保护移动终端支付安全的方法、装置以及移动终端Method, device and mobile terminal for protecting mobile terminal payment security
本发明涉及移动通信领域，特别是涉及一种保护移动终端支付安全的方法、装置以及移动终端。The present invention relates to the field of mobile communications, and in particular, to a method, an apparatus, and a mobile terminal for protecting payment security of a mobile terminal.
移动支付将终端设备、互联网、应用提供商以及金融机构相融合，为用户提供货币支付、缴费等金融业务。随着移动电子商务迅速发展，第三方支付、银行等争相推出移动支付客户端，购物、理财、生活服务等交易类客户端也在不断出现，大大丰富了移动支付的市场应用环境。Mobile payment combines terminal equipment, the Internet, application providers, and financial institutions to provide users with financial services such as money payment and payment. With the rapid development of mobile e-commerce, third-party payment, banking and other companies are rushing to launch mobile payment clients. Shopping clients such as shopping, wealth management and life services are also emerging, which greatly enriches the market application environment of mobile payment.
移动支付使用用户的手机号或其他标识作为关联支付账户，通过身份确认来进行支付交易活动。移动支付接入方式可以包括短信、语音、网络连接等方式。目前在远程移动支付领域，网络连接方式应用最为广泛，用户通过移动向提供某种商品或服务的商家发出交易申请，利用无线网络传输交易数据并完成交易支付。The mobile payment uses the user's mobile phone number or other identification as an associated payment account, and the payment transaction activity is performed through identity confirmation. The mobile payment access method may include a short message, a voice, a network connection, and the like. At present, in the field of remote mobile payment, the network connection method is the most widely used, and the user sends a transaction request to a merchant that provides a certain commodity or service by using a mobile network, and transmits the transaction data and completes the transaction payment by using the wireless network.
移动支付的安全性是影响支付业务能否发展的关键因素。移动支付的安全性涉及用户信息的保密、用户资金和支付信息的安全等问题，其面临的安全风险主要来自于两个方面：网络和系统的安全性，终端的安全性。The security of mobile payments is a key factor affecting the development of payment services. The security of mobile payment involves the confidentiality of user information, the security of user funds and the security of payment information. The security risks are mainly from two aspects: network and system security, and terminal security.
在终端方面，一些木马程序和钓鱼网站会伪装成支付网站和支付客户端，骗取用户的账号密码或者直接进行金融诈骗，现有技术中，主要依靠扫描来清除木马，保证终端信息安全。然而，一些木马仅在特定的条件触发后才启动，依靠静态扫描的方式无法完全消除支付的安全隐患。On the terminal side, some Trojan horse programs and phishing websites will pretend to be payment websites and payment clients, defrauding users' account passwords or directly conducting financial fraud. In the prior art, scanning relies on scanning to clear Trojans and ensure terminal information security. However, some Trojans are only activated after certain conditions are triggered. Relying on static scanning cannot completely eliminate the security risks of payment.
发明内容Summary of the invention
鉴于上述问题，提出了本发明以便提供一种克服上述问题或者至少部分地解决上述问题的移动终端以及保护移动终端支付安全的装置和相应的保护移动终端支付安全方法。In view of the above problems, the present invention has been made in order to provide a mobile terminal that overcomes the above problems or at least partially solves the above problems, and an apparatus for protecting payment security of a mobile terminal and a corresponding payment security method for protecting the mobile terminal.
依据本发明的一方面，提供了一种保护移动终端支付安全的方法。该方法包括：监控移动终端的运行状态以确定移动终端进入支付场景；监控移动终端中的进程变化；查询发生变化的进程是否为支付环境白名单中的进程，其中支付环境白名单中预先保存有允许在支付环境中运行的进程信息；若否，终止发生变化的进程。In accordance with an aspect of the present invention, a method of securing payment security for a mobile terminal is provided. The method includes: monitoring an operating state of the mobile terminal to determine a mobile terminal entering a payment scenario; monitoring a process change in the mobile terminal; and querying whether the changed process is a process in a whitelist of the payment environment, wherein the payment environment white list is pre-stored Process information that is allowed to run in the payment environment; if not, terminate the process that changed.
According to another aspect of the present invention, an apparatus for securing payment of a mobile terminal is also provided. The device includes: a payment identification module configured to monitor an operating state of the mobile terminal to determine a mobile terminal to enter a payment scenario; a process monitoring module configured to monitor a process change in the mobile terminal; and a process analysis module configured to query whether the changed process is In order to pay for the process in the environment white list, the payment environment white list is pre-stored with process information that is allowed to run in the payment environment; the process termination module is configured to terminate the process that does not belong to the change of the payment environment white list.
