WO2015169158A1 - Procédé et système de protection d'informations - Google Patents

Procédé et système de protection d'informations Download PDF

Info

Publication number
WO2015169158A1
WO2015169158A1 PCT/CN2015/077527 CN2015077527W WO2015169158A1 WO 2015169158 A1 WO2015169158 A1 WO 2015169158A1 CN 2015077527 W CN2015077527 W CN 2015077527W WO 2015169158 A1 WO2015169158 A1 WO 2015169158A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
intercepted
party application
verification
application
Prior art date
Application number
PCT/CN2015/077527
Other languages
English (en)
Chinese (zh)
Inventor
邱慧
钟明
张华涛
Original Assignee
北京奇虎科技有限公司
奇智软件(北京)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 北京奇虎科技有限公司, 奇智软件(北京)有限公司 filed Critical 北京奇虎科技有限公司
Publication of WO2015169158A1 publication Critical patent/WO2015169158A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols

Definitions

  • the present invention relates to the field of communications technologies, and in particular, to a method and system for information protection of a mobile terminal.
  • malware arbitrarily reads the information stored by the user on the mobile terminal, and maliciously intercepts and tampers the information stored on the mobile terminal, which seriously affects the security and reliability of the information stored on the mobile terminal, and the privacy of the user. And security is threatened.
  • mobile payment refers to a technology that completes the payment process by means of a terminal password or a short message verification code to ensure payment security.
  • a terminal password For example, when paying online banking, the bank will send a text message verification code to the user's mobile phone. In addition to entering the payment password, the user must input the verification code in the text message to complete the payment process.
  • the user logs in the payment page on the PC (Personal Computer) end, obtains the verification code short message on the mobile terminal (eg, the mobile phone), and completes the payment according to the verification code received by the mobile terminal in the verification code short message. process. Since the PC end and the mobile terminal have different channels and different communication modes, the independence of the data is ensured, thereby ensuring the security of the mobile payment process.
  • PC Personal Computer
  • the verification code SMS content in the system SMS application can be easily read, intercepted or even tampered with by some malicious third party applications. Therefore, the verification information in the content of the verification code short message is no longer safe and reliable, and the verification code short message loses the meaning of verification, which further causes serious security risks in the payment process, and even brings economic loss to the user.
  • the problem to be solved by those skilled in the art is how to protect the information in the mobile terminal to ensure the security and reliability of the information in the application in the mobile terminal, especially in the payment application.
  • the present invention has been made in order to provide an information protection method and a corresponding information protection system that overcome the above problems or at least partially solve the above problems.
  • a method for information protection including: a mobile terminal intercepts information;
  • the intercepted information is verification information
  • sending the intercepted information to a preset information database wherein the preset information database is based on a whitelist to a third party in the whitelist
  • the application provides the verification information stored in the preset information database
  • the intercepted information is transmitted and stored in a system information database of the mobile terminal; wherein the system information database is used to provide stored information to all third party applications.
  • a system for information protection comprising:
  • a first intercepting module configured to intercept information
  • the first judging module is configured to parse the intercepted information, and determine whether the intercepted information is the verification information; wherein the verification information includes at least: a keyword and a character string;
  • a first sending module configured to: when the intercepted information is verification information, send and store the intercepted information into a preset information database; wherein the preset information database is configured according to a whitelist
  • the third party application in the whitelist provides the verification information stored in the preset information database:
  • a second sending module configured to: when the intercepted information is not verification information, send and store the intercepted information into a system information database of the mobile terminal; wherein the system information database is used for all The three-party application provides stored information.
  • a computer program comprising computer readable code, when the computer readable code is run on a mobile terminal, causes the mobile terminal to perform any of the claims The method of information protection.
  • the invention provides an information protection method and system for a mobile terminal.
  • the mobile terminal intercepts and judges the information, and transmits and stores the information satisfying the verification information standard in the preset information database to replace the original directly obtained information.
  • the process of sending and saving in the system information database Since the preset information database only provides the stored information to the third-party application in the whitelist list, the access of other third-party applications is denied, thereby preventing the malicious third-party application from intercepting the information sent by the server side, thereby preventing the information content from being read. Access, access and tampering ensure the security and reliability of information.
  • FIG. 1 is a flow chart of a method for information protection in a first embodiment of the present invention
  • FIG. 2 is a flow chart of a method for information protection in a second embodiment of the present invention.
  • FIG. 3 is a flowchart of a method for short message protection in a third embodiment of the present invention.
  • FIG. 4 is a flowchart of a method for determining whether a short message is a verification short message according to a third embodiment of the present invention.
  • FIG. 5 is a structural block diagram of a system for information protection in a fourth embodiment of the present invention.
  • FIG. 6 is a structural block diagram of a system for information protection in a fifth embodiment of the present invention.
  • FIG. 7 is a block diagram schematically showing a structure of a mobile terminal for performing an information protection method according to the present invention.
  • Fig. 8 schematically shows a storage unit for holding or carrying program code implementing the information protection method according to the present invention.
  • the method for information protection includes:
  • step 102 the mobile terminal intercepts the information.
  • the mobile terminal when receiving the information sent by the server side, the mobile terminal first intercepts the information to prevent the information from being directly read by an application in the system.
