CN107315947A - Pay class application management method, device and mobile terminal - Google Patents
Pay class application management method, device and mobile terminal Download PDFInfo
- Publication number
- CN107315947A CN107315947A CN201710469711.7A CN201710469711A CN107315947A CN 107315947 A CN107315947 A CN 107315947A CN 201710469711 A CN201710469711 A CN 201710469711A CN 107315947 A CN107315947 A CN 107315947A
- Authority
- CN
- China
- Prior art keywords
- application program
- payment
- class application
- class
- mentioned
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Stored Programmes (AREA)
- Telephone Function (AREA)
Abstract
Class application management method is paid the invention discloses one kind, pay class application program management device, mobile terminal and computer-readable recording medium, wherein, the payment class application management method includes:When receiving to start the enabled instruction for paying class application program, the process of the first process type is created for above-mentioned payment class application program;The type of the data file related to above-mentioned payment class application program is set to the first data file class;Wherein, above-mentioned first process type is different from the default process type of application program, and above-mentioned first data file class is different from the default data file type of application program, and the process of above-mentioned first process type and the data file of above-mentioned first data file class are forbidden by the process access of other process types.The technical scheme that the present invention is provided can effectively improve the security of mobile payment.
Description
Technical field
The present invention relates to application program technical field, and in particular to one kind pays class application management method, pays class
Application program management device, mobile terminal and computer-readable recording medium.
Background technology
With the development of mobile terminal and Internet technology, the function of mobile terminal also becomes increasingly abundant, intelligentized movement
Terminal just constantly improves the life of people, and therefore mobile payment also breeds.
Mobile payment refers to allow user to enter the commodity consumed or service using its mobile terminal (being usually mobile phone)
A kind of method of service that row account is paid.At present, the utilization rate of mobile payment is increased sharply, and user carries out account branch by mobile terminal
Pay turns into normality.Certainly, thing followed risk is also to increase day by day, how to ensure the security of mobile payment and turns into the industry
The problem of inquiring into and pay close attention to.
The UID based on application program isolates to the payment class application program in mobile terminal in the prior art, and it has
Body implementation is as follows:UID is distributed for it when the application is installed, one UID of each application program correspondence, application program exists
Duration on mobile terminal, its UID keeps constant.Because UID setting may be such that one operation of each application program formation
The application program " screen window " of system level, therefore, by setting corresponding authority to the UID for paying class application program, can make
The payment class application program can not be accessed by obtaining third party application.
Because root user's (root user is unique power user in operating system) in operating system can change
The corresponding authorities of UID of each application program, therefore, the above-mentioned UID based on application program should to the payment class in mobile terminal
Isolation, which is carried out, with program there is following drawback:Once some third party application is obtained after root authority, just it can change
Pay the corresponding authorities of UID of class application program so that the application program that can not be accessed from each other originally is destroyed.
The content of the invention
In view of this, the present invention provide it is a kind of pay class application management method, pay class application program management device,
Mobile terminal and computer-readable recording medium, the security for improving mobile payment.
First aspect present invention, which is provided, pays class application control method, including:
When receiving to start the enabled instruction for paying class application program, created for above-mentioned payment class application program
The process of first process type, wherein, first process type is different from the default process type of application program, and described the
The process of one process type is forbidden by the process access of other process types;
The type of the data file related to above-mentioned payment class application program is set to the first data file class, wherein,
Above-mentioned first data file class is different from the default data file type of application program, and above-mentioned first data file class
Data file is forbidden by the process access of above-mentioned other process types.
, should when receiving to start payment class in the first possible implementation based on first aspect present invention
During with the enabled instruction of program, above-mentioned payment class application control method also includes:
Whether detect above-mentioned payment class application program is application program to be protected;
If above-mentioned payment class application program is application program to be protected, trigger above-mentioned for above-mentioned payment class application journey
The step of sequence creates the process of the first process type and subsequent step;
If above-mentioned payment class application program is not application program to be protected, created for above-mentioned payment class application program
The process of above-mentioned default process type.
The first possible implementation based on first aspect present invention, in second of possible implementation, on
State whether the above-mentioned payment class application program of detection is application program to be protected, including:
Call default payment protection list;
If the mark of above-mentioned payment class application program is in above-mentioned payment protection list, above-mentioned payment class application journey is judged
Sequence is application program to be protected;
If the mark of above-mentioned payment class application program judges above-mentioned payment class application not in above-mentioned payment protection list
Program is not application program to be protected.
Based on first aspect present invention, the either possible implementation of the first of first aspect present invention or this hair
Second of possible implementation of bright first aspect, in the third possible implementation, above-mentioned payment class application program
Control method also includes:
If recognizing photograph subject at the interface of taking pictures of mobile terminal for Quick Response Code, detect above-mentioned Quick Response Code whether with
Pay related;
If above-mentioned Quick Response Code is related to payment, it is determined that receive to start the enabled instruction for paying class application program.
Second aspect of the present invention provides a kind of payment class application program management device, including:
Process creation unit, for when receiving to start the enabled instruction for paying class application program, for above-mentioned
The process that class application program creates the first process type is paid, wherein, first process type is different from the silent of application program
Recognize process type, and the process of first process type is forbidden by the process access of other process types;
Data file class setting unit, for the type of the data file related to above-mentioned payment class application program to be set
For the first data file class;
Wherein, above-mentioned first data file class is different from the default data file type of application program, and above-mentioned first
The data file of data file class forbids the above-mentioned process by other process types to access.