根据本发明的另一方面，还提供了一种移动终端。该移动终端包括：以上介绍的任一种保护移动终端支付安全的装置。According to another aspect of the present invention, a mobile terminal is also provided. The mobile terminal includes: any of the devices described above for protecting payment security of the mobile terminal.
根据本发明的又一方面，提供了一种计算机程序，其包括计算机可读代码，当所述计算机可读代码在计算设备上运行时，导致所述计算设备执行根据上文所述的保护移动终端支付安全的方法。According to still another aspect of the present invention, a computer program is provided, comprising computer readable code, when said computer readable code is run on a computing device, causing said computing device to perform a protection move according to said The method of terminal payment security.
根据本发明的再一方面，提供了一种计算机可读介质，其中存储了上述的计算机程序。According to still another aspect of the present invention, a computer readable medium storing the above computer program is provided.
本发明的有益效果为：The beneficial effects of the invention are:
本发明的保护移动终端支付安全的方法和装置在进入支付场景后，对终端内进程的变化情况进行监控和分析，及时终止不允许在支付环境中运行的进程，因此可以保护支付场景的安全，提高移动支付的安全性。The method and the device for protecting the payment security of the mobile terminal of the present invention monitor and analyze the change of the process in the terminal after entering the payment scenario, and terminate the process that is not allowed to run in the payment environment in time, thereby protecting the security of the payment scenario. Improve the security of mobile payments.
进一步地，本发明的保护移动终端支付安全的方法，在进入支付场景时，清除与支付无关的进程，完成支付清场，为安全支付提供安全的支付环境。Further, the method for protecting payment security of a mobile terminal of the present invention clears a process unrelated to payment when entering a payment scenario, completes payment clearing, and provides a secure payment environment for secure payment.
上述说明仅是本发明技术方案的概述，为了能够更清楚了解本发明的技术手段，而可依照说明书的内容予以实施，并且为了让本发明的上述和其它目的、特征和优点能够更明显易懂，以下特举本发明的具体实施方式。The above description is only an overview of the technical solutions of the present invention, and the above-described and other objects, features and advantages of the present invention can be more clearly understood. Specific embodiments of the invention are set forth below.
通过阅读下文优选实施方式的详细描述，各种其他的优点和益处对于本领域普通技术人员将变得清楚明了。附图仅用于示出优选实施方式的目的，而并不认为是对本发明的限制。而且在整个附图中，用相同的参考符号表示相同的部件。在附图中：Various other advantages and benefits will become apparent to those skilled in the art from a The drawings are only for the purpose of illustrating the preferred embodiments and are not to be construed as limiting. Throughout the drawings, the same reference numerals are used to refer to the same parts. In the drawing:
图1是根据本发明一个实施例的保护移动终端支付安全的装置的示意图；1 is a schematic diagram of an apparatus for protecting payment security of a mobile terminal according to an embodiment of the present invention;
图2是根据本发明一个实施例的保护移动终端支付安全的方法的示意图；2 is a schematic diagram of a method for protecting payment security of a mobile terminal according to an embodiment of the present invention;
图3是根据本发明实施例的基于移动终端的支付方法中确定移动终端进入支付场景的流程图；3 is a flowchart of determining a mobile terminal entering a payment scenario in a mobile terminal-based payment method according to an embodiment of the present invention;
图4是根据本发明实施例的基于移动终端的支付方法中客户端扫描的界面效果图；4 is a diagram showing an interface effect of a client scanning in a payment method based on a mobile terminal according to an embodiment of the present invention;
图5是根据本发明实施例的基于移动终端的支付方法中进行版本校验的效果图；FIG. 5 is an effect diagram of performing version verification in a payment method based on a mobile terminal according to an embodiment of the present invention; FIG.
图6是根据本发明实施例的基于移动终端的支付方法中进行支付清场的流程图；6 is a flowchart of performing a payment clearing field in a mobile terminal-based payment method according to an embodiment of the present invention;
图7是根据本发明实施例的基于移动终端的支付方法的一种可选流程图；7 is an optional flowchart of a mobile terminal based payment method according to an embodiment of the present invention;
图8示意性地示出了用于执行根据本发明的保护移动终端支付安全的方法的计算设备的框图；以及Figure 8 is a schematic block diagram of a computing device for performing a method of securing payment security for a mobile terminal in accordance with the present invention;
Fig. 9 schematically shows a storage unit for holding or carrying program code implementing a method of securing payment security of a mobile terminal according to the present invention.