  • Step 104 Parse the intercepted information, and determine whether the intercepted information is verification information.
  • the verification information includes at least: a keyword and a character string. Whether the intercepted information is verification information may be determined by the keyword and the character string.
  • the verification information may be information used for authenticating when the account is logged in; or the password information used to confirm the payment when the transaction is paid; or the voucher information used to confirm the modification when modifying the personal information, or This is similar information and so on.
  • step 106 is performed; otherwise, step 108 is performed.
  • Step 106 Send and store the intercepted information into a preset information database.
  • the preset information database may be configured with an interface, where the interface is configured to receive the intercepted information, and the preset information database uses the interface to the whitelist according to the whitelist list.
  • the third party application in the third party provides the verification information stored in the preset information database.
  • the whitelist list may be built in the preset information database.
  • the interface only sends verification information to the set third party application, ie only the set third party application can read the information from the preset information database.
  • the set third-party application refers to an application under the whitelist list built in the preset information database.
  • the set third party application establishes a trust relationship with the preset information database, so that the set third party application can perform information interaction with the preset information database through the interface.
  • Step 108 Send and store the intercepted information into a system information database of the mobile terminal.
  • the data information in the system information database of the mobile terminal can be used by all third parties installed on the mobile terminal. Application read. That is, the system information database can be used to provide stored information to all third party applications.
  • the embodiment provides a method for information protection of a mobile terminal, where the mobile terminal can intercept and judge the information, and send and store the information satisfying the verification information standard in the preset information database to replace the original Some processes that directly send and save acquired information in the system information database. Since the preset information database only provides the stored information to the third-party application in the whitelist list, and denies the access of other third-party applications, the malicious third-party application can be prevented from intercepting the information sent by the server side, thereby preventing the information content from being Read, access and tampering ensure the security and reliability of the information.
  • the method for information protection includes:
  • Step 202 The mobile terminal intercepts the information.
  • the security of the information may be detected by using the security detection software.
  • the security detection software may be a 360 security guard installed on the mobile terminal, which is not limited in this embodiment.
  • the mobile terminal receives the information sent by the server side, and determines whether the information sent by the server side is harassment information, or fraud information, or pseudo base station information.
  • the 360 security guard can detect whether the information sent by the server side is harassment information, or fraud information, or pseudo base station information.
  • the mobile terminal determines, by the 360 security guard, that the information sent by the server side is harassment information, or fraud information, or pseudo base station information, intercepting the information sent by the server side. Otherwise, it is determined that the information sent by the server side is security information.
  • the above security detection software uses the security detection software to be the first interception process, intercepting Insecure and harassment information, only information that passes the security check can continue to be delivered in the mobile terminal. That is, after determining that the information sent by the server side is security information, performing step 202 above, the mobile terminal intercepts the information.
  • Step 202 The mobile terminal intercepts the information belongs to the second interception, and the multiple interception process ensures the information read by the subsequent user, or the information received by the third-party application, or the security of the information received by the system application. reliability.
  • the intercepting the information by the mobile terminal comprises: the mobile terminal intercepting the information according to a rule that the level of the application for intercepting the information is higher than a level of the system information database.
  • the level of the system information database is higher than the level of the third-party application installed by the user, and therefore, the information sent by the server side. It is sent directly and stored in the system information database.
  • the application level for intercepting the information is set to be higher than the level of the system information database; therefore, the application for intercepting information may be acquired before the system information database.
  • the information sent by the server side intercepts the information.
  • the level of the application for intercepting the information can be set to the highest level to ensure the effectiveness of the interception.
  • Step 204 The mobile terminal parses the intercepted information, and determines whether the intercepted information is verification information.
  • the verification information includes at least: a keyword and a character string.
  • the keyword may be a set keyword, such as a “check code” or a “verification code”;
  • the string may be a string that satisfies a set standard, such as a continuous number, and the continuous The length of the number is greater than or equal to the set length standard.
  • the setting keyword may be set according to an actual application situation, for example, the setting keyword may be “payment password” or “sms password”.
  • the string that satisfies the setting standard may also be set according to actual conditions, for example, the set length standard may be set to 4 digit lengths or 8 digit lengths according to actual conditions; or the satisfaction setting Standard strings can also be a continuous combination of English letters. This embodiment does not limit this.
  • the step 204 may include the following sub-steps:
  • Sub-step 2042 the mobile terminal parses the intercepted information, when determining the intercepted When the information is non-empty information, the information content of the intercepted information is obtained.
  • Sub-step 2044 the mobile terminal splits the information content according to the set splitting rule to obtain a plurality of character strings.
  • Sub-step 2046 the mobile terminal sequentially extracts the plurality of character strings to determine whether the intercepted information is verification information.