Based on second aspect of the present invention, in the first possible implementation, above-mentioned payment class application program management dress
Putting also includes:
First detection unit, for when receiving to start the enabled instruction for paying class application program, detecting above-mentioned
Pay whether class application program is application program to be protected;
Trigger element, for detecting above-mentioned payment class application program when above-mentioned first detection unit for application to be protected
During program, above-mentioned process creation unit is triggered;
Above-mentioned process creation unit is additionally operable to:It is not when above-mentioned first detection unit detects above-mentioned payment class application program
During application program to be protected, the process of above-mentioned default process type is created for above-mentioned payment class application program.
The first possible implementation based on second aspect of the present invention, in second of possible implementation, on
State the first detection unit specifically for:Call default payment protection list;When the mark of above-mentioned payment class application program is upper
When stating in payment protection list, judge above-mentioned payment class application program as application program to be protected;When above-mentioned payment class application
When the mark of program is not in above-mentioned payment protection list, judge above-mentioned payment class application program not as application journey to be protected
Sequence.
Based on second aspect of the present invention, the either possible implementation of the first of second aspect of the present invention or this hair
Second of possible implementation of bright second aspect, in the third possible implementation, above-mentioned payment class application program
Managing device also includes:
Second detection unit, for when recognizing photograph subject at the interface of taking pictures of mobile terminal for Quick Response Code, detecting
Whether above-mentioned Quick Response Code is related to payment;
Determining unit, for when above-mentioned second detection unit detect above-mentioned Quick Response Code it is related to payment when, it is determined that receive
To the enabled instruction that class application program is paid to start.
Third aspect present invention provides a kind of mobile terminal, including memory, processor and stores on a memory and can
The computer program run on a processor, realized during above-mentioned computing device above computer program above-mentioned first aspect or
The payment class application control method referred in any possible implementation of above-mentioned first aspect.
Fourth aspect present invention is provided to be stored with a kind of computer-readable recording medium, the computer-readable recording medium
Computer program, above computer program realizes any of above-mentioned first aspect or above-mentioned first aspect when being executed by processor
The payment class application control method referred in possible implementation.
Therefore, in the present invention program when receiving to start the enabled instruction for paying class application program, for
Above-mentioned payment class application program creates the process of the first process type, and the data related to above-mentioned payment class application program are literary
The type of part is set to the first data file class.Because first process type is different from the default process type of application program,
And first data file class be different from application program default data file type, and the process of first process type and
The data file of first data file class forbids being accessed by the process of other process types, therefore, for process type not
For the other application program of first process type, even if obtaining root authority, also it is not by the process type because of its process
First process type and can not also access the process and data of the payment class application program, it is achieved thereby that by the payment class should
The purpose isolated with program in the category class of process authority, and then improve the security of mobile payment.
Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing
There is the accompanying drawing used required in technology description to be briefly described, it should be apparent that, drawings in the following description are only this
Some embodiments of invention, for those of ordinary skill in the art, without having to pay creative labor, may be used also
To obtain other accompanying drawings according to these accompanying drawings.
Payment class application control method one embodiment schematic flow sheet that Fig. 1-a provide for the present invention;
Fig. 1-b are the default process type schematic diagram in existing android system;
Process type schematic diagram in the android system that Fig. 1-c provide for the present invention;
Process type, data file class and access relation schematic diagram that Fig. 1-d provide for the present invention;
Payment class application control method another embodiment schematic flow sheet that Fig. 2 provides for the present invention;
Payment class application program management device one embodiment structural representation that Fig. 3 provides for the present invention;
Mobile terminal one embodiment structural representation that Fig. 4 provides for the present invention.
Embodiment
To enable goal of the invention, feature, the advantage of the present invention more obvious and understandable, below in conjunction with the present invention
Accompanying drawing in embodiment, the technical scheme in the embodiment of the present invention is clearly and completely described, it is clear that described reality
It is only a part of embodiment of the invention to apply example, and not all embodiments.Based on the embodiment in the present invention, the common skill in this area
The every other embodiment that art personnel are obtained under the premise of creative work is not made, belongs to the model that the present invention is protected
Enclose.
A kind of class application control method that pays provided in an embodiment of the present invention is described below, refer to Fig. 1-
Payment class application control method in a, the embodiment of the present invention includes:
Step 101, when receiving to start the enabled instruction for paying class application program, for above-mentioned payment class application
The process of the process type of program creation first;
Wherein, above-mentioned first process type is different from the default process type of application program, and above-mentioned first process type
Process forbid by other process types process access.
In the embodiment of the present invention, above-mentioned payment class application program can be started by above-mentioned enabled instruction.
In a kind of application scenarios, user can be by triggering the figure of the payment class application program at the interface of mobile terminal
Mark to input above-mentioned enabled instruction.Accordingly, the payment class application control method in the embodiment of the present invention also includes:Work as prison
When hearing that the icon of the payment class application program is triggered, it is determined that the startup for receiving to start the payment class application program refers to
Order.Wherein, the mode of the icon of the above-mentioned triggering payment class application program for example can be the long-press payment class application program
Icon, the icon clicked the payment class application program or double-click the payment class application program, are not limited herein.
