from base Various command signals be transferred to the path of mobile terminal by it.Various command signals from base input Or electric power may serve as identifying whether mobile terminal is accurately fitted within the signal on base.Output is single Unit 150 be configured to vision, audio frequency and/or tactile manner provide output signal (such as, audio signal, Video signal, alarm signal, vibration signal etc.).

Output unit 150 can include display unit 151 etc..

Display unit 151 may be displayed on the information processed in mobile terminal 100.Such as, mobile terminal is worked as 100 when being in telephone calling model, display unit 151 can show and call or other communicate (such as, civilian This information receiving and transmitting, multimedia file download etc.) relevant user interface (UI) or graphic user interface

(GUI).When mobile terminal 100 is in video calling pattern or image capture mode, display unit 151 Can show capture image and/or the image of reception, illustrate video or image and the UI of correlation function or GUI etc..

Meanwhile, when display unit 151 and touch pad the most superposed on one another to form touch screen time, aobvious Show that unit 151 can serve as input equipment and output device.Display unit 151 can include liquid crystal display (LCD), thin film transistor (TFT) LCD (TFT-LCD), Organic Light Emitting Diode (OLED) display, flexibility show Show at least one in device, three-dimensional (3D) display etc..Some in these display may be constructed such that Transparence is to allow user to watch from outside, and this is properly termed as transparent display, typical transparent display Can for example, TOLED (transparent organic light emitting diode) display etc..According to the specific enforcement wanted Mode, mobile terminal 100 can include two or more display units (or other display device), such as, Mobile terminal can include outernal display unit (not shown) and inner display unit (not shown).Touch screen can For detecting touch input pressure and touch input position and touch input area.

Memorizer 160 can store the process performed by controller 180 and control the software program etc. of operation Deng, or can temporarily store oneself through output maybe will export data (such as, telephone directory, message, Still image, video etc.).And, memorizer 160 can store about when touch is applied to touch screen The vibration of the various modes of output and the data of audio signal.

Memorizer 160 can include the storage medium of at least one type, described storage medium include flash memory, Hard disk, multimedia card, card-type memorizer (such as, SD or DX memorizer etc.), random access storage device (RAM), static random-access memory (SRAM), read only memory (ROM), electrically erasable Read only memory (EEPROM), programmable read only memory (PROM), magnetic storage, disk, light Dish etc..And, mobile terminal 100 can be connected the storage function performing memorizer 160 with by network Network storage device cooperation.

Controller 180 generally controls the overall operation of mobile terminal.Such as, controller 180 performs and voice Control that call, data communication, video calling etc. are relevant and process.It addition, controller 180 can wrap Including the multi-media module 1810 for reproducing (or playback) multi-medium data, multi-media module 1810 can construct In controller 180, or it is so structured that separate with controller 180.Controller 180 can perform pattern Identifying processing, with the handwriting input performed on the touchscreen or picture are drawn input be identified as character or Image.

Power subsystem 190 receives external power or internal power under the control of controller 180 and provides behaviour Make the suitable electric power needed for each element and assembly.

Various embodiment described herein can be to use such as computer software, hardware or its any group The computer-readable medium closed is implemented.Implementing for hardware, embodiment described herein can pass through Use application-specific IC (ASIC), digital signal processor (DSP), digital signal processing device (DSPD), programmable logic device (PLD), field programmable gate array (FPGA), processor, control Device, microcontroller, microprocessor, it is designed to perform in the electronic unit of function described herein extremely Few one is implemented, and in some cases, such embodiment can be implemented in controller 180.Right Implementing in software, the embodiment of such as process or function can perform at least one function or behaviour with permission The single software module made is implemented.Software code can be by writing with any suitable programming language Software application (or program) is implemented, and software code can be stored in memorizer 160 and by controlling Device 180 performs.

So far, oneself is through describing mobile terminal according to its function.Below, for the sake of brevity, will describe Various types of mobile terminals of such as folded form, board-type, oscillating-type, slide type mobile terminal etc. In slide type mobile terminal as example.Therefore, the present invention can be applied to any kind of mobile whole End, and it is not limited to slide type mobile terminal.