  • the intercepted information is determined to be the verification information.
  • step 206 is performed; otherwise, step 220 is performed.
  • Step 206 The mobile terminal sends and stores the intercepted information into a preset information database.
  • the preset information database is provided with an interface, and the whitelist is set in the preset information database.
  • the interface is configured to receive the intercepted information, and provide the verification information stored in the preset information database to a third-party application in the whitelist list according to a whitelist list built in the preset information database.
  • the interface may be an interface that modifies and restricts the data interface that provides the access function to the outside, and may also be an interface that is specifically configured to implement the related functions in the embodiment of the present invention.
  • the mobile terminal may acquire information of a third-party application that passes the security detection, and add the information of the third-party application that passes the security detection to the whitelist. And/or, the mobile terminal acquires information of the third-party application determined to be secure from the cloud, and adds the information of the third-party application determined to be secure to the whitelist. Further, the update of the whitelist list built in the preset information database is completed.
  • the third-party application that passes the security detection may be an application detected by security detection software installed on the mobile terminal.
  • step 208 is performed.
  • Step 208 The mobile terminal receives a verification code acquisition request sent by a third-party application.
  • the verification code acquisition request includes: identity verification information.
  • the authentication information may be signature information of a third party application.
  • Step 210 The mobile terminal determines, according to the identity verification information in the verification code acquisition request, whether the third-party application is a trusted application.
  • the mobile terminal determines the identity verification information according to the identity verification information. Whether the indicated third party application belongs to a third party application in the whitelist. When it is determined that the third-party application indicated by the authentication information belongs to the third-party application in the whitelist, the third-party application indicated by the authentication information is determined to be a trusted application; and step 212 is performed. Otherwise, step 214 is performed.
  • Step 212 The mobile terminal sends the character string to the trusted application through the interface according to the verification code acquisition request.
  • the trusted application can access the preset information database through an interface set by the preset information database.
  • the trusted application needs to verify the identity of the visitor when accessing the preset information database, and the character string sent by the preset information database can be accepted only after the trusted application passes the identity verification.
  • the mobile terminal sends the character string to the trusted application
  • the character string is first extracted from the verification information, and then the character string is sent to a third-party application, and the string is filled in to The verification location corresponding to the third party application.
  • the mobile terminal automatically completes the process of sending and filling the character string, avoiding input errors that may occur in manual manual operations, ensuring accuracy of verification, and improving verification efficiency.
  • the mobile terminal sends the character string to the trusted application
  • the character string is first extracted from the verification information, and then the character string is sent to a third-party application, and the string is filled in to The verification location corresponding to the third party application.
  • Step 214 The mobile terminal does not respond to the verification code acquisition request. That is, the mobile terminal does not send the character string to a third party application.
  • step 216 is performed.
  • Step 216 the mobile terminal automatically adds the string to the system clipboard.
  • Step 218 The mobile terminal receives a paste request from the user, and adds the string to the corresponding third-party application.
  • the preset information database may store all the information sent by the server side that is determined to be security information and determined to be verification information.
  • the third-party application corresponding to all the verification information may be included in the whitelist list of the preset information database.
  • the third-party application corresponding to the partial verification information is included in the whitelist list of the preset information database. That is, all third-party applications corresponding to all the verification information are first determined, and further screening is performed on the basis of all the determined third-party applications, and a third-party application supporting data interaction with the preset information database is selected.
  • the whitelist is established according to the third-party application that is re-screened and supports data interaction with the preset information database.
  • the two verification information respectively correspond to the Alipay application and the Jingdong payment application; wherein, it has been determined that the Alipay application and the preset information database can perform data interaction, and the Jingdong payment application does not support the Set up the information database for data interaction. Therefore, only the Alipay application is saved in the white list without saving the Jingdong payment application.
  • step 208 to step 212 may be adopted through the interface. Automatically complete the acquisition of the string. Alternatively, the obtaining of the character string is completed by the manual pasting operation through the step 216 and the step 218.
  • the third-party application of the whitelist list built in the preset information database does not match the third-party application corresponding to the verification information stored in the preset information database (that is, the verification information stored in the preset information database corresponds to
  • the obtaining of the character string is completed by the manual pasting operation through the steps 216 and 218.
  • Step 220 The mobile terminal sends and stores the intercepted information into a system information database of the mobile terminal.
  • the system information database is used to provide stored information to all third party applications.
  • the embodiment provides a method for information protection of a mobile terminal, where the mobile terminal intercepts and judges the information, and transmits and stores the information satisfying the verification information standard in the preset information database to replace the original The process of sending and saving the acquired information directly in the system information database. Since the preset information database only provides the stored information to the third-party application in the whitelist list, and denies the access of other third-party applications, the malicious third-party application can be prevented from intercepting the information sent by the server side, thereby preventing the information content from being Read, access and tampering, etc., to ensure the letter Security and reliability.