In another application program, user directly can include payment information by the camera scanning of mobile terminal
Quick Response Code, inputs above-mentioned enabled instruction in this way.Accordingly, the payment class application control method in the embodiment of the present invention
Also include:If it is two dimension that photograph subject is recognized at the interface of taking pictures (such as the interface of taking pictures for application program of taking pictures) of mobile terminal
Code, then, detect whether the Quick Response Code is related to payment;If the Quick Response Code is related to payment (such as when detecting in the Quick Response Code
During comprising payment information, judge that the Quick Response Code is related to payment), it is determined that receive to start opening for payment class application program
Dynamic instruction.If specifically, above-mentioned Quick Response Code includes:The application information of payment class application program is indicated, then above-mentioned determination connects
Receive to start the enabled instruction for paying class application program, be specially:Believe it is determined that receiving to start with the application program
The corresponding enabled instruction for paying class application program of manner of breathing.
Certainly, in addition to above two application scenarios, it can also be opened in the embodiment of the present invention using other manner input is above-mentioned
Dynamic instruction, is not limited herein.
In the embodiment of the present invention, the establishment of process is the only stage which must be passed by of application program launching, the process of every kind of process type
There is corresponding process authority, and can mutually be accessed from the angle of process authority between the process of same process type.
In a step 101, when receiving above-mentioned enabled instruction, show to be currently needed for starting corresponding payment class application program, now
The process of the first process type is created for above-mentioned payment class application program.By taking Android (i.e. Android) system as an example, such as Fig. 1-
Three kinds of default process types are provided with shown in b, in android system, are respectively:Untrusted_app, platform_app and
System_app, wherein, untrusted_app is the application program (commonly referred to as third party application) that user independently installs
Default process type, (wherein, platform_app and system_app be system from the default process type of tape program
Platform_app is the default process type for the application program that system is carried, and system_app is the default process of system program
Type).In the prior art, when third party application starts, can create process type for the third party application is
Untrusted_app process, substantially belongs to third party application, therefore, prior art due to paying class application program
In, the process type that establishment can be equally given tacit consent to for paying class application program is untrusted_app process.And the present invention is real
Apply in example, as shown in fig 1-c, be different from untrusted_app the first process type (i.e. for paying the setting of class application program
Coloros_sandbox_app in Fig. 1-c), and set the process of first process type and forbid by other process type (examples
Such as untrusted_app, platform_app and system_app) process access.
Step 102, the type of the data file related to above-mentioned payment class application program is set to the first data file class
Type;
Wherein, above-mentioned first data file class is different from the default data file type of application program, and above-mentioned first
The data file of data file class is forbidden by the process access of other process types.
There are two kinds of default data file types in android system, respectively system_app_data_file and
App_data_file (in other embodiments, default data file may also be named in other forms), wherein, system_
App_data_file represents the data file class corresponding to the process of system program, and app_data_file represents application program
Process corresponding to data file class.In the prior art, the corresponding data file class of all application programs, which is all given tacit consent to, sets
App_data_file is set to, and in the embodiment of the present invention, by the type of the data file related to above-mentioned payment class application program
It is set to the first data file class, and sets the data file of above-mentioned first data file class to forbid by other process types
Process is accessed.Specifically, on the basis of scene shown in Fig. 1-c, process type, data file class and access relation schematic diagram
Can be as shown in Fig. 1-d.In Fig. 1-d, dotted arrow represents to forbid accessing, and realizes that arrow represents to allow to access, can by Fig. 1-d
See, the data files of system_app_data_file types allows to be accessed by the process of system_app types, but forbid by
The process of the processes of platform_app types, the process of untrusted_app types and coloros_sandbox_app types
Access.The data file of app_data_file types allows by the process of platform_app types, untrusted_app classes
The process of type and the process of coloros_sandbox_app types are accessed, but are forbidden by the process access of system_app types.
Coloros_sandbox_app_data_file (i.e. above-mentioned first data file class) type allows coloros_sandbox_
The processes of app types is accessed, but forbid by the process of system_app types, the process of platform_app types and
The process of untrusted_app types is accessed.
Optionally, when receiving to start the enabled instruction for paying class application program, above-mentioned payment is further detected
Whether class application program is application program to be protected;If above-mentioned payment class application program is application program to be protected, touch
Hair states the step of creating the process of the first process type for above-mentioned payment class application program and subsequent step;If above-mentioned payment
Class application program is not application program to be protected, then creates above-mentioned default process type for above-mentioned payment class application program
Process for above-mentioned payment class application program (for example, when above-mentioned payment class application program is not application program to be protected, create
Build the process that process type is untrusted_app).
It should be noted that the payment class application control method in the embodiment of the present invention can be applied to pay class application
In program managing device, above-mentioned payment class application program management device can be independent equipment, or can also be integrated in shifting
In dynamic terminal or miscellaneous equipment, it is not construed as limiting herein.
Therefore, in the embodiment of the present invention when receiving to start the enabled instruction for paying class application program, pin
The process of the first process type is created to above-mentioned payment class application program, and by the data related to above-mentioned payment class application program
The type of file is set to the first data file class.Because first process type is different from the default process class of application program
Type, and first data file class is different from the default data file type of application program, and first process type is entered
Journey and the data file of first data file class are forbidden by the process access of other process types, therefore, for process class
Type is not the other application program of first process type, even if obtaining root authority, by because the process type of its process yet
The process and data of the payment class application program can not be accessed yet for first process type, it is achieved thereby that this is paid
The purpose that class application program is isolated in the category class of process authority, and then improve the security of mobile payment.