下面结合附图和具体的实施方式对本发明作进一步的描述。The invention is further described below in conjunction with the drawings and specific embodiments.
图1是根据本发明一个实施例的保护移动终端支付安全的装置100的示意图，该保护移动终端支付安全的装置100一般性地可以包括：支付识别模块110、进程监控模块120、进程分析模块130、进程终止模块140、进程清场模块150，以上模块可以根据本实施例的保护移动终端支付安全的装置的功能需求，灵活进行配置，在一些可选环境下，可以不配置以上所有模块。1 is a schematic diagram of an apparatus 100 for securing payment security of a mobile terminal according to an embodiment of the present invention. The apparatus 100 for securing payment security of a mobile terminal may generally include: a payment identification module 110, a process monitoring module 120, and a process analysis module 130. The process termination module 140, the process clearing module 150, the above module can be flexibly configured according to the functional requirements of the device for protecting the payment security of the mobile terminal according to the embodiment. In some optional environments, all the above modules may not be configured.
本实施例的保护移动终端支付安全的装置100可以安装于本实施例的移动终端或其他移动支付设备中，并在移动终端进行移动支付的过程中运行，提高移动终端的支付数据的安全性。The device 100 for protecting the payment security of the mobile terminal in this embodiment may be installed in the mobile terminal or other mobile payment device of the embodiment, and run in the process of the mobile terminal performing mobile payment, thereby improving the security of the payment data of the mobile terminal.
在以上本实施例的保护移动终端支付安全的装置100的各部件中，支付识别模块110用于监控移动终端的运行状态以确定移动终端进入支付场景。支付场景的确定可以根据移动终端的运行状态来确定，例如获取移动终端中新启动的客户端的信息；将客户端的信息与预置的支付类客户端信息进行比对；在比对成功的情况下确定移动终端进入支付场景，也就是利用移动终端启动的客户端来判断支付场景，当检测到移动终端有新的客户端启动后，利用信息比对判断新启动的客户端是否为移动支付客户端，如果确定移动终端启动了支付客户端，则可以确定移动终端进入支付场景。判断新启动的客户端是否为移动支付客户端的过程可以通过本地的客户端列表验证以及客户端特征匹配来实现。In each component of the apparatus 100 for securing mobile terminal payment security of the present embodiment, the payment identification module 110 is configured to monitor an operating state of the mobile terminal to determine that the mobile terminal enters a payment scenario. The determination of the payment scenario may be determined according to the running status of the mobile terminal, for example, acquiring information of the newly activated client in the mobile terminal; comparing the information of the client with the preset payment client information; in the case of successful comparison Determining whether the mobile terminal enters the payment scenario, that is, the client initiated by the mobile terminal is used to determine the payment scenario. When it is detected that the mobile terminal has a new client, the information comparison is used to determine whether the newly activated client is a mobile payment client. If it is determined that the mobile terminal starts the payment client, it may be determined that the mobile terminal enters the payment scenario. The process of determining whether the newly launched client is a mobile payment client can be implemented by local client list verification and client feature matching.
支付识别模块110的一种具体结构可以设置：数据比对子模块和特征分析子模块。其中，数据比对子模块将客户端信息与预置的支付客户端列表的客户端信息进行比对，如果存在比对结果一致的列表项，则比对成功，支付客户端列表中预先保存有多种支付类客户端的特征信息。特征分析子模块提取客户端信息中的包名和标签名，查询包名和标签名中是否包含支付类客户端的特征关键字，若是则比对成功。数据比对子模块使用的支付客户端列表可以根据移动终端的具体使用情况进行动态调整，以记录所有已安装支付客户端的信息。A specific structure of the payment identification module 110 can be set: a data comparison sub-module and a feature analysis sub-module. The data comparison sub-module compares the client information with the client information of the preset payment client list. If there is a list item with the matching result, the comparison is successful, and the payment client list is pre-stored. Characteristic information of various payment class clients. The feature analysis sub-module extracts the package name and the tag name in the client information, and queries whether the package name and the tag name include the feature keyword of the payment client, and if so, the comparison is successful. The list of payment clients used by the data comparison sub-module can be dynamically adjusted according to the specific usage of the mobile terminal to record information of all installed payment clients.
特征分析子模块中使用的特征一般可以包括包名和标签名(lable)，此外还可以包括签名、版本号等特征。特征分析可以在移动终端本地进行，也可以将特征信息上传至云端，由云端进行判断后，将判断结果返回给移动终端。The features used in the feature analysis sub-module may generally include a package name and a tag name (lable), and may also include signatures, version numbers, and the like. The feature analysis can be performed locally on the mobile terminal, or the feature information can be uploaded to the cloud, and the judgment result is returned to the mobile terminal after being judged by the cloud.