  • the information protection method provided in this embodiment first intercepts the information sent by the server side before the mobile terminal intercepts the information, so as to ensure that the short message is not malicious and harassing information. Through the multiple interception judgment process, the reliability of information protection can be improved.
  • the character string can automatically complete the sending and filling process, which avoids input errors that may occur in manual manual operations, ensures the accuracy of the information, and improves the verification efficiency.
  • the string can also be automatically copied to the system clipboard for quick copying by the user, which improves the user experience and avoids the possibility of human error by manual input.
  • the implementation process of the information protection method is described by taking a short message as an example.
  • a dynamic password is usually used to ensure the security of the payment process, for example, the verification code is distributed in the form of a short message to ensure the security of the payment process.
  • the short message is taken as an example for description. It should be noted that the embodiment is not limited to the protection of short messages, and can also be used for protecting other similar information, such as protecting WeChat payment information.
  • a short message APP application for implementing the method for protecting the short message may be installed in the mobile terminal, and the APP application may be an application that is visible to the user, selected by the user, or may be an APP transparent to the user. application.
  • the short message APP application may be a separate APP application for implementing the information protection method, and is installed on the mobile terminal; or may be set in a function application of the security detection software installed on the mobile terminal.
  • the method for protecting a short message includes:
  • Step 302 The SMS APP application intercepts the short message.
  • the mobile terminal of the Android operating system can be used to set the level of the application of the short message APP to the highest level. Therefore, the short message APP application can first obtain the short message sent by the server.
  • Step 304 The short message APP application parses the intercepted short message, and determines whether the intercepted short message is a verified short message.
  • FIG. 4 it is a flowchart of a method for determining whether a short message is a verification short message in this embodiment.
  • the specific judgment process is as follows:
  • the short message content may be segmented according to the sentence end separators (eg, ",”, “;”, “.”, and the corresponding half-width symbols ",”, “;”, “.”).
  • the setting keyword includes: “check code” or “verification code”. If the set keyword is included, S45 is executed; otherwise, the process returns to S43.
  • the intercepted short message is the verification short message.
  • step 306 is performed; otherwise, step 320 is performed.
  • Step 306 The short message APP application acquires sender information of the intercepted short message.
  • Step 308 The SMS APP application determines, according to the sender information, whether the third-party application corresponding to the intercepted short message belongs to an application in the whitelist. It should be noted that the above steps 306 and 308 may also be performed before step 304.
  • the short message APP application analyzes the intercepted short message and obtains the number of the intercepted short message.
  • the sender information ie, the number of the intercepted short message is sent
  • step 310 is performed; otherwise, step 320 is performed.
  • Step 310 The short message APP application sends and stores the intercepted short message into the preset information database.
  • the preset information database is provided with an interface, and the interface is configured to receive the intercepted short message, and provide the third-party application in the whitelist according to the whitelist list built in the preset information database.
  • the verification short message stored in the preset information database.
  • the short message corresponding to the sender information is stored in the In the preset information database, it is ensured that the third-party application corresponding to the verification short message stored in the preset information database must be an application that establishes a trust relationship with the preset information database. Therefore, all the verification short messages in the preset information database can be directly obtained by the third party application through the interface in the preset information database.
  • the intercepted two short messages are determined to be the verified short message after the judgment; the sender information of the short message A and the short message B is further obtained, and the short message corresponding to the short message A is determined through analysis.
  • the Alipay application, the SMS B corresponds to the Jingdong payment application.
  • the Alipay application belongs to an application in the built-in whitelist database of the preset information database, and the Jingdong payment application does not belong to an application in the whitelist database.
  • the short message A can be sent and stored in the preset information database
  • the short message B is sent and stored in the system information database.
  • the Alipay application belongs to an application in the built-in whitelist database of the preset information database, so the short message APP can directly push the short message A to the Alipay application.
  • the short message A may be sent to the Alipay application; the specific process is as follows.
  • Step 312 The SMS APP application receives a verification code acquisition request sent by a third-party application.
  • the verification code acquisition request includes: identity verification information.
  • Step 314 The SMS APP application determines, according to the identity verification information in the verification code acquisition request, whether the third-party application is a trusted application.
  • the short message APP application determines, according to the identity verification information, that the third-party application indicated by the identity verification information belongs to a third-party application in the whitelist, determining whether the third-party application is trustworthy. Apply, go to step 316; otherwise, go to step 318.
  • Step 316 The short message APP application sends the character string to the trusted application through the interface according to the verification code acquisition request.
  • the SMS operator sends a text message to the user's mobile terminal.
  • the message content is: "Check code 360360, you are using Alipay, you need to check, [Do not provide the SMS check code you received to anyone] Alipay] [95188]."