Embodiment two
The difference of the embodiment of the present invention and embodiment one is that the embodiment of the present invention is only for payment class application to be protected
Program is protected.Specifically, as shown in Fig. 2 the payment class application control method in the embodiment of the present invention includes:
Step 201, when receiving to start the enabled instruction for paying class application program, detect above-mentioned payment class application
Whether program is application program to be protected;
In the embodiment of the present invention, above-mentioned payment class application program can be started by above-mentioned enabled instruction.In one kind application
In scene, user can be referred to by triggering the icon of the payment class application program at the interface of mobile terminal to input above-mentioned startup
Order.Accordingly, the payment class application control method in the embodiment of the present invention also includes:When listening to the payment class application journey
When the icon of sequence is triggered, it is determined that receiving to start the enabled instruction of the payment class application program.Wherein, above-mentioned triggering should
Pay class application program icon mode for example can be the icon of the long-press payment class application program, click the payment class should
With program or the icon of the payment class application program is double-clicked, do not limited herein.In another application program, user can be with
The Quick Response Code of payment information is directly included by the camera scanning of mobile terminal, above-mentioned enabled instruction is inputted in this way.Phase
Answer, the payment class application control method in the embodiment of the present invention also includes:If in the application program of taking pictures of mobile terminal
Interface of taking pictures recognize photograph subject for Quick Response Code, then, detect whether the Quick Response Code related to payment;If the Quick Response Code and branch
Pay related (such as when detecting in the Quick Response Code comprising payment information, judging that the Quick Response Code is related to payment), it is determined that connect
Receive to start the enabled instruction for paying class application program.If specifically, above-mentioned Quick Response Code includes:Indicate to pay class application journey
The application information of sequence, then above-mentioned determination receives to start the enabled instruction for paying class application program, is specially:It is determined that
Receive to start the enabled instruction of the payment class application program corresponding with the application information.Certainly, except above-mentioned two
Plant outside application scenarios, above-mentioned enabled instruction can also be inputted using other manner in the embodiment of the present invention, do not limited herein.
In step 201, when receiving to start the enabled instruction for paying class application program, above-mentioned payment class is detected
Whether application program is application program to be protected, when above-mentioned payment class application program is not application program to be protected, is held
Row step 202, when above-mentioned payment class application program is application program to be protected, performs step 203.
Optionally, whether the above-mentioned payment class application program of above-mentioned detection is application program to be protected, including:Call default
Payment protection list;If the mark of above-mentioned payment class application program judges above-mentioned payment in above-mentioned payment protection list
Class application program is application program to be protected;If the mark of above-mentioned payment class application program is not in above-mentioned payment protection list
In, then judge above-mentioned payment class application program not as application program to be protected.In certain embodiment of the present invention, it can also pass through
Other manner detects whether above-mentioned payment class application program is application program to be protected, for example, by detecting above-mentioned payment class
Whether application program is application program through safety certification, if above-mentioned payment class application program through safety certification should
With program, then judge above-mentioned payment class application program as application program to be protected;If above-mentioned payment class application program is not
Application program through safety certification, then judge above-mentioned payment class application program not as application program to be protected.
Step 202, default process type of the process type for application program is created for above-mentioned payment class application program
Process;
By taking Android as an example, then when above-mentioned payment class application program is not application program to be protected, it can be directed to above-mentioned
Pay class application program and create the process that process type is untrusted_app.
Step 203, the process for above-mentioned payment class application program the first process type of establishment;
In the embodiment of the present invention, the establishment of process is the only stage which must be passed by of application program launching, the process of every kind of process type
There is corresponding process authority, and can mutually be accessed from the angle of process authority between the process of same process type.
In step 203, the process of the first process type is created for above-mentioned payment class application program.Wherein, above-mentioned first process class
Type is different from the default process type of application program, and the process of above-mentioned first process type forbids entering by other process types
Journey is accessed.Specifically, the description as described in above-mentioned first process type is referred to retouching for step 101 in Fig. 1-a illustrated embodiments
State, here is omitted.
Step 204, the type of the data file related to above-mentioned payment class application program is set to the first data file class
Type;
Wherein, above-mentioned first data file class is different from the default data file type of application program, and above-mentioned first
The data file of data file class is forbidden by the process access of other process types.
Specifically, step 204 is referred to the description of step 102 in Fig. 1-a illustrated embodiments, and here is omitted.
It should be noted that the payment class application control method in the embodiment of the present invention can be applied to pay class application
In program managing device, above-mentioned payment class application program management device can be independent equipment, or can also be integrated in shifting
In dynamic terminal or miscellaneous equipment, it is not construed as limiting herein.
Therefore, enabled instruction and the branch of class application program are paid when receiving to start in the embodiment of the present invention
When paying class application program for application program to be protected, entering for the first process type is created for above-mentioned payment class application program
Journey, and the type of the data file related to above-mentioned payment class application program is set to the first data file class.Due to this
One process type is different from the default process type of application program, and first data file class is different from the silent of application program
Recognize data file class, and the process of first process type and the data file of first data file class forbid it is other
The process of process type is accessed, therefore, for process type is not the other application program of first process type, even if obtaining
Root authority, also by because the process type of its process can not also not access the payment class application journey for first process type
The process and data of sequence, it is achieved thereby that the purpose that the payment class application program is isolated in the category class of process authority,
And then improve the security of mobile payment.
