CN107315947A - Pay class application management method, device and mobile terminal - Google Patents

Pay class application management method, device and mobile terminal Download PDF

Info

Publication number
CN107315947A
CN107315947A CN201710469711.7A CN201710469711A CN107315947A CN 107315947 A CN107315947 A CN 107315947A CN 201710469711 A CN201710469711 A CN 201710469711A CN 107315947 A CN107315947 A CN 107315947A
Authority
CN
China
Prior art keywords
application program
payment
class application
class
mentioned
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710469711.7A
Other languages
Chinese (zh)
Inventor
帅朝春
梅小虎
张俊
李东蔚
林志泳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong Oppo Mobile Telecommunications Corp Ltd
Original Assignee
Guangdong Oppo Mobile Telecommunications Corp Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangdong Oppo Mobile Telecommunications Corp Ltd filed Critical Guangdong Oppo Mobile Telecommunications Corp Ltd
Priority to CN201710469711.7A priority Critical patent/CN107315947A/en
Publication of CN107315947A publication Critical patent/CN107315947A/en
Priority to PCT/CN2018/091280 priority patent/WO2018233549A1/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Stored Programmes (AREA)
  • Telephone Function (AREA)

Abstract

Class application management method is paid the invention discloses one kind, pay class application program management device, mobile terminal and computer-readable recording medium, wherein, the payment class application management method includes:When receiving to start the enabled instruction for paying class application program, the process of the first process type is created for above-mentioned payment class application program;The type of the data file related to above-mentioned payment class application program is set to the first data file class;Wherein, above-mentioned first process type is different from the default process type of application program, and above-mentioned first data file class is different from the default data file type of application program, and the process of above-mentioned first process type and the data file of above-mentioned first data file class are forbidden by the process access of other process types.The technical scheme that the present invention is provided can effectively improve the security of mobile payment.