  • the security detection application on the mobile terminal detects the short message, and determines whether the short message is a pseudo base station short message, or harass a short message, or spoof a short message. If yes, the message is directly intercepted and a reminder notification is sent to the user.
  • the SMS APP application analyzes the content of the short message.
  • the content of the short message may be divided into the following string by using a sentence separator: "check code 360360”, "you are using Alipay, Need to verify” and "[Do not provide anyone with the SMS check code you received] [Alipay] [95188]”. Since the set character "check code” is included in the first character string "check code 360360”, and includes a continuous number that satisfies the set length (set length is 4). Therefore, the short message is determined to be a payment short message.
  • the short message APP application saves the short message in the preset information database.
  • the short message further includes a customer service number 95188, and the 95188 can also be extracted, and 95188 is identified as an Alipay customer service phone by the identification. Therefore, the 95188 is also highlighted. When the user clicks on the highlighted part, the number 95188 can be dialed directly.
  • the SMS APP application determines that the short message corresponds to an Alipay application according to the number of the short message sent, and the Alipay application is a third-party application in the built-in whitelist of the preset information database.
  • the payment application sends the signature information to the preset information database through an interface set in the preset information database, and the preset information database verifies the Alipay application according to the signature information, and after the verification is passed Through the interface will be saved in the pre- The SMS in the information database is sent to the Alipay application.
  • Step 318 The SMS APP application does not respond to the verification code acquisition request.
  • the short message APP application does not send the character string to a third party application.
  • Step 320 The short message APP application sends and stores the intercepted information into a system information database of the mobile terminal.
  • the system information database is used to provide stored information to all third party applications.
  • the embodiment provides a method for information protection of a mobile terminal, where the mobile terminal intercepts and judges the information, and transmits and stores the information satisfying the verification information standard in the preset information database to replace the original The process of sending and saving the acquired information directly in the system information database. Since the preset information database only provides the stored information to the third-party application in the whitelist list, and denies the access of other third-party applications, the malicious third-party application can be prevented from intercepting the information sent by the server side, thereby preventing the information content from being Read, access and tampering ensure the security and reliability of the information.
  • the method described in this embodiment effectively prevents the mobile phone Trojan, the virus, and the like from reading the payment verification code short message by the malicious software or the malicious third party application, and completes the payment without the user's knowledge, thereby causing economic loss to the user.
  • the information protection system includes:
  • the first intercepting module 502 is configured to intercept information.
  • the first determining module 504 is configured to parse the intercepted information, and determine whether the intercepted information is verification information.
  • the verification information includes at least: a keyword and a character string.
  • the first sending module 506 is configured to: when the intercepted information is the verification information, send and store the intercepted information into the preset information database.
  • the preset information database provides the verification information stored in the preset information database to a third-party application in the whitelist list according to the whitelist list.
  • the second sending module 508 is configured to: when the intercepted information is not the verification information, send and store the intercepted information into a system information database of the mobile terminal.
  • the system information database is used to provide stored information to all third party applications.
  • the embodiment provides a system for information protection.
  • the mobile terminal uses the system to intercept and judge information, and transmits and stores information satisfying the verification information standard in a preset information database to replace the original information.
  • the information protection system includes:
  • the security judgment module 602 is configured to receive information sent by the server side, and determine whether the information sent by the server side is harassment information, or fraud information, or pseudo base station information.
  • the third intercepting module 604 when it is determined that the information sent by the server side is harassment information, or fraud information, or pseudo base station information, the third intercepting module 604 is executed; otherwise, the first intercepting module 606 is executed.
  • the third intercepting module 604 is configured to intercept information sent by the server side.
  • the first intercepting module 606 is configured to intercept the information.
  • the first intercepting module 606 is specifically configured to intercept the information according to a rule that the level of the application for intercepting the information is higher than the level of the system information database.
  • the level of the application intercepting the information can be set to the highest level in the overall system.
  • the first determining module 608 is configured to parse the intercepted information, and determine whether the intercepted information is verification information.
  • the verification information includes at least: a keyword and a character string.
  • the first determining module 608 includes:
  • the content obtaining module 6082 is configured to parse the intercepted information, and obtain the information content of the intercepted information when determining that the intercepted information is non-empty information.
  • the splitting module 6084 is configured to split the information content according to the set splitting rule to obtain a plurality of character strings.
  • the verification information determining module 6086 is configured to sequentially extract the plurality of character strings for determination.
  • the intercepted information is determined as the verification information.
  • the setting keyword includes: a “check code” or a “verification code”; the character string that satisfies the setting standard is a continuous number, and the length of the consecutive number is greater than or equal to a set length standard.
  • the obtaining module 610 is executed; otherwise, the second sending module 626 is executed.
  • the obtaining module 610 is configured to obtain sender information of the intercepted information.
  • the first sending module 612 is executed; otherwise, the second sending module 626 is executed.