Embodiment three
The embodiment of the present invention also provides a kind of payment class application program management device, as shown in figure 3, in the embodiment of the present invention
Payment class application program management device 300 include:
Process creation unit 301, for when receiving to start the enabled instruction for paying class application program, for upper
State the process that class application program creates the first process type that pays;
Data file class setting unit 302, for by the class of the data file related to above-mentioned payment class application program
Type is set to the first data file class;
Wherein, above-mentioned first process type is different from the default process type of application program, and above-mentioned first data file
Type is different from the default data file type of application program, and the process of above-mentioned first process type and above-mentioned first data text
The data file of part type is forbidden by the process access of other process types.
Optionally, above-mentioned payment class application program management device also includes:
First detection unit, for when receiving to start the enabled instruction for paying class application program, detecting above-mentioned
Pay whether class application program is application program to be protected;
Trigger element, for detecting above-mentioned payment class application program when above-mentioned first detection unit for application to be protected
During program, above-mentioned process creation unit is triggered;
Process creation unit 301 is additionally operable to:It is not when above-mentioned first detection unit detects above-mentioned payment class application program
During application program to be protected, the process of above-mentioned default process type is created for above-mentioned payment class application program.
Optionally, above-mentioned first detection unit specifically for:Call default payment protection list;When above-mentioned payment class should
During with the mark of program in above-mentioned payment protection list, judge above-mentioned payment class application program as application program to be protected;
When the mark of above-mentioned payment class application program is not in above-mentioned payment protection list, judge above-mentioned payment class application program not as
Application program to be protected.
Optionally, the payment class application program management device in the embodiment of the present invention also includes:
Second detection unit, for being when the interface of taking pictures of the application program of taking pictures in mobile terminal recognizes photograph subject
During Quick Response Code, detect whether above-mentioned Quick Response Code is related to payment;
Determining unit, for when above-mentioned second detection unit detect above-mentioned Quick Response Code it is related to payment when, it is determined that receive
To the enabled instruction that class application program is paid to start.
It should be noted that the payment class application program management device in the embodiment of the present invention can be independent equipment,
Or can also be integrated in mobile terminal or miscellaneous equipment, it is not construed as limiting herein.
Therefore, in the embodiment of the present invention when receiving to start the enabled instruction for paying class application program, branch
The process that class application program management device creates the first process type for above-mentioned payment class application program is paid, and will be with above-mentioned branch
The type for paying the related data file of class application program is set to the first data file class.Because first process type is different from
The default process type of application program, and first data file class is different from the default data file type of application program,
And the process of first process type and the data file of first data file class are forbidden by the process of other process types
Access, therefore, for process type be not the other application program of first process type, even if obtaining root authority, also will
Because the process type of its process can not also not access the process sum of the payment class application program for first process type
According to, it is achieved thereby that the purpose that the payment class application program is isolated in the category class of process authority, and then improve shifting
The dynamic security paid.
Example IV
The embodiment of the present invention provides a kind of mobile terminal, referring to Fig. 4, the mobile terminal in the embodiment of the present invention includes:
Memory 401, one or more processors 402 (one is only shown in Fig. 4) and is stored on memory 401 and can be in processor
The computer program of upper operation.Wherein:Memory 401 is used to store software program and module, and processor 402 is deposited by operation
The software program and unit in memory 401 are stored up, so that various function application and data processing are performed, it is above-mentioned pre- to obtain
If the corresponding resource of event.Specifically, reality when processor 402 is stored in the above computer program of memory 401 by operation
Existing following steps:
When receiving to start the enabled instruction for paying class application program, created for above-mentioned payment class application program
The process of first process type, wherein, above-mentioned first process type is different from the default process type of application program, and above-mentioned the
The process of one process type is forbidden by the process access of other process types;
The type of the data file related to above-mentioned payment class application program is set to the first data file class;
Wherein, above-mentioned first data file class is different from the default data file type of application program, and above-mentioned first
The data file of data file class forbids the above-mentioned process by other process types to access.
Assuming that above-mentioned is the first possible embodiment, then provided based on the first possible embodiment
Second of possible embodiment in, when processor 402 is stored in the above computer program of memory 401 by operation also
Realize following steps:
When receiving to start the enabled instruction for paying class application program, whether above-mentioned payment class application program is detected
For application program to be protected;
If above-mentioned payment class application program is application program to be protected, trigger above-mentioned for above-mentioned payment class application journey
The step of sequence creates the process of the first process type and subsequent step;
If above-mentioned payment class application program is not application program to be protected, created for above-mentioned payment class application program
The process of above-mentioned default process type.
It is above-mentioned in the third the possible embodiment provided based on above-mentioned second possible embodiment
Whether detect above-mentioned payment class application program is application program to be protected, including:
Call default payment protection list;
If the mark of above-mentioned payment class application program is in above-mentioned payment protection list, above-mentioned payment class application journey is judged
Sequence is application program to be protected;
If the mark of above-mentioned payment class application program judges above-mentioned payment class application not in above-mentioned payment protection list
Program is not application program to be protected.