进程监控模块120在支付场景下监控移动终端中的进程变化，进程变化的情况包括：监控移动终端有无新的进程启动，或者有无新的进程窗口弹出。The process monitoring module 120 monitors the process changes in the mobile terminal in the payment scenario, and the process changes include: monitoring whether the mobile terminal starts a new process, or whether a new process window pops up.
在进程监控模块120检测到进程变化后，进程分析模块130查询发生变化的进程是否为支付环境白名单中的进程，例如查询弹出的新窗口是否为用户开启的新窗口或者白名单中允许在支付场景中后台运行的进程弹出的窗口，若否，需要由进程终止模块终止该进程。又例如，将新启动的进程与支付环境白名单中的进程进行特征匹配，若匹配成功，确定新启动的进程为支付环境白名单中的进程。After the process monitoring module 120 detects the process change, the process analysis module 130 queries whether the changed process is a process in the payment environment white list, for example, whether the new window popped up is a new window opened by the user or allowed to be paid in the white list. The window popped up by the process running in the background in the scene. If not, the process termination module needs to terminate the process. For another example, the newly started process is matched with the process in the payment environment whitelist. If the matching is successful, it is determined that the newly started process is a process in the payment environment whitelist.
签名验证、系统进程验证，如果确认进程属于白名单中的进程则可以完成验证，如果本地无法验证还可以在云端进行匹配，以避免终止对支付环境没有安全威胁的进程。The process in the whitelist of the payment environment may include: a process that is allowed to be opened in the cache, a system process, and a process that is determined to be a non-payment risk by the cloud killing server, and the process that has no influence on the payment, and the verification execution of the whitelist may be adopted. Local authentication and cloud authentication, such as caching verification locally,
Signature verification, system process verification, if the process is confirmed to be a process in the whitelist, the verification can be completed. If the local cannot be verified, it can be matched in the cloud to avoid terminating the process without security threat to the payment environment.
进程终止模块140为终止不属于支付环境白名单的发生变化的进程，从而保证支付环境下，移动终端不会产生对支付产生影响的进程，消除了移动支付中终端侧的安全隐患，另一方面还可以减少无关进程对数据传输通道的占用，提高支付效率。The process termination module 140 terminates the process that does not belong to the change of the whitelist of the payment environment, thereby ensuring that the mobile terminal does not generate a process that affects the payment in the payment environment, and eliminates the security risk of the terminal side in the mobile payment. It can also reduce the occupation of data transmission channels by unrelated processes and improve payment efficiency.
另外，进程清场模块150还可以在检测到移动终端进入支付场景后，枚举移动终端中运行的进程，并终止不属于支付环境白名单的枚举出的进程。也就是，进程清场模块150对支付环境进行了清场，可以清除与移动支付无关的进程，防止已经运行的木马或其他恶意程序盗取移动支付客户端的数据，而且还可以减少了网络通道的占用。In addition, the process clearing module 150 may also enumerate the processes running in the mobile terminal after detecting that the mobile terminal enters the payment scenario, and terminate the enumerated processes that are not in the whitelist of the payment environment. That is, the process clearing module 150 clears the payment environment, and can clear the process unrelated to the mobile payment, prevent the already running Trojan or other malicious programs from stealing the data of the mobile payment client, and can also reduce the occupation of the network channel.
本实施例的保护移动终端支付安全的装置，可以在检测到用户开启支付类客户端后，首先校验支付类客户端，并在确认支付类客户端的安全性后，进行支付清场，以终止不在支付环境白名单中的进程，并在支付过程中，实时检测移动终端的进程变化，并终止不在支付环境白名单中的进程重新启动，保护支付环境，直至移动终端退出支付场景。在移动支付的整个过程中，确保终端方面的支付安全性。The device for protecting the payment security of the mobile terminal in this embodiment may first check the payment client after detecting that the user starts the payment client, and after confirming the security of the payment client, perform payment clearing to terminate the absence. The process in the environment whitelist is paid, and in the payment process, the process change of the mobile terminal is detected in real time, and the process that is not in the white list of the payment environment is terminated, and the payment environment is protected until the mobile terminal exits the payment scenario. In the entire process of mobile payment, the payment security of the terminal is ensured.