  • the first sending module 612 is configured to send and store the intercepted information into a preset information database.
  • the preset information database is provided with an interface, and the interface is configured to receive the intercepted information, and provide the third-party application in the whitelist according to the whitelist list built in the preset information database.
  • the verification information stored in the preset information database.
  • the receiving module 614 is executed.
  • the receiving module 614 is configured to receive a verification code acquisition request sent by the third-party application.
  • the verification code acquisition request includes: identity verification information; the identity verification information includes: signature information of a third-party application.
  • the second determining module 616 is configured to determine, according to the identity verification information in the verification code acquisition request, whether the third-party application indicated by the identity verification information is a trusted application.
  • the preset information database determines the content according to the identity verification information
  • the third-party application indicated by the authentication information belongs to the third-party application in the whitelist, determining that the third-party application indicated by the authentication information is a trusted application, and executing the third sending module 618; otherwise performing the second intercepting Module 620.
  • the third sending module 618 sends the character string that meets the setting standard to the trusted application through the interface according to the verification code acquisition request.
  • the second intercepting module 620 is configured not to respond to the verification code acquisition request.
  • the first adding module 622 is executed.
  • the first adding module 622 is configured to automatically add the string that meets the setting criteria to the system clipboard.
  • the second adding module 624 is configured to receive a paste request from the user, and add the string that meets the setting criteria to the corresponding third-party application.
  • the second sending module 626 is configured to send and store the intercepted information into a system information database of the mobile terminal.
  • the system information database is used to provide stored information to all third party applications.
  • the whitelist list in the preset information database may also be updated by the following module:
  • the first application adding module 628 is configured to acquire information of the third-party application that passes the security detection, and add the information of the third-party application that passes the security detection to the whitelist.
  • the second application adding module 630 is configured to acquire information of the third-party application determined to be secure from the cloud, and add the information of the third-party application determined to be secure to the whitelist.
  • the third-party application that passes the security detection may be an application detected by security detection software installed on the mobile terminal.
  • the embodiment provides a system for information protection.
  • the mobile terminal uses the system to intercept and judge information, and sends and stores information satisfying the verification information standard in a preset information database to replace the original information.
  • the information sent by the server side is first intercepted to ensure that the short message is not malicious and harassing information.
  • the multiple interception judgment process improves the reliability of information protection.
  • the string that satisfies the setting standard can automatically complete the sending and filling process, avoiding input errors that may occur in manual manual operations, ensuring the accuracy of the information, and improving the verification efficiency.
  • the string that satisfies the setting standard can also be automatically copied to the system clipboard, so that the user can quickly copy, improve the user experience, and avoid the possibility of human error caused by manual input.
  • modules in the devices of the embodiments can be adaptively changed and placed in one or more devices different from the embodiment.
  • the modules or units or components of the embodiments may be combined into one module or unit or component, and further they may be divided into a plurality of sub-modules or sub-units or sub-components.
  • any combination of the features disclosed in the specification, including the accompanying claims, the abstract and the drawings, and any methods so disclosed, or All processes or units of the device are combined.
  • Each feature disclosed in this specification (including the accompanying claims, the abstract and the drawings) may be replaced by alternative features that provide the same, equivalent or similar purpose.
  • the various component embodiments of the present invention may be implemented in hardware, or in a software module running on one or more processors, or in a combination thereof.
  • a microprocessor or digital signal processor may be used in practice to implement some or all of the functionality of some or all of the components of the information protection device in accordance with embodiments of the present invention.
  • the invention can also be implemented as a device or device program (e.g., a computer program and a computer program product) for performing some or all of the methods described herein.
  • a program implementing the invention may be stored on a computer readable medium or may be in the form of one or more signals. Such signals may be downloaded from an Internet website, provided on a carrier signal, or provided in any other form.
  • FIG. 7 shows a mobile terminal that can implement the information protection method according to the present invention.
  • the mobile terminal traditionally includes a processor 710 and a computer program product or computer readable medium in the form of a memory 720.
  • Memory 720 can be an electronic memory such as a flash memory, EEPROM (Electrically Erasable Programmable Read Only Memory), EPROM, hard disk, or ROM.
  • Memory 720 has a memory space 730 for program code 731 for performing any of the method steps described above.
  • storage space 730 for program code may include various program code 731 for implementing various steps in the above methods, respectively.
  • the program code can be read from or written to one or more computer program products.
  • Such computer program products include program code carriers such as hard disks, compact disks (CDs), memory cards or floppy disks.
  • Such a computer program product is typically a portable or fixed storage unit as described with reference to FIG.
  • the storage unit may have a storage section, a storage space, and the like arranged similarly to the storage 720 in the mobile terminal of FIG.
  • the program code can be compressed, for example, in an appropriate form.
  • the storage unit includes computer readable code 731', code that can be read by a processor, such as 710, which, when executed by a server, causes the server to perform various steps in the methods described above.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephone Function (AREA)