In the first above-mentioned possible embodiment or above-mentioned second of possible embodiment or the third above-mentioned possibility
Embodiment based on and provide the 4th kind of possible embodiment in, processor 402 by operation be stored in storage
Following steps are also realized during the above computer program of device 401:
If recognizing photograph subject at the interface of taking pictures of mobile terminal for Quick Response Code, detect above-mentioned Quick Response Code whether with
Pay related;
If above-mentioned Quick Response Code is related to payment, it is determined that receive to start the enabled instruction for paying class application program.
Further, as shown in figure 4, above-mentioned mobile terminal may also include:One or more input equipments 403 (only show in Fig. 4
Go out one) and one or more output equipments 404 (one is only shown in Fig. 4).Memory 401, processor 402, input equipment
403 and output equipment 404 connected by bus 405.
It should be appreciated that in embodiments of the present invention, alleged processor 402 can be CPU (Central
Processing Unit, CPU), the processor can also be other general processors, digital signal processor (Digital
Signal Processor, DSP), application specific integrated circuit (Application Specific Integrated Circuit,
ASIC), ready-made programmable gate array (Field-Programmable Gate Array, FPGA) or other FPGAs
Device, discrete gate or transistor logic, discrete hardware components etc..General processor can be microprocessor or this at
It can also be any conventional processor etc. to manage device.
Input equipment 403 can include keyboard, Trackpad, fingerprint adopt sensor (finger print information that is used to gathering user and
The directional information of fingerprint), microphone etc., output equipment 404 can include display, loudspeaker etc..
Memory 404 can include read-only storage and random access memory, and provide instruction sum to processor 401
According to.Part or all of memory 404 can also include nonvolatile RAM.For example, memory 404 may be used also
With the information of storage device type.
Therefore, in the embodiment of the present invention when receiving to start the enabled instruction for paying class application program, pin
The process of the first process type is created to above-mentioned payment class application program, and by the data related to above-mentioned payment class application program
The type of file is set to the first data file class.Because first process type is different from the default process class of application program
Type, and first data file class is different from the default data file type of application program, and first process type is entered
Journey and the data file of first data file class are forbidden by the process access of other process types, therefore, for process class
Type is not the other application program of first process type, even if obtaining root authority, by because the process type of its process yet
The process and data of the payment class application program can not be accessed yet for first process type, it is achieved thereby that this is paid
The purpose that class application program is isolated in the category class of process authority, and then improve the security of mobile payment.
It is apparent to those skilled in the art that, for convenience of description and succinctly, only with above-mentioned each work(
Energy unit, the division progress of module are for example, in practical application, as needed can distribute above-mentioned functions by different
Functional unit, module are completed, i.e., the internal structure of said apparatus is divided into different functional unit or module, more than completion
The all or part of function of description.Each functional unit, module in embodiment can be integrated in a processing unit, also may be used
To be that unit is individually physically present, can also two or more units it is integrated in a unit, it is above-mentioned integrated
Unit can both be realized in the form of hardware, it would however also be possible to employ the form of SFU software functional unit is realized.In addition, each function list
Member, the specific name of module are also only to facilitate mutually differentiation, is not limited to the protection domain of the application.Said system
The specific work process of middle unit, module, may be referred to the corresponding process in preceding method embodiment, will not be repeated here.
In the above-described embodiments, the description to each embodiment all emphasizes particularly on different fields, without detailed description or note in some embodiment
The part of load, may refer to the associated description of other embodiments.
Those of ordinary skill in the art are it is to be appreciated that the list of each example described with reference to the embodiments described herein
Member and algorithm steps, can be realized with the combination of electronic hardware or computer software and electronic hardware.These functions are actually
Performed with hardware or software mode, depending on the application-specific and design constraint of technical scheme.Professional and technical personnel
Described function can be realized using distinct methods to each specific application, but this realization is it is not considered that exceed
The scope of the present invention.
In embodiment provided by the present invention, it should be understood that disclosed apparatus and method, others can be passed through
Mode is realized.For example, system embodiment described above is only schematical, for example, the division of above-mentioned module or unit,
It is only a kind of division of logic function, there can be other dividing mode when actually realizing, such as multiple units or component can be with
With reference to or be desirably integrated into another system, or some features can be ignored, or not perform.It is another, it is shown or discussed
Coupling each other or direct-coupling or communication connection can be by some interfaces, the INDIRECT COUPLING of device or unit or
Communication connection, can be electrical, machinery or other forms.
The above-mentioned unit illustrated as separating component can be or may not be it is physically separate, it is aobvious as unit
The part shown can be or may not be physical location, you can with positioned at a place, or can also be distributed to multiple
On NE.Some or all of unit therein can be selected to realize the mesh of this embodiment scheme according to the actual needs
's.
If above-mentioned integrated unit is realized using in the form of SFU software functional unit and as independent production marketing or used
When, it can be stored in a computer read/write memory medium.Understood based on such, the present invention realizes above-described embodiment side
All or part of flow in method, can also instruct the hardware of correlation to complete, above-mentioned computer by computer program
Program can be stored in a computer-readable recording medium, and the computer program can be achieved above-mentioned each when being executed by processor
The step of individual embodiment of the method.Wherein, above computer program includes computer program code, and above computer program code can
Think source code form, object identification code form, executable file or some intermediate forms etc..Above computer computer-readable recording medium can be with
Including:Any entity or device, recording medium, USB flash disk, mobile hard disk, magnetic disc, light of above computer program code can be carried
Disk, computer storage, read-only storage (ROM, Read-Only Memory), random access memory (RAM, Random
Access Memory), electric carrier signal, telecommunication signal and software distribution medium etc..It should be noted that above computer
The content that computer-readable recording medium is included can carry out appropriate increase and decrease according to legislation in jurisdiction and the requirement of patent practice, for example
In some jurisdictions, according to legislation and patent practice, computer-readable medium does not include being electric carrier signal and telecommunications letter
Number.