本发明实施例还提供了一种保护移动终端支付安全的方法，该保护移动终端支付安全的方法可以由以上实施例介绍的任意一种保护移动终端支付安全的来执行，以提高本实施例的移动终端在支付过程中的安全性。图2是根据本发明一个实施例的保护移动终端支付安全的方法的示意图，如图所示，该保护移动终端支付安全的方法包括以下步骤：The embodiment of the present invention further provides a method for protecting the payment security of the mobile terminal, and the method for protecting the payment security of the mobile terminal can be performed by any one of the foregoing embodiments to protect the payment security of the mobile terminal, so as to improve the security of the mobile terminal. The security of the mobile terminal in the payment process. 2 is a schematic diagram of a method for protecting payment security of a mobile terminal according to an embodiment of the present invention. As shown in the figure, the method for protecting payment security of a mobile terminal includes the following steps:
步骤S202，监控移动终端的运行状态以确定移动终端进入支付场景；Step S202, monitoring an operating state of the mobile terminal to determine that the mobile terminal enters a payment scenario;
步骤S204，监控移动终端中的进程变化；Step S204, monitoring process changes in the mobile terminal;
步骤S206，查询发生变化的进程是否为支付环境白名单中的进程；Step S206, querying whether the changed process is a process in the payment environment white list;
步骤S208，若否，终止发生变化的进程。Step S208, if no, terminate the process of the change.
其中支付环境白名单中预先保存有允许在支付环境中运行的进程信息，例如缓存中记录的允许开启的进程、系统进程和被云查杀服务器判定为无支付风险的进程等可以在支付场景中运行的进程。The payment environment white list is pre-stored with process information that is allowed to run in the payment environment, for example, a process that is allowed to be opened in the cache, a system process, and a process that is determined by the cloud detection server to be a non-payment risk, etc., may be in the payment scenario. The running process.
若步骤S206判断发生变化的进程是支付环境白名单中的进程，则允许该进程运行，并可以继续移动支付的流程。If it is determined in step S206 that the changed process is a process in the payment environment white list, the process is allowed to run, and the flow of the mobile payment can be continued.
步骤S202中监控移动终端的运行状态具体可以包括：获取移动终端中新启动的客户端的信息；将客户端的信息与预置的支付类客户端信息进行比对；在比对成功的情况下确定移动终端进入支付场景。从而可以根据移动终端启动的客户端来判断进入支付场景，当检测到移动终端有新的客户端启动后，判断新启动的客户端是否为移动支付客户端，如果确定移动终端启动了支付客户端，则确定移动终端进入支付场景。判断新启动的客户端是否为移动支付客户端的过程可以通过本地的客户端列表验证以及客户端特征匹配来实现。图3是根据本发明实施例的基于移动终端的支付方法中确定移动终端进入支付场景的流程图，该流程包括：The monitoring of the running status of the mobile terminal in step S202 may include: acquiring information of the newly activated client in the mobile terminal; comparing the information of the client with the preset payment client information; and determining the mobile if the comparison is successful. The terminal enters the payment scenario. Therefore, the incoming payment scenario can be judged according to the client initiated by the mobile terminal. When it is detected that the mobile terminal has a new client startup, it is determined whether the newly activated client is a mobile payment client, and if it is determined that the mobile terminal starts the payment client. And determining that the mobile terminal enters the payment scenario. The process of determining whether the newly launched client is a mobile payment client can be implemented by local client list verification and client feature matching. FIG. 3 is a flowchart of determining a mobile terminal entering a payment scenario in a mobile terminal-based payment method according to an embodiment of the present invention, where the process includes:
Step S302, monitoring whether a new client is started in the mobile terminal;
步骤S304，判断新启动的客户端是否是本地支付客户端列表中记录的客户端，若是，确定进入支付场景，若否，可以进一步执行步骤S306确定未进入支付场景；Step S304, determining whether the newly started client is a client recorded in the local payment client list, and if yes, determining to enter the payment scenario, and if not, performing step S306 to determine that the payment scenario is not entered;
步骤S306，判断新启动的客户端的特征是否与支付类客户端特征关键字匹配若是，确定进入支付场景，若否，确定未进入支付场景；Step S306, determining whether the feature of the newly activated client matches the payment type client feature keyword, if yes, determining to enter the payment scenario, and if not, determining not to enter the payment scenario;
在步骤S304中，移动终端在本地中可以预先保存一个支付客户端列表，用于记录移动终端安装的支付类客户端信息，具体可以将客户端信息与支付客户端列表的客户端信息进行比对，如存在比对结果一致的列表项，则比对成功，确定进入支付场景。当新启动的客户端不在列表中时，可以执行步骤S306利用云查询的方法进一步确定，例如提取客户端的包名、标签名、版本信息等特征信息，与查询包名和标签名中是否包含支付类客户端的特征关键字，若是则比对成功确定进入支付场景。以上支付客户端列表可以根据移动终端的使用情况进行动态调整，以记录所有已安装支付客户端的信息。In step S304, the mobile terminal may pre-store a payment client list for recording the payment client information installed by the mobile terminal, and specifically compare the client information with the client information of the payment client list. If there is a list item that is consistent with the comparison result, the comparison is successful, and it is determined to enter the payment scenario. When the newly started client is not in the list, step S306 may be further determined by using a cloud query method, for example, extracting feature information such as a package name, a tag name, and version information of the client, and whether the package name and the tag name include the payment class. The feature keyword of the client, if yes, the comparison is successfully determined to enter the payment scenario. The above payment client list can be dynamically adjusted according to the usage of the mobile terminal to record information of all installed payment clients.