As shown in Figure 1 mobile terminal 100 may be constructed such that and utilizes via frame or packet transmission data The most wired and wireless communication system and satellite-based communication system operate.

The communication system being wherein operable to according to the mobile terminal of the present invention is described referring now to Fig. 2.

Such communication system can use different air interfaces and/or physical layer.Such as, by communication system The air interface that system uses includes such as frequency division multiple access (FDMA), time division multiple acess (TDMA), CDMA (CDMA) move lead to UMTS (UMTS) (especially, Long Term Evolution (LTE)), the whole world Communication system (GSM) etc..As non-limiting example, explained below relates to cdma communication system, but It is that such teaching is equally applicable to other type of system.

With reference to Fig. 2, cdma wireless communication system can include multiple mobile terminal 100, multiple base station (BS) 270, base station controller (BSC) 275 and mobile switching centre (MSC) 280.MSC280 is configured to Interface is formed with Public Switched Telephony Network (PSTN) 290.MSC280 is also structured to and can be via returning Journey circuit is couple to the BSC275 of base station 270 and forms interface.If the interface that back haul link can be known according to Ganji In any one construct, described interface includes such as E1/T1, ATM, IP, PPP, frame relay, HDSL, ADSL or xDSL.It will be appreciated that system as shown in Figure 2 can include multiple BSC2750.

Each BS270 can service one or more subregion (or region), by multidirectional antenna or sensing certain party To antenna cover each subregion radially away from BS270.Or, each subregion can be by for dividing Two or more antennas that collection receives cover.Each BS270 may be constructed such that support multiple frequencies distribution, And the distribution of each frequency has specific frequency spectrum (such as, 1.25MHz, 5MHz etc.).

Intersecting that subregion and frequency are distributed can be referred to as CDMA Channel.BS270 can also be referred to as base station Transceiver subsystem (BTS) or other equivalent terms.In this case, term " base station " can be used In broadly representing single BSC275 and at least one BS270.Base station can also be referred to as " cellular station ". Or, each subregion of specific BS270 can be referred to as multiple cellular station.

As shown in Figure 2, broadcast singal is sent in system the shifting operated by broadcsting transmitter (BT) 295 Dynamic terminal 100.Broadcast reception module 111 is arranged on mobile terminal 100 and sentences reception as shown in Figure 1 The broadcast singal sent by BT295.In fig. 2 it is shown that several global positioning systems (GPS) satellite 300. Satellite 300 helps to position at least one in multiple mobile terminals 100.

In fig. 2, depict multiple satellite 300, it is understood that be, it is possible to use any number of defend Star obtains useful location information.GPS module 115 is generally configured to and satellite 300 as shown in Figure 1 Coordinate the location information wanted with acquisition.Substitute GPS tracking technique or outside GPS tracking technique, can To use other technology of the position that can follow the tracks of mobile terminal.It addition, at least one gps satellite 300 can Optionally or additionally to process satellite dmb transmission.

As a typical operation of wireless communication system, BS270 receives from various mobile terminals 100 Reverse link signal.Mobile terminal 100 generally participates in call, information receiving and transmitting communicates with other type of.Special The each reverse link signal determining base station 270 reception is processed in specific BS270.The data obtained It is forwarded to the BSC275 being correlated with.BSC provides call resource distribution and the soft handover included between BS270 The mobile management function of the coordination of process.The data received also are routed to MSC280 by BSC275, its Extra route service for forming interface with PSTN290 is provided.Similarly, PSTN290 with MSC280 forms interface, MSC Yu BSC275 forms interface, and BSC275 correspondingly controls BS270 Forward link signals to be sent to mobile terminal 100.

Based on above-mentioned mobile terminal hardware configuration and communication system, each embodiment of the inventive method is proposed.