Abstract

L'invention concerne un procédé et un système de protection d'informations. Le procédé comprend : intercepter des informations par un terminal mobile; et analyser les informations interceptées, et juger si les informations interceptées sont des informations de vérification; si les informations interceptées sont des informations de vérification, envoyer les informations interceptées et stocker celles-ci dans une base de données d'informations prédéfinie; sinon, envoyer les informations interceptées et stocker celles-ci dans une base de données d'informations de système du terminal mobile. La présente invention résout le problème relatif à la façon de protéger des informations dans un terminal mobile pour assurer la sécurité et la fiabilité des informations dans une application dans le terminal mobile, en particulier une application de paiement.
PCT/CN2015/077527 2014-05-09 2015-04-27 Procédé et système de protection d'informations WO2015169158A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201410195546.7A CN104009977B (zh) 2014-05-09 2014-05-09 一种信息保护的方法和系统
CN201410195546.7 2014-05-09

Publications (1)

Publication Number Publication Date
WO2015169158A1 true WO2015169158A1 (fr) 2015-11-12

Family

ID=51370471

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/077527 WO2015169158A1 (fr) 2014-05-09 2015-04-27 Procédé et système de protection d'informations

Country Status (2)

Country Link
CN (1) CN104009977B (fr)
WO (1) WO2015169158A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105790952A (zh) * 2016-02-29 2016-07-20 上海诺亚投资管理有限公司 一种用户信息的验证系统和方法
CN110287659A (zh) * 2019-06-28 2019-09-27 广州鲁邦通物联网科技有限公司 一种app申请动态权限的管理方法、终端和系统

Families Citing this family (27)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104009977B (zh) * 2014-05-09 2016-10-05 北京奇虎科技有限公司 一种信息保护的方法和系统
CN105207775B (zh) * 2014-05-30 2019-03-01 北京奇虎科技有限公司 验证信息的读取方法及装置
CN104301875B (zh) * 2014-09-23 2018-05-15 广东欧珀移动通信有限公司 短消息处理方法和装置
WO2016077494A1 (fr) * 2014-11-11 2016-05-19 Temporal Defense Systems, Llc Systèmes autonomes et procédés pour un accès sécurisé
CN105792149A (zh) * 2014-12-23 2016-07-20 联芯科技有限公司 短信处理系统及其初始化方法、短信存储方法和阅读方法
CN104980580B (zh) * 2015-06-17 2018-03-23 小米科技有限责任公司 短信息查看方法及装置
CN105260673A (zh) * 2015-09-18 2016-01-20 小米科技有限责任公司 短信读取方法及装置
CN105303120B (zh) 2015-09-18 2020-01-10 小米科技有限责任公司 短信读取方法及装置
CN105307137B (zh) 2015-09-18 2019-05-07 小米科技有限责任公司 短信读取方法及装置
CN105162804A (zh) * 2015-09-30 2015-12-16 北京奇虎科技有限公司 通讯信息的保护方法及装置
CN105511949B (zh) * 2015-12-03 2020-03-17 小米科技有限责任公司 验证码的填充方法、装置和移动终端
CN105653157A (zh) * 2015-12-30 2016-06-08 广州华多网络科技有限公司 一种拷贝文本的处理方法及装置
FI3920561T3 (fi) * 2015-12-31 2023-01-31 Tarkistuskoodin saantimenetelmä ja laitteet, ja pääte
CN107346487A (zh) * 2016-05-06 2017-11-14 中兴通讯股份有限公司 数据处理方法及装置
CN106066884A (zh) * 2016-06-06 2016-11-02 珠海市小源科技有限公司 一种信息安全识别方法和装置
CN106714116B (zh) * 2016-06-29 2018-11-06 腾讯科技(深圳)有限公司 一种消息处理方法及装置
CN106096934A (zh) * 2016-06-30 2016-11-09 成都生辉电子科技有限公司 一种通信控制方法
CN106210238B (zh) * 2016-07-14 2019-11-29 北京小米移动软件有限公司 短信息存储方法及装置
CN108229151A (zh) * 2016-12-09 2018-06-29 武汉安天信息技术有限责任公司 一种应用于移动终端的防短信劫持方法及装置
CN108271156B (zh) * 2016-12-30 2021-09-03 中国移动通信集团上海有限公司 一种鉴别伪基站的方法及装置
CN107347117A (zh) * 2017-08-07 2017-11-14 努比亚技术有限公司 一种短信管理方法、移动终端及计算机可读存储介质
CN109033800A (zh) * 2018-07-20 2018-12-18 北京云测信息技术有限公司 一种验证信息的提取方法及装置
CN110262787B (zh) * 2019-06-21 2022-12-13 北京搜房科技发展有限公司 语句替换方法、装置和电子设备
CN112532790B (zh) * 2019-08-29 2023-03-31 中兴通讯股份有限公司 短信处理方法、系统、终端设备及存储介质
CN111162924B (zh) * 2020-01-02 2022-03-18 上海卓易科技股份有限公司 一种验证信息保护系统及方法
CN113407959B (zh) * 2021-06-11 2023-04-14 维沃移动通信(杭州)有限公司 操作执行方法、装置及电子设备
CN116260640B (zh) * 2023-02-15 2024-02-27 涂秋平 基于人工智能进行大数据分析的信息拦截控制方法及系统