Description

Pay class application management method, device and mobile terminal
Technical field
The present invention relates to application program technical field, and in particular to one kind pays class application management method, pays class Application program management device, mobile terminal and computer-readable recording medium.
Background technology
With the development of mobile terminal and Internet technology, the function of mobile terminal also becomes increasingly abundant, intelligentized movement Terminal just constantly improves the life of people, and therefore mobile payment also breeds.
Mobile payment refers to allow user to enter the commodity consumed or service using its mobile terminal (being usually mobile phone) A kind of method of service that row account is paid.At present, the utilization rate of mobile payment is increased sharply, and user carries out account branch by mobile terminal Pay turns into normality.Certainly, thing followed risk is also to increase day by day, how to ensure the security of mobile payment and turns into the industry The problem of inquiring into and pay close attention to.
The UID based on application program isolates to the payment class application program in mobile terminal in the prior art, and it has Body implementation is as follows:UID is distributed for it when the application is installed, one UID of each application program correspondence, application program exists Duration on mobile terminal, its UID keeps constant.Because UID setting may be such that one operation of each application program formation The application program " screen window " of system level, therefore, by setting corresponding authority to the UID for paying class application program, can make The payment class application program can not be accessed by obtaining third party application.
Because root user's (root user is unique power user in operating system) in operating system can change The corresponding authorities of UID of each application program, therefore, the above-mentioned UID based on application program should to the payment class in mobile terminal Isolation, which is carried out, with program there is following drawback:Once some third party application is obtained after root authority, just it can change Pay the corresponding authorities of UID of class application program so that the application program that can not be accessed from each other originally is destroyed.
The content of the invention
In view of this, the present invention provide it is a kind of pay class application management method, pay class application program management device, Mobile terminal and computer-readable recording medium, the security for improving mobile payment.
First aspect present invention, which is provided, pays class application control method, including:
When receiving to start the enabled instruction for paying class application program, created for above-mentioned payment class application program The process of first process type, wherein, first process type is different from the default process type of application program, and described the The process of one process type is forbidden by the process access of other process types;
The type of the data file related to above-mentioned payment class application program is set to the first data file class, wherein, Above-mentioned first data file class is different from the default data file type of application program, and above-mentioned first data file class Data file is forbidden by the process access of above-mentioned other process types.
, should when receiving to start payment class in the first possible implementation based on first aspect present invention During with the enabled instruction of program, above-mentioned payment class application control method also includes:
Whether detect above-mentioned payment class application program is application program to be protected;
If above-mentioned payment class application program is application program to be protected, trigger above-mentioned for above-mentioned payment class application journey The step of sequence creates the process of the first process type and subsequent step;
If above-mentioned payment class application program is not application program to be protected, created for above-mentioned payment class application program The process of above-mentioned default process type.
The first possible implementation based on first aspect present invention, in second of possible implementation, on State whether the above-mentioned payment class application program of detection is application program to be protected, including:
Call default payment protection list;
If the mark of above-mentioned payment class application program is in above-mentioned payment protection list, above-mentioned payment class application journey is judged Sequence is application program to be protected;
If the mark of above-mentioned payment class application program judges above-mentioned payment class application not in above-mentioned payment protection list Program is not application program to be protected.
Based on first aspect present invention, the either possible implementation of the first of first aspect present invention or this hair Second of possible implementation of bright first aspect, in the third possible implementation, above-mentioned payment class application program Control method also includes:
If recognizing photograph subject at the interface of taking pictures of mobile terminal for Quick Response Code, detect above-mentioned Quick Response Code whether with Pay related;
If above-mentioned Quick Response Code is related to payment, it is determined that receive to start the enabled instruction for paying class application program.
Second aspect of the present invention provides a kind of payment class application program management device, including:
Process creation unit, for when receiving to start the enabled instruction for paying class application program, for above-mentioned The process that class application program creates the first process type is paid, wherein, first process type is different from the silent of application program Recognize process type, and the process of first process type is forbidden by the process access of other process types;
Data file class setting unit, for the type of the data file related to above-mentioned payment class application program to be set For the first data file class;
Wherein, above-mentioned first data file class is different from the default data file type of application program, and above-mentioned first The data file of data file class forbids the above-mentioned process by other process types to access.
Based on second aspect of the present invention, in the first possible implementation, above-mentioned payment class application program management dress Putting also includes:
First detection unit, for when receiving to start the enabled instruction for paying class application program, detecting above-mentioned Pay whether class application program is application program to be protected;
Trigger element, for detecting above-mentioned payment class application program when above-mentioned first detection unit for application to be protected During program, above-mentioned process creation unit is triggered;
Above-mentioned process creation unit is additionally operable to:It is not when above-mentioned first detection unit detects above-mentioned payment class application program During application program to be protected, the process of above-mentioned default process type is created for above-mentioned payment class application program.
The first possible implementation based on second aspect of the present invention, in second of possible implementation, on State the first detection unit specifically for:Call default payment protection list;When the mark of above-mentioned payment class application program is upper When stating in payment protection list, judge above-mentioned payment class application program as application program to be protected;When above-mentioned payment class application When the mark of program is not in above-mentioned payment protection list, judge above-mentioned payment class application program not as application journey to be protected Sequence.
Based on second aspect of the present invention, the either possible implementation of the first of second aspect of the present invention or this hair Second of possible implementation of bright second aspect, in the third possible implementation, above-mentioned payment class application program Managing device also includes:
Second detection unit, for when recognizing photograph subject at the interface of taking pictures of mobile terminal for Quick Response Code, detecting Whether above-mentioned Quick Response Code is related to payment;
Determining unit, for when above-mentioned second detection unit detect above-mentioned Quick Response Code it is related to payment when, it is determined that receive To the enabled instruction that class application program is paid to start.
Third aspect present invention provides a kind of mobile terminal, including memory, processor and stores on a memory and can The computer program run on a processor, realized during above-mentioned computing device above computer program above-mentioned first aspect or The payment class application control method referred in any possible implementation of above-mentioned first aspect.