在步骤S202之后，还可以首先对支付客户端进行版本校验，并进行支付清场，即关闭与支付无关的进程。After step S202, the payment client may also be first verified by the version, and the payment is cleared, that is, the process unrelated to the payment is closed.
对支付客户端进行版本校验的过程可以在首先进行病毒扫描，对客户端的权限、特征信息等特征匹配，对于不能确定的客户端可以将客户端的包名、签名、版本号等信息上传至云端进行验证，如果验证的结果确定客户端包含木马或病毒，提示用户进行卸载，对于验证结果为不包括木马或病毒的客户端，可以依次分析该客户端的以下内容：是否为正版软件、是否经过二次打包、是否存在欺诈行为，在客户端为正版无欺诈的支付类客户端时，进入支付场景的流程。如果客户端未通过验证，可以对用户进行提示，例如向用户推荐正版软件或者提示支付风险。The process of verifying the payment client may be performed by first scanning the virus, matching the characteristics of the client's permissions and feature information, and uploading the client's package name, signature, version number, etc. to the cloud for the undetermined client. Verification, if the result of the verification determines that the client contains a Trojan or a virus, prompting the user to uninstall, for the client whose verification result is not including Trojan or virus, the following contents of the client can be analyzed in turn: whether it is genuine software, whether it passes through two Sub-packaged, whether there is fraud, and the process of entering the payment scenario when the client is a genuine fraud-free payment client. If the client does not pass the verification, the user can be prompted, such as recommending genuine software to the user or prompting for payment risk.
以上版本校验可以使用移动终端中预置的具有应用安全分析功能的安全软件进行，例如在安全卫士软件中预置支付安全扫描的操作选项，在用户对该操作选项进行点击或其他操作后，安全卫士按照上述的版本校验流程，扫描支付类客户端。图4是根据本发明实施例的基于移动终端的支付方法中客户端扫描的界面效果图，图5是根据本发明实施例的基于移动终端的支付方法中进行版本校验的效果图。如图4所示，在安全软件的主界面上除了快速扫描的按钮外，还可以预置支付安全的按钮，在用户操作以上按钮后，安全卫士对客户端的权限、包名、标签名、版本号依次进行扫描。The above version verification can be performed by using the security software with the application security analysis function preset in the mobile terminal, for example, the operation option of the payment security scan is preset in the security guard software, after the user clicks or other operations on the operation option, The security guard scans the payment client in accordance with the above version verification process. 4 is an interface effect diagram of client scanning in a mobile terminal-based payment method according to an embodiment of the present invention, and FIG. 5 is an effect diagram of performing version verification in a mobile terminal-based payment method according to an embodiment of the present invention. As shown in FIG. 4, in addition to the quick scan button on the main interface of the security software, a button for paying security can be preset. After the user operates the above button, the security guard has the right to the client, the package name, the tag name, and the version. The number is scanned in sequence.
图6是根据本发明实施例的基于移动终端的支付方法中进行支付清场的流程图，该流程包括以下步骤：FIG. 6 is a flowchart of performing a payment clearing in a mobile terminal-based payment method according to an embodiment of the present invention, the flow comprising the following steps:
在移动终端进入支付场景且支付客户端版本已经通过验证之后，枚举移动终端当前运行的所有进程，然后依次对进程进行以下判断：本地缓存查询判断、白签名判断、系统进程判断、云查杀判断、云查杀结果判断。After the mobile terminal enters the payment scenario and the payment client version has passed the verification, all the processes currently running by the mobile terminal are enumerated, and then the following judgments are performed on the process: local cache query judgment, white signature judgment, system process judgment, cloud killing Judgment, cloud killing results judged.