Embodiment one,

As it is shown on figure 3, first embodiment of the invention proposes a kind of information security control method, it is applied to mobile Terminal, including:

Step 301: unlatching the first application detected；

Step 302: extract the first communication list in described mobile terminal, wherein, described first communication row Table includes at least one associated person information preserved in described mobile terminal；

Step 303: generate checking request at least with described first communication list, sends described checking request To server side so that described server side based on described checking request in the first communication list and Second communication list of the described mobile terminal preserved is verified, gets the result；

Step 304: determine whether to log in described first application based on described the result.

Here, mobile terminal described in the present embodiment can be the terminal such as smart mobile phone, panel computer.

Described first application can be any one application such as Alipay, wechat payment, bank paying.Phase Answer, described in detect unlatching first application can be: operation calls application library based on user detected In first application unlatching operation time, determine detect unlatching first application.See Fig. 4 a, with first Application is for illustrating as a example by Alipay, and such as, user clicks on the mark of Alipay, then mobile terminal Application call instruction will be initiated to backstage, once detect that application call instructs, it is possible to determine detection To opening the first application, the i.e. operation of Alipay.

The first communication list in the described mobile terminal of described extraction can be: detects described mobile terminal Address list is applied, and gets the first of at least one associated person information composition and lead to from described address list is applied Letter list.

Further, above-mentioned at least with described first communication list generate checking request may include that profit With described first communication list and the identification information of described mobile terminal, generate described checking request；

Or, Ke Yiwei: get the user account information of described first application, lead to based on described first Letter list and the user account information of described first application, generate checking request.

It should be noted that the result described in the present embodiment can be server side whether permitting of obtaining Permitted described mobile terminal and logged in described first application；Accordingly, determine whether to step on based on described the result Record described first application, Ke Yiwei: when described the result is for allowing described mobile terminal to log in described the One application, then log in described first application, and show the operation interface of the first application；When described checking knot When fruit is not for allowing described mobile terminal to log in described first application, without logging into described first application.

It addition, when determining without logging into described first application based on described checking request, it is also possible to generate the One information；Wherein, described first information can be: authentication failed.

Further, the scene provided based on the present embodiment, it is also possible to include uploading second to server side The process of communication list, specifically includes following operation:

After opening described first application, sending described mobile terminal unlatching described first to server side should Information so that described server based on described unlatching described first application information inspection described in move Dynamic terminal uses first to apply the most for the first time, the most then send to described mobile terminal and upload the second communication The instruction of list；Receive the instruction uploading the second communication list information that described server side is sent, obtain Get the whole associated person informations preserved in Current communications record, and generate based on described whole associated person informations Second communication list, sends described second communication list to described server side.Such as, can be first Arranging in application arranges the verification process needing to carry out address list coupling in interface, and when unlatching first During application, send and include user account information to server side, when server detection did not preserve this Second communication list of user, now can show the interface shown in Fig. 5, clicks on " unlatching " button, Get the whole associated person informations preserved in described mobile terminal, using whole associated person informations as second Communication list is sent to server.

Further, the present embodiment possesses phase in can also be for the first communication list and the second communication list The quantitative proportion of same associated person information pre-sets, and such as, could be arranged to 90%, namely Say, when the associated person information having 90% in the first communication list and the second communication list is identical, it is possible to Determine that the result is to allow described mobile terminal to log in described first application.

Such as, may refer to shown in Fig. 6, wherein, cell phone address book is the first communication list, former logical News record i.e. the second communication list；When, after the ratio value that the associated person information being provided with 90% is identical, click is opened Opening button, described ratio is sent to server side, described server just can enter based on the ratio arranged The verification process that row is follow-up.

Need it is further noted that user can be arranged when mobile phone shutdown is restarted, be initially opened payment Software, it is necessary to cell phone address book and former address list coupling, accordingly even when log in yours on others' mobile phone Payment accounts, can not enter payment accounts, does not therefore worry that oneself property suffers damage.User Can also set and log in payment software every time, cell phone address book and former address list will mate once, so Doing safety may be higher, but also can lose time, depending on the operational circumstances according to user oneself.