Fourth aspect present invention is provided to be stored with a kind of computer-readable recording medium, the computer-readable recording medium Computer program, above computer program realizes any of above-mentioned first aspect or above-mentioned first aspect when being executed by processor The payment class application control method referred in possible implementation.
Therefore, in the present invention program when receiving to start the enabled instruction for paying class application program, for Above-mentioned payment class application program creates the process of the first process type, and the data related to above-mentioned payment class application program are literary The type of part is set to the first data file class.Because first process type is different from the default process type of application program, And first data file class be different from application program default data file type, and the process of first process type and The data file of first data file class forbids being accessed by the process of other process types, therefore, for process type not For the other application program of first process type, even if obtaining root authority, also it is not by the process type because of its process First process type and can not also access the process and data of the payment class application program, it is achieved thereby that by the payment class should The purpose isolated with program in the category class of process authority, and then improve the security of mobile payment.
Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing There is the accompanying drawing used required in technology description to be briefly described, it should be apparent that, drawings in the following description are only this Some embodiments of invention, for those of ordinary skill in the art, without having to pay creative labor, may be used also To obtain other accompanying drawings according to these accompanying drawings.
Payment class application control method one embodiment schematic flow sheet that Fig. 1-a provide for the present invention;
Fig. 1-b are the default process type schematic diagram in existing android system;
Process type schematic diagram in the android system that Fig. 1-c provide for the present invention;
Process type, data file class and access relation schematic diagram that Fig. 1-d provide for the present invention;
Payment class application control method another embodiment schematic flow sheet that Fig. 2 provides for the present invention;
Payment class application program management device one embodiment structural representation that Fig. 3 provides for the present invention;
Mobile terminal one embodiment structural representation that Fig. 4 provides for the present invention.
Embodiment
To enable goal of the invention, feature, the advantage of the present invention more obvious and understandable, below in conjunction with the present invention Accompanying drawing in embodiment, the technical scheme in the embodiment of the present invention is clearly and completely described, it is clear that described reality It is only a part of embodiment of the invention to apply example, and not all embodiments.Based on the embodiment in the present invention, the common skill in this area The every other embodiment that art personnel are obtained under the premise of creative work is not made, belongs to the model that the present invention is protected Enclose.
A kind of class application control method that pays provided in an embodiment of the present invention is described below, refer to Fig. 1- Payment class application control method in a, the embodiment of the present invention includes:
Step 101, when receiving to start the enabled instruction for paying class application program, for above-mentioned payment class application The process of the process type of program creation first;
Wherein, above-mentioned first process type is different from the default process type of application program, and above-mentioned first process type Process forbid by other process types process access.
In the embodiment of the present invention, above-mentioned payment class application program can be started by above-mentioned enabled instruction.
In a kind of application scenarios, user can be by triggering the figure of the payment class application program at the interface of mobile terminal Mark to input above-mentioned enabled instruction.Accordingly, the payment class application control method in the embodiment of the present invention also includes:Work as prison When hearing that the icon of the payment class application program is triggered, it is determined that the startup for receiving to start the payment class application program refers to Order.Wherein, the mode of the icon of the above-mentioned triggering payment class application program for example can be the long-press payment class application program Icon, the icon clicked the payment class application program or double-click the payment class application program, are not limited herein.
In another application program, user directly can include payment information by the camera scanning of mobile terminal Quick Response Code, inputs above-mentioned enabled instruction in this way.Accordingly, the payment class application control method in the embodiment of the present invention Also include:If it is two dimension that photograph subject is recognized at the interface of taking pictures (such as the interface of taking pictures for application program of taking pictures) of mobile terminal Code, then, detect whether the Quick Response Code is related to payment;If the Quick Response Code is related to payment (such as when detecting in the Quick Response Code During comprising payment information, judge that the Quick Response Code is related to payment), it is determined that receive to start opening for payment class application program Dynamic instruction.If specifically, above-mentioned Quick Response Code includes:The application information of payment class application program is indicated, then above-mentioned determination connects Receive to start the enabled instruction for paying class application program, be specially:Believe it is determined that receiving to start with the application program The corresponding enabled instruction for paying class application program of manner of breathing.
Certainly, in addition to above two application scenarios, it can also be opened in the embodiment of the present invention using other manner input is above-mentioned Dynamic instruction, is not limited herein.
In the embodiment of the present invention, the establishment of process is the only stage which must be passed by of application program launching, the process of every kind of process type There is corresponding process authority, and can mutually be accessed from the angle of process authority between the process of same process type. In a step 101, when receiving above-mentioned enabled instruction, show to be currently needed for starting corresponding payment class application program, now The process of the first process type is created for above-mentioned payment class application program.By taking Android (i.e. Android) system as an example, such as Fig. 1- Three kinds of default process types are provided with shown in b, in android system, are respectively:Untrusted_app, platform_app and System_app, wherein, untrusted_app is the application program (commonly referred to as third party application) that user independently installs Default process type, (wherein, platform_app and system_app be system from the default process type of tape program Platform_app is the default process type for the application program that system is carried, and system_app is the default process of system program Type).In the prior art, when third party application starts, can create process type for the third party application is Untrusted_app process, substantially belongs to third party application, therefore, prior art due to paying class application program In, the process type that establishment can be equally given tacit consent to for paying class application program is untrusted_app process.And the present invention is real Apply in example, as shown in fig 1-c, be different from untrusted_app the first process type (i.e. for paying the setting of class application program Coloros_sandbox_app in Fig. 1-c), and set the process of first process type and forbid by other process type (examples Such as untrusted_app, platform_app and system_app) process access.
Step 102, the type of the data file related to above-mentioned payment class application program is set to the first data file class Type;
Wherein, above-mentioned first data file class is different from the default data file type of application program, and above-mentioned first The data file of data file class is forbidden by the process access of other process types.