用层扫描感知到文件大小，文件最后修改时间，文件创建时间没有变化，且驱动层(qutmdrv.sys)在文件监控过程中也没有监控到文件发生过写操作，那么我们就认为两次扫描之中文件没有发生变化，就可以直接从数据库中获取该文件的特征如全文MD5，全文SHA1等信息。文件监控主要是驱动来做的，主要是审计驱动检测文件是否被改动。例如，出现了写操作，或者属性进行了修改，则可以在数据库中记录该变化情况，并认为该文件已经失效，在文件扫描过程中把文件的特征(文件路径，文件大小、文件最后修改时间、文件创建时间、通过三要素计算出全文MD5，SHA1)存储在本地数据库。如果未修改过，就可以直接从数据库中获取该文件的特征如全文MD5，全文SHA1等信息。The local cache query judgment refers to storing the characteristics of the file (file path, file size, file modification time, file creation time, and full-text MD5, SHA1) in the local database during the file scanning process, thereby Obtain file attribute information of the file to be scanned through the local database. Such as file size, file modification time, and file path. The file attribute information in the system can be updated in real time according to the modification of the file. Obtain file information from the local database according to the file path for the same file, if
The layer scan senses the file size, the file modification time, the file creation time does not change, and the driver layer (qutmdrv.sys) does not monitor the file write operation during the file monitoring process, then we think that the scan is two times. If the file does not change, you can directly obtain the characteristics of the file from the database, such as the full text MD5, the full text SHA1 and other information. File monitoring is mainly done by the driver, mainly because the audit driver detects whether the file has been changed. For example, if a write operation occurs, or the property is modified, the change can be recorded in the database, and the file is considered invalid. The file characteristics (file path, file size, file last modification time) are recorded during the file scanning process. The file creation time, the full text MD5, SHA1) is stored in the local database through three elements. If it has not been modified, you can get the characteristics of the file directly from the database, such as the full text MD5, full text SHA1 and other information.
因为文件的最后修改时间和文件的创建时间是可以修改的，所以如果文件内容发生变化文件大小相同，且文件的最后修改时间及文件的创建时间也改为一样，就可以造成该方法会获取到一个错误的文件标识，因此引入了文件监控，当文件发生写操作或者其他的修改操作时就把本地缓存数据库的对应的记录做一个无效标志，下回扫描时，重新获取文件的特征。Because the last modification time of the file and the creation time of the file can be modified, if the file content changes the file size is the same, and the last modification time of the file and the file creation time are also changed to the same, the method can be obtained. A wrong file identifier, so file monitoring is introduced. When a file write operation or other modification operation, the corresponding record of the local cache database is made an invalid flag, and the next time the scan is performed, the characteristics of the file are re-acquired.
通过本地缓存查询还可以确定当前扫描的进程与之前扫描的进程进行匹配，例如该进程之前被确定为白名单进程，则可以在支付环境下保留该进程，该进程之前被确定为黑名单进程，则可以加入黑/灰进程列表，并清除，对于本地缓存查询无结果或者类型不明确的进程可以记为灰名单进程，进行下一步判断。The local cache query can also determine that the currently scanned process matches the previously scanned process. For example, if the process is previously determined to be a whitelist process, the process can be retained in the payment environment, and the process is previously determined to be a blacklist process. You can add the black/gray process list and clear it. For processes with no result or unclear type for the local cache query, you can record it as a graylist process and proceed to the next step.
白签名判断是指判断当前进程是否为本地记录的排序靠前的若干白签名的进程，例如使用1000个可以确定为白签名对进程对应的签名进行比对，如果确认进程签名属于白签名，则可以在支付环境下保留该进程，如果进程签名不在白签名中，则需要进行下一步判断。The white signature judgment refers to a process of judging whether the current process is a white record of the top of the local record, for example, using 1000 identifiers that can be determined to be white signatures for the process, if the process signature is a white signature, then The process can be retained in the payment environment. If the process signature is not in the white signature, the next step is required.
系统进程判断是指判断当前进程是否为系统核心进程，一般而言，系统核心进程的UID(User Identification，用户身份证明)小于1000，因此可以将UID小于1000的进程在支付环境下保留该进程，否则需要进行下一步判断。The system process determines whether the current process is the core process of the system. Generally, the UID (User Identification) of the system core process is less than 1000. Therefore, the process with the UID less than 1000 can retain the process in the payment environment. Otherwise, you need to make the next judgment.