Visible, by using such scheme, it becomes possible to when unlatching the first application being detected, obtain mobile The first communication list being made up of at least one associated person information in terminal, and send described first communication List is to server side so that server the second communication list based on the first communication list with former preservation enters Row checking, and whether allowed described mobile terminal to log in the result of the first application.So, Enable to user when needs log in some application, increase and carry out, based on communication list, the process verified Mode, thus further ensure user and log in safety during application by mobile terminal.

Embodiment two,

Step 301: unlatching the first application detected；

Unlike the embodiments above, the present embodiment can be before verifying based on communication list, first Perform to utilize first accounts information of user to carry out the process verified, specific as follows:

The first communication list in the described mobile terminal of described extraction, also includes:

Get the first accounts information logging in described first application, wherein, in described first accounts information Include account name and password；

Send account verification based on described first accounts information to described server side to ask, so that described Described first accounts information is verified by server side based on the request of described account verification；

Receive the account verification result that described server side is sent, if described account verification result is checking Pass through, then control the operation performing to extract the first communication list in described mobile terminal.

Account name and described password in described first accounts information can be that user applies first first The information of use when registering, ratio as shown in fig 4b, wherein shows that user account is 123456789 With user cipher 12345678.It is to say, current embodiment require that the account verification at the first accounts information When result is for being verified, just can communicate the verification operation of list, so, it is possible to be further ensured that The safety of the first application.

Further, described above at least with described first communication list generation checking request, also include:

Get the operation information whether performing checking；

If described operation information is for perform checking, then generate checking request based on described first communication list；

If described operation information is not for perform checking, then generating information, described information is used for carrying Show that user refuses to log in described first application.

In the scene that the present embodiment provides, if the user while enter already provided with based on communication list in arranging Row checking, then after user completes account verification, described first application can also show an operation Interface, as it is shown in fig. 7, wherein, cell phone address book that is first communication list, former address list that is second is led to Letter list, user can select based on the operation interface that Fig. 7 shows be or no, if selection be then to use Family selects to perform the operation of address list checking, now, carries out follow-up operation；If user selects no, It is to say, the mobile terminal of the mobile terminal likely non-user of current operator's use, that Directly refuse this user and log in the first application, thus ensure the application safety of user.

Preferably, before the operation interface of described first application of above-mentioned displaying, it is also possible to again allow user select Select and whether determine entrance the first application, such as, see Fig. 8 a, if user selects to enter, then permissible Interface in display Fig. 8 b, user can perform the payment in interface, sweep and sweep and behaviour that card certificate is corresponding Make, be not discussed here.

Embodiment three,

As it is shown in figure 9, first embodiment of the invention proposes a kind of information security control method, it is applied to service Device, including:

Step 901: receive the checking request based on the first application that mobile terminal side is sent, described checking Request at least includes the first communication list being made up of at least one associated person information；

Step 902: extract the second communication list that described mobile terminal is corresponding；

Step 903: based on the first communication list in described checking request and the second communication list of preservation Verify, determine whether that described mobile terminal logs in described first application based on the result.

Here, mobile terminal described in the present embodiment can be the terminal such as smart mobile phone, panel computer.Institute Stating server can be at least one server of the first application described in the support of network side setting, described Holding described first application can be the whole identification informations and entirely preserving all accounts in described first application Portion's operation information, such as, can include account name, password, the second communication list, and described account The operation historical record at family.

The present embodiment can be first carried out utilizing the first of user before verifying based on communication list Accounts information carries out the process verified, specific as follows:

Described first accounts information is tested by the account verification request that server is sent based on mobile terminal Card；The request of described account verification includes account name and password.Account name and described password are permissible For user's information of use when the first application is registered first, ratio as shown in fig 4b, Qi Zhongxian Show that user account is 123456789 and user cipher 12345678.It is to say, current embodiment require that When the account verification result of the first accounts information is for being verified, just can communicate the verification operation of list, So, it is possible to be further ensured that the safety of the first application.