There are two kinds of default data file types in android system, respectively system_app_data_file and App_data_file (in other embodiments, default data file may also be named in other forms), wherein, system_ App_data_file represents the data file class corresponding to the process of system program, and app_data_file represents application program Process corresponding to data file class.In the prior art, the corresponding data file class of all application programs, which is all given tacit consent to, sets App_data_file is set to, and in the embodiment of the present invention, by the type of the data file related to above-mentioned payment class application program It is set to the first data file class, and sets the data file of above-mentioned first data file class to forbid by other process types Process is accessed.Specifically, on the basis of scene shown in Fig. 1-c, process type, data file class and access relation schematic diagram Can be as shown in Fig. 1-d.In Fig. 1-d, dotted arrow represents to forbid accessing, and realizes that arrow represents to allow to access, can by Fig. 1-d See, the data files of system_app_data_file types allows to be accessed by the process of system_app types, but forbid by The process of the processes of platform_app types, the process of untrusted_app types and coloros_sandbox_app types Access.The data file of app_data_file types allows by the process of platform_app types, untrusted_app classes The process of type and the process of coloros_sandbox_app types are accessed, but are forbidden by the process access of system_app types. Coloros_sandbox_app_data_file (i.e. above-mentioned first data file class) type allows coloros_sandbox_ The processes of app types is accessed, but forbid by the process of system_app types, the process of platform_app types and The process of untrusted_app types is accessed.
Optionally, when receiving to start the enabled instruction for paying class application program, above-mentioned payment is further detected Whether class application program is application program to be protected;If above-mentioned payment class application program is application program to be protected, touch Hair states the step of creating the process of the first process type for above-mentioned payment class application program and subsequent step;If above-mentioned payment Class application program is not application program to be protected, then creates above-mentioned default process type for above-mentioned payment class application program Process for above-mentioned payment class application program (for example, when above-mentioned payment class application program is not application program to be protected, create Build the process that process type is untrusted_app).
It should be noted that the payment class application control method in the embodiment of the present invention can be applied to pay class application In program managing device, above-mentioned payment class application program management device can be independent equipment, or can also be integrated in shifting In dynamic terminal or miscellaneous equipment, it is not construed as limiting herein.
Therefore, in the embodiment of the present invention when receiving to start the enabled instruction for paying class application program, pin The process of the first process type is created to above-mentioned payment class application program, and by the data related to above-mentioned payment class application program The type of file is set to the first data file class.Because first process type is different from the default process class of application program Type, and first data file class is different from the default data file type of application program, and first process type is entered Journey and the data file of first data file class are forbidden by the process access of other process types, therefore, for process class Type is not the other application program of first process type, even if obtaining root authority, by because the process type of its process yet The process and data of the payment class application program can not be accessed yet for first process type, it is achieved thereby that this is paid The purpose that class application program is isolated in the category class of process authority, and then improve the security of mobile payment.
Embodiment two
The difference of the embodiment of the present invention and embodiment one is that the embodiment of the present invention is only for payment class application to be protected Program is protected.Specifically, as shown in Fig. 2 the payment class application control method in the embodiment of the present invention includes:
Step 201, when receiving to start the enabled instruction for paying class application program, detect above-mentioned payment class application Whether program is application program to be protected;
In the embodiment of the present invention, above-mentioned payment class application program can be started by above-mentioned enabled instruction.In one kind application In scene, user can be referred to by triggering the icon of the payment class application program at the interface of mobile terminal to input above-mentioned startup Order.Accordingly, the payment class application control method in the embodiment of the present invention also includes:When listening to the payment class application journey When the icon of sequence is triggered, it is determined that receiving to start the enabled instruction of the payment class application program.Wherein, above-mentioned triggering should Pay class application program icon mode for example can be the icon of the long-press payment class application program, click the payment class should With program or the icon of the payment class application program is double-clicked, do not limited herein.In another application program, user can be with The Quick Response Code of payment information is directly included by the camera scanning of mobile terminal, above-mentioned enabled instruction is inputted in this way.Phase Answer, the payment class application control method in the embodiment of the present invention also includes:If in the application program of taking pictures of mobile terminal Interface of taking pictures recognize photograph subject for Quick Response Code, then, detect whether the Quick Response Code related to payment;If the Quick Response Code and branch Pay related (such as when detecting in the Quick Response Code comprising payment information, judging that the Quick Response Code is related to payment), it is determined that connect Receive to start the enabled instruction for paying class application program.If specifically, above-mentioned Quick Response Code includes:Indicate to pay class application journey The application information of sequence, then above-mentioned determination receives to start the enabled instruction for paying class application program, is specially:It is determined that Receive to start the enabled instruction of the payment class application program corresponding with the application information.Certainly, except above-mentioned two Plant outside application scenarios, above-mentioned enabled instruction can also be inputted using other manner in the embodiment of the present invention, do not limited herein.
In step 201, when receiving to start the enabled instruction for paying class application program, above-mentioned payment class is detected Whether application program is application program to be protected, when above-mentioned payment class application program is not application program to be protected, is held Row step 202, when above-mentioned payment class application program is application program to be protected, performs step 203.
Optionally, whether the above-mentioned payment class application program of above-mentioned detection is application program to be protected, including:Call default Payment protection list;If the mark of above-mentioned payment class application program judges above-mentioned payment in above-mentioned payment protection list Class application program is application program to be protected;If the mark of above-mentioned payment class application program is not in above-mentioned payment protection list In, then judge above-mentioned payment class application program not as application program to be protected.In certain embodiment of the present invention, it can also pass through Other manner detects whether above-mentioned payment class application program is application program to be protected, for example, by detecting above-mentioned payment class Whether application program is application program through safety certification, if above-mentioned payment class application program through safety certification should With program, then judge above-mentioned payment class application program as application program to be protected;If above-mentioned payment class application program is not Application program through safety certification, then judge above-mentioned payment class application program not as application program to be protected.
Step 202, default process type of the process type for application program is created for above-mentioned payment class application program Process;
By taking Android as an example, then when above-mentioned payment class application program is not application program to be protected, it can be directed to above-mentioned Pay class application program and create the process that process type is untrusted_app.
Step 203, the process for above-mentioned payment class application program the first process type of establishment;
In the embodiment of the present invention, the establishment of process is the only stage which must be passed by of application program launching, the process of every kind of process type There is corresponding process authority, and can mutually be accessed from the angle of process authority between the process of same process type. In step 203, the process of the first process type is created for above-mentioned payment class application program.Wherein, above-mentioned first process class Type is different from the default process type of application program, and the process of above-mentioned first process type forbids entering by other process types Journey is accessed.Specifically, the description as described in above-mentioned first process type is referred to retouching for step 101 in Fig. 1-a illustrated embodiments State, here is omitted.