Above above-described embodiment is merely illustrative of the technical solution of the present invention, rather than its limitations;Although with reference to foregoing reality
Example is applied the present invention is described in detail, it will be understood by those within the art that:It still can be to foregoing each
Technical scheme described in embodiment is modified, or carries out equivalent substitution to which part technical characteristic;And these are changed
Or replace, the essence of appropriate technical solution is departed from the spirit and scope of various embodiments of the present invention technical scheme, all should
Within protection scope of the present invention.
Claims (10)
1. one kind pays class application control method, it is characterised in that including:
When receiving to start the enabled instruction for paying class application program, first is created for the payment class application program
The process of process type, wherein, first process type is different from the default process type of application program, and described first enters
The process of journey type is forbidden by the process access of other process types;
The type of the data file related to the payment class application program is set to the first data file class, wherein, it is described
First data file class is different from the default data file type of application program, and the data of first data file class
File is forbidden by the process access of other process types.
2. payment class application control method according to claim 1, it is characterised in that when receiving to start branch
When paying the enabled instruction of class application program, the payment class application control method also includes:
Whether the detection payment class application program is application program to be protected;
If the payment class application program is application program to be protected, triggering is described for the payment class application program wound
The step of building the process of the first process type and subsequent step;
If the payment class application program is not application program to be protected, create described for the payment class application program
The process of default process type.
3. payment class application control method according to claim 2, it is characterised in that the detection payment class
Whether application program is application program to be protected, including:
Call default payment protection list;
If it is described pay class application program mark in the payment protection list, judge it is described payment class application program as
Application program to be protected;
If the mark for paying class application program is not in the payment protection list, the payment class application program is judged
It is not application program to be protected.
4. the payment class application control method according to any one of claims 1 to 3, it is characterised in that the payment
Class application control method also includes:
If recognizing photograph subject at the interface of taking pictures of mobile terminal for Quick Response Code, detect the Quick Response Code whether with payment
It is related;
If the Quick Response Code is related to payment, it is determined that receive to start the enabled instruction for paying class application program.
5. one kind pays class application program management device, it is characterised in that including:
Process creation unit, for when receiving to start the enabled instruction for paying class application program, being paid for described
Class application program creates the process of the first process type, wherein, the acquiescence that first process type is different from application program is entered
Journey type, and first process type process forbid by other process types process access;
Data file class setting unit, for the type to the related data file of the payment class application program to be set into the
One data file class;
Wherein, first data file class is different from the default data file type of application program, and first data
The data file of file type is forbidden by the process access of other process types.
6. payment class application program management device according to claim 5, it is characterised in that the payment class application program
Managing device also includes:
First detection unit, for when receiving to start the enabled instruction for paying class application program, detecting described pay
Whether class application program is application program to be protected;
Trigger element, for being application program to be protected when first detection unit detects the payment class application program
When, trigger the process creation unit;
The process creation unit is additionally operable to:It is not to wait to protect when first detection unit detects the payment class application program
During the application program of shield, the process of the default process type is created for the payment class application program.
7. payment class application program management device according to claim 6, it is characterised in that the first detection unit tool
Body is used for:Call default payment protection list;When the mark of the payment class application program is in the payment protection list
When, judge the payment class application program as application program to be protected;When the mark of the payment class application program is not in institute
When stating in payment protection list, judge the payment class application program not as application program to be protected.
8. the payment class application program management device according to any one of claim 5 to 7, it is characterised in that the payment
Class application program management device also includes:
Second detection unit, for when recognizing photograph subject at the interface of taking pictures of mobile terminal for Quick Response Code, detection to be described
Whether Quick Response Code is related to payment;
Determining unit, for when second detection unit detect the Quick Response Code it is related to payment when, it is determined that receiving use
To start the enabled instruction for paying class application program.
9. a kind of mobile terminal, including memory, processor and storage are on a memory and the calculating that can run on a processor
Machine program, it is characterised in that realized described in the computing device during computer program following such as any one of Claims 1-4
The step of methods described.