Described based on the result determine whether described mobile terminal log in described first application, including:

If described the result represent described first communication list and described second communication list possess identical The quantitative proportion of associated person information more than predetermined threshold value, it is determined that allow described mobile terminal to log in institute State the first application；

If described the result represent described first communication list and described second communication list possess identical The quantitative proportion of associated person information be not more than predetermined threshold value, it is determined that do not allow described mobile terminal to step on Record described first application.

Wherein, described predetermined threshold value can be the threshold value of acquiescence, or, it is also possible to move for user is logical Dynamic end side is configured, and the threshold value transmission of setting is preserved to server side by server.

After opening described first application, sending described mobile terminal unlatching described first to server side should Information, described server based on described unlatching described first application information inspection described in mobile terminal Use the first application the most for the first time, the most then send to described mobile terminal and upload the second communication list Instruction；Receive the instruction uploading the second communication list information that described server side is sent, get and work as The whole associated person informations preserved in front address list, and it is logical to generate second based on described whole associated person informations Letter list, sends described second communication list to described server side.Such as, in can applying first Arrange interface arrange the verification process needing to carry out address list coupling, and when opening the first application, Transmission includes user account information to server side, when server detection did not preserve the of this user Two communication lists, now can show the interface shown in Fig. 5, click on " unlatching " button, get institute State the whole associated person informations preserved in mobile terminal, using whole associated person informations as the second communication list It is sent to server.

Below with the first application as Alipay, the first communication list is the address list in mobile phone, the second communication List be server storage former address list as a example by do operation scenario explanation:

The first step: after opening this function, system detecting the presence of address book data and exists, if having, not carrying out Upload communication record data, if without, upload communication record data；

Second step: log in payment software, input account and password；

3rd step: select the address book data (former address list) of the address list in mobile phone and server end to enter Row coupling, if matching rate is more than or equal to 90%, can normally enter the interface of mobile-phone payment software, if Matching rate logs in less than 90% refusal.

Being accomplished by of this application

The first step, opens this function, invoking performance function, and whether system detection server end has address list Data exist, if server end is with the presence of address book data, are not required to upload communication record data, if server End is without address book data, then the end that uploaded onto the server by the address book data in mobile phone is original logical as coupling News record data；

Second step, enters payment software, the account number cipher of Input Software；

3rd step, after the input of software account number cipher is correct, terminal will show cell phone address book and former logical The interface of news record coupling；When clicking on "Yes" button when, terminal will trigger cell phone address book data Matching feature is carried out with former address book data, if the address book data of server end and address list number in mobile phone According to coupling more than or equal to 90%, then can enter payment software interface, if address list matching rate is less than 90%, Then refusal logs in software；When clicking on "No" button when, terminal will exit mobile-phone payment software and return To desktop；After the match is successful, terminal will enter the interface of payment software.

Embodiment four,

As shown in Figure 10, the present invention proposes a kind of mobile terminal, including:

Information extraction unit 1001, is used for unlatching the first application being detected；Extract in described mobile terminal First communication list, wherein, described first communication list includes in described mobile terminal and preserves at least One associated person information；

Processing unit 1002, for generating checking request at least with described first communication list, based on clothes The result of business device feedback determines whether to log in described first application；

Communication unit 1003, is used for sending described checking request to server side.

Described first application can be any one application such as Alipay, wechat payment, bank paying.Phase Answer, described information extraction unit, for first in operation calls application library based on user being detected When the unlatching of application operates, determine and unlatching the first application detected.See Fig. 4 a, with the first application for propping up Illustrating as a example by paying treasured, such as, user clicks on the mark of Alipay, and then mobile terminal will be backward Platform initiates application call instruction, once detects that application call instructs, it is possible to determines and unlatching the detected One application, i.e. the operation of Alipay.

Embodiment five,

Described processing unit 1002, for getting the first accounts information logging in described first application, its In, described first accounts information includes account name and password；Based on described first accounts information to Described server side sends account verification request, so that described server side please based on described account verification Ask and described first accounts information is verified；Receive the account verification result that described server side is sent, If described account verification result is for being verified, then control to perform to extract in described mobile terminal first is led to The operation of letter list.