Step 204, the type of the data file related to above-mentioned payment class application program is set to the first data file class Type;
Wherein, above-mentioned first data file class is different from the default data file type of application program, and above-mentioned first The data file of data file class is forbidden by the process access of other process types.
Specifically, step 204 is referred to the description of step 102 in Fig. 1-a illustrated embodiments, and here is omitted.
It should be noted that the payment class application control method in the embodiment of the present invention can be applied to pay class application In program managing device, above-mentioned payment class application program management device can be independent equipment, or can also be integrated in shifting In dynamic terminal or miscellaneous equipment, it is not construed as limiting herein.
Therefore, enabled instruction and the branch of class application program are paid when receiving to start in the embodiment of the present invention When paying class application program for application program to be protected, entering for the first process type is created for above-mentioned payment class application program Journey, and the type of the data file related to above-mentioned payment class application program is set to the first data file class.Due to this One process type is different from the default process type of application program, and first data file class is different from the silent of application program Recognize data file class, and the process of first process type and the data file of first data file class forbid it is other The process of process type is accessed, therefore, for process type is not the other application program of first process type, even if obtaining Root authority, also by because the process type of its process can not also not access the payment class application journey for first process type The process and data of sequence, it is achieved thereby that the purpose that the payment class application program is isolated in the category class of process authority, And then improve the security of mobile payment.
Embodiment three
The embodiment of the present invention also provides a kind of payment class application program management device, as shown in figure 3, in the embodiment of the present invention Payment class application program management device 300 include:
Process creation unit 301, for when receiving to start the enabled instruction for paying class application program, for upper State the process that class application program creates the first process type that pays;
Data file class setting unit 302, for by the class of the data file related to above-mentioned payment class application program Type is set to the first data file class;
Wherein, above-mentioned first process type is different from the default process type of application program, and above-mentioned first data file Type is different from the default data file type of application program, and the process of above-mentioned first process type and above-mentioned first data text The data file of part type is forbidden by the process access of other process types.
Optionally, above-mentioned payment class application program management device also includes:
First detection unit, for when receiving to start the enabled instruction for paying class application program, detecting above-mentioned Pay whether class application program is application program to be protected;
Trigger element, for detecting above-mentioned payment class application program when above-mentioned first detection unit for application to be protected During program, above-mentioned process creation unit is triggered;
Process creation unit 301 is additionally operable to:It is not when above-mentioned first detection unit detects above-mentioned payment class application program During application program to be protected, the process of above-mentioned default process type is created for above-mentioned payment class application program.
Optionally, above-mentioned first detection unit specifically for:Call default payment protection list;When above-mentioned payment class should During with the mark of program in above-mentioned payment protection list, judge above-mentioned payment class application program as application program to be protected; When the mark of above-mentioned payment class application program is not in above-mentioned payment protection list, judge above-mentioned payment class application program not as Application program to be protected.
Optionally, the payment class application program management device in the embodiment of the present invention also includes:
Second detection unit, for being when the interface of taking pictures of the application program of taking pictures in mobile terminal recognizes photograph subject During Quick Response Code, detect whether above-mentioned Quick Response Code is related to payment;
Determining unit, for when above-mentioned second detection unit detect above-mentioned Quick Response Code it is related to payment when, it is determined that receive To the enabled instruction that class application program is paid to start.
It should be noted that the payment class application program management device in the embodiment of the present invention can be independent equipment, Or can also be integrated in mobile terminal or miscellaneous equipment, it is not construed as limiting herein.
Therefore, in the embodiment of the present invention when receiving to start the enabled instruction for paying class application program, branch The process that class application program management device creates the first process type for above-mentioned payment class application program is paid, and will be with above-mentioned branch The type for paying the related data file of class application program is set to the first data file class.Because first process type is different from The default process type of application program, and first data file class is different from the default data file type of application program, And the process of first process type and the data file of first data file class are forbidden by the process of other process types Access, therefore, for process type be not the other application program of first process type, even if obtaining root authority, also will Because the process type of its process can not also not access the process sum of the payment class application program for first process type According to, it is achieved thereby that the purpose that the payment class application program is isolated in the category class of process authority, and then improve shifting The dynamic security paid.
Example IV
The embodiment of the present invention provides a kind of mobile terminal, referring to Fig. 4, the mobile terminal in the embodiment of the present invention includes: Memory 401, one or more processors 402 (one is only shown in Fig. 4) and is stored on memory 401 and can be in processor The computer program of upper operation.Wherein:Memory 401 is used to store software program and module, and processor 402 is deposited by operation The software program and unit in memory 401 are stored up, so that various function application and data processing are performed, it is above-mentioned pre- to obtain If the corresponding resource of event.Specifically, reality when processor 402 is stored in the above computer program of memory 401 by operation Existing following steps:
When receiving to start the enabled instruction for paying class application program, created for above-mentioned payment class application program The process of first process type, wherein, above-mentioned first process type is different from the default process type of application program, and above-mentioned the The process of one process type is forbidden by the process access of other process types;
The type of the data file related to above-mentioned payment class application program is set to the first data file class;
Wherein, above-mentioned first data file class is different from the default data file type of application program, and above-mentioned first The data file of data file class forbids the above-mentioned process by other process types to access.
Assuming that above-mentioned is the first possible embodiment, then provided based on the first possible embodiment Second of possible embodiment in, when processor 402 is stored in the above computer program of memory 401 by operation also Realize following steps:
When receiving to start the enabled instruction for paying class application program, whether above-mentioned payment class application program is detected For application program to be protected;
If above-mentioned payment class application program is application program to be protected, trigger above-mentioned for above-mentioned payment class application journey The step of sequence creates the process of the first process type and subsequent step;
If above-mentioned payment class application program is not application program to be protected, created for above-mentioned payment class application program The process of above-mentioned default process type.