10. be stored with computer program, its feature on a kind of computer-readable recording medium, the computer-readable recording medium
It is, is realized when the computer program is executed by processor such as the step of any one of Claims 1-4 methods described.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710469711.7A CN107315947A (en) | 2017-06-20 | 2017-06-20 | Pay class application management method, device and mobile terminal |
PCT/CN2018/091280 WO2018233549A1 (en) | 2017-06-20 | 2018-06-14 | Payment-type application program management method and apparatus, and mobile terminal |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710469711.7A CN107315947A (en) | 2017-06-20 | 2017-06-20 | Pay class application management method, device and mobile terminal |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107315947A true CN107315947A (en) | 2017-11-03 |
Family
ID=60183302
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710469711.7A Pending CN107315947A (en) | 2017-06-20 | 2017-06-20 | Pay class application management method, device and mobile terminal |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN107315947A (en) |
WO (1) | WO2018233549A1 (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108287738A (en) * | 2017-12-21 | 2018-07-17 | 维沃移动通信有限公司 | A kind of application control method and device |
WO2018233549A1 (en) * | 2017-06-20 | 2018-12-27 | Oppo广东移动通信有限公司 | Payment-type application program management method and apparatus, and mobile terminal |
WO2019101050A1 (en) * | 2017-11-27 | 2019-05-31 | 华为技术有限公司 | Method for multi-terminal cooperative and secure working, and device |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102194074A (en) * | 2011-04-26 | 2011-09-21 | 北京思创银联科技股份有限公司 | Computer protection method based on process right |
CN102222292A (en) * | 2011-05-27 | 2011-10-19 | 北京洋浦伟业科技发展有限公司 | Mobile phone payment protection method |
CN106203081A (en) * | 2015-04-29 | 2016-12-07 | 北京壹人壹本信息科技有限公司 | A kind of safety protecting method and device |
CN106547590A (en) * | 2016-10-27 | 2017-03-29 | 北京奇虎科技有限公司 | The startup method of privacy application program and starter |
CN106778291A (en) * | 2016-11-22 | 2017-05-31 | 北京奇虎科技有限公司 | The partition method and isolating device of application program |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107315947A (en) * | 2017-06-20 | 2017-11-03 | 广东欧珀移动通信有限公司 | Pay class application management method, device and mobile terminal |
-
2017
- 2017-06-20 CN CN201710469711.7A patent/CN107315947A/en active Pending
-
2018
- 2018-06-14 WO PCT/CN2018/091280 patent/WO2018233549A1/en active Application Filing
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102194074A (en) * | 2011-04-26 | 2011-09-21 | 北京思创银联科技股份有限公司 | Computer protection method based on process right |
CN102222292A (en) * | 2011-05-27 | 2011-10-19 | 北京洋浦伟业科技发展有限公司 | Mobile phone payment protection method |
CN106203081A (en) * | 2015-04-29 | 2016-12-07 | 北京壹人壹本信息科技有限公司 | A kind of safety protecting method and device |
CN106547590A (en) * | 2016-10-27 | 2017-03-29 | 北京奇虎科技有限公司 | The startup method of privacy application program and starter |
CN106778291A (en) * | 2016-11-22 | 2017-05-31 | 北京奇虎科技有限公司 | The partition method and isolating device of application program |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2018233549A1 (en) * | 2017-06-20 | 2018-12-27 | Oppo广东移动通信有限公司 | Payment-type application program management method and apparatus, and mobile terminal |
WO2019101050A1 (en) * | 2017-11-27 | 2019-05-31 | 华为技术有限公司 | Method for multi-terminal cooperative and secure working, and device |
US11246039B2 (en) | 2017-11-27 | 2022-02-08 | Huawei Technologies Co., Ltd. | Method and apparatus for secure multi-terminal cooperative working |
CN108287738A (en) * | 2017-12-21 | 2018-07-17 | 维沃移动通信有限公司 | A kind of application control method and device |
Also Published As
Publication number | Publication date |
---|---|
WO2018233549A1 (en) | 2018-12-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7941861B2 (en) | Permitting multiple tasks requiring elevated rights | |
CN104866752B (en) | A kind of application guard method and user terminal | |
CN107506637A (en) | Information displaying method and device, terminal and readable storage medium storing program for executing | |
CN110018765A (en) | Page display method, device, terminal and storage medium | |
CN106355059A (en) | Password input method and terminal | |
CN107315947A (en) | Pay class application management method, device and mobile terminal | |
CN107608724A (en) | A kind of method, terminal and computer-readable recording medium for managing application program | |
CN107256356A (en) | Pay class application management method, device and mobile terminal | |
CN111861465A (en) | Detection method and device based on intelligent contract, storage medium and electronic device | |
CN107315633A (en) | Mobile payment means of defence, device and mobile terminal | |
CN111259460B (en) | Locking state information display method and device | |
CN107292614A (en) | Pay class application management method, device and mobile terminal | |
CN107292613A (en) | Mobile payment means of defence, device and mobile terminal | |
CN112463266A (en) | Execution policy generation method and device, electronic equipment and storage medium | |
CN105975306A (en) | Application program starting management method and application program starting management apparatus for electronic device | |
CN107301236A (en) | Application searches method, mobile terminal, server and computer-readable recording medium | |
CN108776633A (en) | Method, terminal device and the computer readable storage medium of monitoring process operation | |
CN106155870A (en) | The optimized treatment method of a kind of terminal, device and terminal | |
CN108171063A (en) | Method, terminal and the computer readable storage medium of access safety element | |
CN112818331A (en) | Adb tool encryption control method, device, equipment and storage medium | |
CN112181521A (en) | Parameter acquisition method, device, equipment and medium | |
CN107860394A (en) | Navigation route planning method, navigation route planning device and electric terminal | |
CN107357610A (en) | Management method, managing device and the terminal device of operating system | |
CN106502858A (en) | A kind of multiple subsystem power consumption determines method and terminal | |
CN109254805A (en) | A kind of application self-start method, terminal installation and readable storage medium storing program for executing |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20171103 |
|
RJ01 | Rejection of invention patent application after publication |