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1617492A (zh) * 2003-09-03 2005-05-18 法国电信公司 提供服务的系统和方法
CN101212301A (zh) * 2007-12-21 2008-07-02 北京飞天诚信科技有限公司 一种认证设备及认证方法
CN102495986A (zh) * 2011-12-15 2012-06-13 上海中标凌巧软件科技有限公司 计算机系统中实现避免加密数据被盗用的调用控制方法
CN103281403A (zh) * 2013-06-19 2013-09-04 浙江工商大学 一种在网络销售渠道中提高个人信息安全的云保护系统
CN104009977A (zh) * 2014-05-09 2014-08-27 北京奇虎科技有限公司 一种信息保护的方法和系统

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103186857A (zh) * 2011-12-31 2013-07-03 中国银联股份有限公司 银行卡支付方法及系统
CN103763686A (zh) * 2013-12-23 2014-04-30 北京奇虎科技有限公司 短消息的处理方法和装置

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1617492A (zh) * 2003-09-03 2005-05-18 法国电信公司 提供服务的系统和方法
CN101212301A (zh) * 2007-12-21 2008-07-02 北京飞天诚信科技有限公司 一种认证设备及认证方法
CN102495986A (zh) * 2011-12-15 2012-06-13 上海中标凌巧软件科技有限公司 计算机系统中实现避免加密数据被盗用的调用控制方法
CN103281403A (zh) * 2013-06-19 2013-09-04 浙江工商大学 一种在网络销售渠道中提高个人信息安全的云保护系统
CN104009977A (zh) * 2014-05-09 2014-08-27 北京奇虎科技有限公司 一种信息保护的方法和系统

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105790952A (zh) * 2016-02-29 2016-07-20 上海诺亚投资管理有限公司 一种用户信息的验证系统和方法
CN110287659A (zh) * 2019-06-28 2019-09-27 广州鲁邦通物联网科技有限公司 一种app申请动态权限的管理方法、终端和系统
CN110287659B (zh) * 2019-06-28 2023-04-07 广州鲁邦通物联网科技股份有限公司 一种app申请动态权限的管理方法、终端和系统

Also Published As

Publication number Publication date
CN104009977A (zh) 2014-08-27
CN104009977B (zh) 2016-10-05

Similar Documents

Publication Publication Date Title
WO2015169158A1 (fr) Procédé et système de protection d'informations
US9973518B2 (en) Apparatus and method for checking message and user terminal
JP7545419B2 (ja) 統合された隔離されたアプリケーションにおけるランサムウェアの被害の軽減
WO2015188788A1 (fr) Procédé et appareil de protection de sécurité de paiement par terminal mobile, et terminal mobile
US20220092595A1 (en) Secure in-line payments for rich internet applications
CN101340281B (zh) 针对在网络上进行安全登录输入的方法和系统
US10958657B2 (en) Utilizing transport layer security (TLS) fingerprints to determine agents and operating systems
WO2020233308A1 (fr) Procédé, appareil et dispositif d'auto-vérification basés sur un certificat local et support de stockage
WO2022073340A1 (fr) Procédé et système de détection de sécurité d'application de terminal mobile, terminal et support de stockage
US20160057161A1 (en) System for securely accessing network address, and device and method therein
WO2015109668A1 (fr) Procédé, dispositif, terminal et support d'informations de gestion de programme d'application
US11777942B2 (en) Transfer of trust between authentication devices
CN113315637A (zh) 安全认证方法、装置及存储介质
US20150067772A1 (en) Apparatus, method and computer-readable storage medium for providing notification of login from new device
US10834074B2 (en) Phishing attack prevention for OAuth applications
CN113452531A (zh) 数据传输方法及装置
EP3179751B1 (fr) Procédé et appareil d'envoi d'informations, dispositif terminal et système
WO2017190436A1 (fr) Procédé et appareil de traitement de données
KR101586048B1 (ko) 불법 어플리케이션 차단 시스템 및 서버, 이를 위한 통신 단말기 및 불법 어플리케이션 차단 방법과 기록매체
CN112260983B (zh) 一种身份验证方法、装置、设备及计算机可读存储介质
US11671422B1 (en) Systems and methods for securing authentication procedures
CN109857488B (zh) 应用程序的调用控制方法、装置、终端及可读存储介质
CN105323287B (zh) 第三方应用程序的登录方法及系统
US20240314118A1 (en) Secure multi-factor authentication
KR102642586B1 (ko) 메시지 검증 방법 및 시스템

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15789547

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15789547

Country of ref document: EP

Kind code of ref document: A1