It is above-mentioned in the third the possible embodiment provided based on above-mentioned second possible embodiment Whether detect above-mentioned payment class application program is application program to be protected, including:
Call default payment protection list;
If the mark of above-mentioned payment class application program is in above-mentioned payment protection list, above-mentioned payment class application journey is judged Sequence is application program to be protected;
If the mark of above-mentioned payment class application program judges above-mentioned payment class application not in above-mentioned payment protection list Program is not application program to be protected.
In the first above-mentioned possible embodiment or above-mentioned second of possible embodiment or the third above-mentioned possibility Embodiment based on and provide the 4th kind of possible embodiment in, processor 402 by operation be stored in storage Following steps are also realized during the above computer program of device 401:
If recognizing photograph subject at the interface of taking pictures of mobile terminal for Quick Response Code, detect above-mentioned Quick Response Code whether with Pay related;
If above-mentioned Quick Response Code is related to payment, it is determined that receive to start the enabled instruction for paying class application program.
Further, as shown in figure 4, above-mentioned mobile terminal may also include:One or more input equipments 403 (only show in Fig. 4 Go out one) and one or more output equipments 404 (one is only shown in Fig. 4).Memory 401, processor 402, input equipment 403 and output equipment 404 connected by bus 405.
It should be appreciated that in embodiments of the present invention, alleged processor 402 can be CPU (Central Processing Unit, CPU), the processor can also be other general processors, digital signal processor (Digital Signal Processor, DSP), application specific integrated circuit (Application Specific Integrated Circuit, ASIC), ready-made programmable gate array (Field-Programmable Gate Array, FPGA) or other FPGAs Device, discrete gate or transistor logic, discrete hardware components etc..General processor can be microprocessor or this at It can also be any conventional processor etc. to manage device.
Input equipment 403 can include keyboard, Trackpad, fingerprint adopt sensor (finger print information that is used to gathering user and The directional information of fingerprint), microphone etc., output equipment 404 can include display, loudspeaker etc..
Memory 404 can include read-only storage and random access memory, and provide instruction sum to processor 401 According to.Part or all of memory 404 can also include nonvolatile RAM.For example, memory 404 may be used also With the information of storage device type.
Therefore, in the embodiment of the present invention when receiving to start the enabled instruction for paying class application program, pin The process of the first process type is created to above-mentioned payment class application program, and by the data related to above-mentioned payment class application program The type of file is set to the first data file class.Because first process type is different from the default process class of application program Type, and first data file class is different from the default data file type of application program, and first process type is entered Journey and the data file of first data file class are forbidden by the process access of other process types, therefore, for process class Type is not the other application program of first process type, even if obtaining root authority, by because the process type of its process yet The process and data of the payment class application program can not be accessed yet for first process type, it is achieved thereby that this is paid The purpose that class application program is isolated in the category class of process authority, and then improve the security of mobile payment.
It is apparent to those skilled in the art that, for convenience of description and succinctly, only with above-mentioned each work( Energy unit, the division progress of module are for example, in practical application, as needed can distribute above-mentioned functions by different Functional unit, module are completed, i.e., the internal structure of said apparatus is divided into different functional unit or module, more than completion The all or part of function of description.Each functional unit, module in embodiment can be integrated in a processing unit, also may be used To be that unit is individually physically present, can also two or more units it is integrated in a unit, it is above-mentioned integrated Unit can both be realized in the form of hardware, it would however also be possible to employ the form of SFU software functional unit is realized.In addition, each function list Member, the specific name of module are also only to facilitate mutually differentiation, is not limited to the protection domain of the application.Said system The specific work process of middle unit, module, may be referred to the corresponding process in preceding method embodiment, will not be repeated here.
In the above-described embodiments, the description to each embodiment all emphasizes particularly on different fields, without detailed description or note in some embodiment The part of load, may refer to the associated description of other embodiments.
Those of ordinary skill in the art are it is to be appreciated that the list of each example described with reference to the embodiments described herein Member and algorithm steps, can be realized with the combination of electronic hardware or computer software and electronic hardware.These functions are actually Performed with hardware or software mode, depending on the application-specific and design constraint of technical scheme.Professional and technical personnel Described function can be realized using distinct methods to each specific application, but this realization is it is not considered that exceed The scope of the present invention.
In embodiment provided by the present invention, it should be understood that disclosed apparatus and method, others can be passed through Mode is realized.For example, system embodiment described above is only schematical, for example, the division of above-mentioned module or unit, It is only a kind of division of logic function, there can be other dividing mode when actually realizing, such as multiple units or component can be with With reference to or be desirably integrated into another system, or some features can be ignored, or not perform.It is another, it is shown or discussed Coupling each other or direct-coupling or communication connection can be by some interfaces, the INDIRECT COUPLING of device or unit or Communication connection, can be electrical, machinery or other forms.
The above-mentioned unit illustrated as separating component can be or may not be it is physically separate, it is aobvious as unit The part shown can be or may not be physical location, you can with positioned at a place, or can also be distributed to multiple On NE.Some or all of unit therein can be selected to realize the mesh of this embodiment scheme according to the actual needs 's.
If above-mentioned integrated unit is realized using in the form of SFU software functional unit and as independent production marketing or used When, it can be stored in a computer read/write memory medium.Understood based on such, the present invention realizes above-described embodiment side All or part of flow in method, can also instruct the hardware of correlation to complete, above-mentioned computer by computer program Program can be stored in a computer-readable recording medium, and the computer program can be achieved above-mentioned each when being executed by processor The step of individual embodiment of the method.Wherein, above computer program includes computer program code, and above computer program code can Think source code form, object identification code form, executable file or some intermediate forms etc..Above computer computer-readable recording medium can be with Including:Any entity or device, recording medium, USB flash disk, mobile hard disk, magnetic disc, light of above computer program code can be carried Disk, computer storage, read-only storage (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), electric carrier signal, telecommunication signal and software distribution medium etc..It should be noted that above computer The content that computer-readable recording medium is included can carry out appropriate increase and decrease according to legislation in jurisdiction and the requirement of patent practice, for example In some jurisdictions, according to legislation and patent practice, computer-readable medium does not include being electric carrier signal and telecommunications letter Number.
Above above-described embodiment is merely illustrative of the technical solution of the present invention, rather than its limitations;Although with reference to foregoing reality Example is applied the present invention is described in detail, it will be understood by those within the art that:It still can be to foregoing each Technical scheme described in embodiment is modified, or carries out equivalent substitution to which part technical characteristic;And these are changed Or replace, the essence of appropriate technical solution is departed from the spirit and scope of various embodiments of the present invention technical scheme, all should Within protection scope of the present invention.