Further, described above at least with described first communication list generation checking request, process single Unit 1002, for getting the operation information whether performing checking；If described operation information is for perform checking, Then generate checking request based on described first communication list；If described operation information is not for perform checking, then Generating information, described information is used for pointing out user to refuse to log in described first application.

Embodiment six,

As shown in figure 11, one server of the present invention, including:

Communication unit 1101, for receiving the checking request based on the first application that mobile terminal side is sent, Described checking request at least includes the first communication list being made up of at least one associated person information；

Authentication unit 1102, for extracting the second communication list that described mobile terminal is corresponding；Based on described The first communication list and the second communication list of preservation in checking request are verified, based on checking knot Fruit determines whether that described mobile terminal logs in described first application.

Described authentication unit, if representing described first communication list and described second for described the result Communication list possesses the quantitative proportion of identical associated person information more than predetermined threshold value, it is determined that allow Described mobile terminal logs in described first application；

If described the result represent described first communication list and described second communication list possess identical The quantitative proportion of associated person information be not more than predetermined threshold value, it is determined that do not allow described mobile terminal to step on Record described first application.Wherein, described predetermined threshold value can be the threshold value of acquiescence, or, also may be used Think that user is led to mobile terminal side and is configured, and the threshold value of setting is sent to server side by servicing Device preserves.

It should be noted that in this article, term " include ", " comprising " or its any other variant Be intended to comprising of nonexcludability so that include the process of a series of key element, method, article or Person's device not only includes those key elements, but also includes other key elements being not expressly set out, or also Including the key element intrinsic for this process, method, article or device.In the feelings not having more restriction Under condition, statement " including ... " key element limited, it is not excluded that include this key element process, Method, article or device there is also other identical element.

The invention described above embodiment sequence number, just to describing, does not represent the quality of embodiment.

Through the above description of the embodiments, those skilled in the art is it can be understood that arrive above-mentioned Embodiment method can add the mode of required general hardware platform by software and realize, naturally it is also possible to logical Cross hardware, but a lot of in the case of the former is more preferably embodiment.Based on such understanding, the present invention's The part that prior art is contributed by technical scheme the most in other words can be with the form body of software product Revealing to come, this computer software product is stored in a storage medium (such as ROM/RAM, magnetic disc, light Dish) in, including some instructions with so that a station terminal equipment (can be mobile phone, computer, service Device, air-conditioner, or the network equipment etc.) perform the method described in each embodiment of the present invention.

These are only the preferred embodiments of the present invention, not thereby limit the scope of the claims of the present invention, every Utilize equivalent structure or equivalence flow process conversion that description of the invention and accompanying drawing content made, or directly or Connect and be used in other relevant technical fields, be the most in like manner included in the scope of patent protection of the present invention.

Claims

1. an information security control method, is applied to mobile terminal, it is characterised in that described method bag Include:

Unlatching the first application detected；

Method the most according to claim 1, it is characterised in that in the described mobile terminal of described extraction The first communication list, also include:

Method the most according to claim 1, it is characterised in that described logical at least with described first Letter list generates checking request, also includes:

Get the operation information whether performing checking；

4. an information security control method, is applied to server, it is characterised in that described method includes:

Method the most according to claim 4, it is characterised in that described determine based on the result be The described mobile terminal of no permission logs in described first application, including:

6. a mobile terminal, it is characterised in that described mobile terminal includes:

Mobile terminal the most according to claim 6, it is characterised in that

Described processing unit, for getting the first accounts information logging in described first application, wherein, Described first accounts information includes account name and password；Based on described first accounts information to described Server side sends account verification request；Receive the account verification result that described server side is sent, if Described account verification result for being verified, then controls the first communication performing to extract in described mobile terminal The operation of list.

Mobile terminal the most according to claim 6, it is characterised in that

Described processing unit, for getting the operation information whether performing checking；If described operation information For performing checking, then generate checking request based on described first communication list；If described operation information is not Performing checking, then generate information, described information is used for pointing out user to refuse to log in described first Application.

9. a server, it is characterised in that including:

Server the most according to claim 9, it is characterised in that