Claims (10)

1. one kind pays class application control method, it is characterised in that including:
When receiving to start the enabled instruction for paying class application program, first is created for the payment class application program The process of process type, wherein, first process type is different from the default process type of application program, and described first enters The process of journey type is forbidden by the process access of other process types;
The type of the data file related to the payment class application program is set to the first data file class, wherein, it is described First data file class is different from the default data file type of application program, and the data of first data file class File is forbidden by the process access of other process types.
2. payment class application control method according to claim 1, it is characterised in that when receiving to start branch When paying the enabled instruction of class application program, the payment class application control method also includes:
Whether the detection payment class application program is application program to be protected;
If the payment class application program is application program to be protected, triggering is described for the payment class application program wound The step of building the process of the first process type and subsequent step;
If the payment class application program is not application program to be protected, create described for the payment class application program The process of default process type.
3. payment class application control method according to claim 2, it is characterised in that the detection payment class Whether application program is application program to be protected, including:
Call default payment protection list;
If it is described pay class application program mark in the payment protection list, judge it is described payment class application program as Application program to be protected;
If the mark for paying class application program is not in the payment protection list, the payment class application program is judged It is not application program to be protected.
4. the payment class application control method according to any one of claims 1 to 3, it is characterised in that the payment Class application control method also includes:
If recognizing photograph subject at the interface of taking pictures of mobile terminal for Quick Response Code, detect the Quick Response Code whether with payment It is related;
If the Quick Response Code is related to payment, it is determined that receive to start the enabled instruction for paying class application program.
5. one kind pays class application program management device, it is characterised in that including:
Process creation unit, for when receiving to start the enabled instruction for paying class application program, being paid for described Class application program creates the process of the first process type, wherein, the acquiescence that first process type is different from application program is entered Journey type, and first process type process forbid by other process types process access;
Data file class setting unit, for the type to the related data file of the payment class application program to be set into the One data file class;
Wherein, first data file class is different from the default data file type of application program, and first data The data file of file type is forbidden by the process access of other process types.
6. payment class application program management device according to claim 5, it is characterised in that the payment class application program Managing device also includes:
First detection unit, for when receiving to start the enabled instruction for paying class application program, detecting described pay Whether class application program is application program to be protected;
Trigger element, for being application program to be protected when first detection unit detects the payment class application program When, trigger the process creation unit;
The process creation unit is additionally operable to:It is not to wait to protect when first detection unit detects the payment class application program During the application program of shield, the process of the default process type is created for the payment class application program.
7. payment class application program management device according to claim 6, it is characterised in that the first detection unit tool Body is used for:Call default payment protection list;When the mark of the payment class application program is in the payment protection list When, judge the payment class application program as application program to be protected;When the mark of the payment class application program is not in institute When stating in payment protection list, judge the payment class application program not as application program to be protected.
8. the payment class application program management device according to any one of claim 5 to 7, it is characterised in that the payment Class application program management device also includes:
Second detection unit, for when recognizing photograph subject at the interface of taking pictures of mobile terminal for Quick Response Code, detection to be described Whether Quick Response Code is related to payment;
Determining unit, for when second detection unit detect the Quick Response Code it is related to payment when, it is determined that receiving use To start the enabled instruction for paying class application program.
9. a kind of mobile terminal, including memory, processor and storage are on a memory and the calculating that can run on a processor Machine program, it is characterised in that realized described in the computing device during computer program following such as any one of Claims 1-4 The step of methods described.
10. be stored with computer program, its feature on a kind of computer-readable recording medium, the computer-readable recording medium It is, is realized when the computer program is executed by processor such as the step of any one of Claims 1-4 methods described.
CN201710469711.7A 2017-06-20 2017-06-20 Pay class application management method, device and mobile terminal Pending CN107315947A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201710469711.7A CN107315947A (en) 2017-06-20 2017-06-20 Pay class application management method, device and mobile terminal
PCT/CN2018/091280 WO2018233549A1 (en) 2017-06-20 2018-06-14 Payment-type application program management method and apparatus, and mobile terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710469711.7A CN107315947A (en) 2017-06-20 2017-06-20 Pay class application management method, device and mobile terminal

Publications (1)

Publication Number Publication Date
CN107315947A true CN107315947A (en) 2017-11-03

Family

ID=60183302

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710469711.7A Pending CN107315947A (en) 2017-06-20 2017-06-20 Pay class application management method, device and mobile terminal

Country Status (2)

Country Link
CN (1) CN107315947A (en)
WO (1) WO2018233549A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108287738A (en) * 2017-12-21 2018-07-17 维沃移动通信有限公司 A kind of application control method and device
WO2018233549A1 (en) * 2017-06-20 2018-12-27 Oppo广东移动通信有限公司 Payment-type application program management method and apparatus, and mobile terminal
WO2019101050A1 (en) * 2017-11-27 2019-05-31 华为技术有限公司 Method for multi-terminal cooperative and secure working, and device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102194074A (en) * 2011-04-26 2011-09-21 北京思创银联科技股份有限公司 Computer protection method based on process right
CN102222292A (en) * 2011-05-27 2011-10-19 北京洋浦伟业科技发展有限公司 Mobile phone payment protection method
CN106203081A (en) * 2015-04-29 2016-12-07 北京壹人壹本信息科技有限公司 A kind of safety protecting method and device
CN106547590A (en) * 2016-10-27 2017-03-29 北京奇虎科技有限公司 The startup method of privacy application program and starter
CN106778291A (en) * 2016-11-22 2017-05-31 北京奇虎科技有限公司 The partition method and isolating device of application program

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107315947A (en) * 2017-06-20 2017-11-03 广东欧珀移动通信有限公司 Pay class application management method, device and mobile terminal

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102194074A (en) * 2011-04-26 2011-09-21 北京思创银联科技股份有限公司 Computer protection method based on process right
CN102222292A (en) * 2011-05-27 2011-10-19 北京洋浦伟业科技发展有限公司 Mobile phone payment protection method
CN106203081A (en) * 2015-04-29 2016-12-07 北京壹人壹本信息科技有限公司 A kind of safety protecting method and device
CN106547590A (en) * 2016-10-27 2017-03-29 北京奇虎科技有限公司 The startup method of privacy application program and starter
CN106778291A (en) * 2016-11-22 2017-05-31 北京奇虎科技有限公司 The partition method and isolating device of application program

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018233549A1 (en) * 2017-06-20 2018-12-27 Oppo广东移动通信有限公司 Payment-type application program management method and apparatus, and mobile terminal
WO2019101050A1 (en) * 2017-11-27 2019-05-31 华为技术有限公司 Method for multi-terminal cooperative and secure working, and device
US11246039B2 (en) 2017-11-27 2022-02-08 Huawei Technologies Co., Ltd. Method and apparatus for secure multi-terminal cooperative working
CN108287738A (en) * 2017-12-21 2018-07-17 维沃移动通信有限公司 A kind of application control method and device

Also Published As

Publication number Publication date
WO2018233549A1 (en) 2018-12-27

Similar Documents

Publication Publication Date Title
US7941861B2 (en) Permitting multiple tasks requiring elevated rights
CN104866752B (en) A kind of application guard method and user terminal
CN107506637A (en) Information displaying method and device, terminal and readable storage medium storing program for executing
CN110018765A (en) Page display method, device, terminal and storage medium
CN106355059A (en) Password input method and terminal
CN107315947A (en) Pay class application management method, device and mobile terminal
CN107608724A (en) A kind of method, terminal and computer-readable recording medium for managing application program
CN107256356A (en) Pay class application management method, device and mobile terminal
CN111861465A (en) Detection method and device based on intelligent contract, storage medium and electronic device
CN107315633A (en) Mobile payment means of defence, device and mobile terminal
CN111259460B (en) Locking state information display method and device
CN107292614A (en) Pay class application management method, device and mobile terminal
CN107292613A (en) Mobile payment means of defence, device and mobile terminal
CN112463266A (en) Execution policy generation method and device, electronic equipment and storage medium
CN105975306A (en) Application program starting management method and application program starting management apparatus for electronic device
CN107301236A (en) Application searches method, mobile terminal, server and computer-readable recording medium
CN108776633A (en) Method, terminal device and the computer readable storage medium of monitoring process operation
CN106155870A (en) The optimized treatment method of a kind of terminal, device and terminal
CN108171063A (en) Method, terminal and the computer readable storage medium of access safety element
CN112818331A (en) Adb tool encryption control method, device, equipment and storage medium
CN112181521A (en) Parameter acquisition method, device, equipment and medium
CN107860394A (en) Navigation route planning method, navigation route planning device and electric terminal
CN107357610A (en) Management method, managing device and the terminal device of operating system
CN106502858A (en) A kind of multiple subsystem power consumption determines method and terminal
CN109254805A (en) A kind of application self-start method, terminal installation and readable storage medium storing program for executing

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20171103

RJ01 Rejection of invention patent application after publication