云查杀判断是指查询客户端的特征是否与云端的客户端特征进行匹配，若云端不存在与客户端特征匹配的特征，则可以在支付环境下保留该进程，如果在云端查询出对应特征中，则需要进行下一步判断。The cloud killing judgment refers to whether the feature of the query client matches the client feature of the cloud. If the cloud does not have the feature matching the client feature, the process can be retained in the payment environment, if the corresponding feature is queried in the cloud. , you need to make the next judgment.
云查杀结果判断是指确定客户端云查杀的结果为白样本还是黑样本，若为白样本则可以在支付环境下保留该进程，若被确定为黑样本，则可以加入黑/灰进程列表，并清除。The cloud killing result judgment is to determine whether the result of the client cloud killing is white or black. If it is a white sample, the process can be retained in the payment environment. If it is determined to be a black sample, the black/ash process can be added. List and clear.
以上多个判断过程依次进行，采用非黑即白的策略，终止所有的黑/灰进程，仅允许白进程在支付环境保持运行。The above multiple judgment processes are sequentially performed, and the black/white process is terminated by using a non-black and white policy, and only the white process is allowed to remain running in the payment environment.
在完成支付清场后，进行进程监控、分析和处理。图7是根据本发明实施例的基于移动终端的支付方法的一种可选流程图，该可选流程可以包括：Process monitoring, analysis, and processing are performed after the payment is cleared. FIG. 7 is an optional flowchart of a mobile terminal-based payment method according to an embodiment of the present invention, and the optional process may include:
在完成支付清场后，同时监控移动终端有无新的进程启动以及监控移动终端有无新的窗口弹出，在监控新窗口时，执行以下步骤：After completing the payment clearing, the mobile terminal is simultaneously monitored for the start of a new process and the mobile terminal is monitored for a new window popup. When monitoring the new window, perform the following steps:
S702，监控移动终端是否有新的进程窗口出现；S702. Monitor whether the mobile terminal has a new process window.
运行的进程弹出的窗口，若否执行步骤S706，若是，执行步骤S708；S704: Query whether the pop-up new window is a new window opened by the user or allow background in the payment scenario.
The running process pop-up window, if not step S706, and if so, step S708;
S706，在后台关闭该新窗口，并且无需给用户进行提示；S706, closing the new window in the background, and does not need to prompt the user;
S708，允许新窗口执行，并按暂停支付客户端；S708, allowing a new window to be executed, and pressing the payment client;
在监控新进程时，执行以下步骤：When monitoring a new process, perform the following steps:
步骤S710，监控移动终端有无新的进程启动；Step S710, monitoring whether the mobile terminal starts a new process;
步骤S712，调用支付清场的缓存策略进行进程验证，与之前支付清场过程中缓存的白进程和黑/灰进程进行比对，缓存策略同样可以使用特征比对的方式进行，例如文件路径，文件大小、文件最后修改时间、文件创建时间、通过三要素计算出全文MD5或SHA1，前文已介绍，在此不做赘述；In step S712, the cache policy of the payment clearing field is invoked to perform process verification, and the white process and the black/gray process cached in the previous payment clearing process are compared, and the cache policy may also be performed by using a feature comparison method, such as a file path and a file size. The last modification time of the file, the file creation time, and the full text MD5 or SHA1 are calculated by three elements. The foregoing has been introduced, and will not be described here;
步骤S714，判断是否为清场过程中终止的进程，若是，执行步骤S718，若否，执行步骤S716；Step S714, it is determined whether the process is terminated during the clearing process, and if so, step S718 is performed, and if not, step S716 is performed;
步骤S716，对该进程按照支付清场的逻辑进一步进行检测，检测同样可以采用本地缓存查询判断、白签名判断、系统进程判断、云查杀判断、云查杀结果判断等步骤进行，对支付清场中未出现的新进程进行扫描；Step S716, the process is further detected according to the logic of the payment clearing field, and the detection may also be performed by using a local cache query judgment, a white signature judgment, a system process judgment, a cloud check kill judgment, a cloud kill kill result judgment, and the like, and the payment is cleared in the field. New processes that do not appear to be scanned;
步骤S718，终止新进程。Step S718, terminating the new process.
在步骤S708和S718之后，可以分别判断当前支付场景是否已退出，即判断用户是否已关闭支付客户端，若否分别返回执行步骤S702和步骤S708，若是，结束支付环境保护，返回支付场景之前的移动终端状态。After step S708 and S718, it can be determined whether the current payment scenario has been exited, that is, whether the user has closed the payment client, if not, respectively, returning to step S702 and step S708, and if so, ending the payment of environmental protection, returning to the payment scenario Mobile terminal status.
本实施例的保护移动终端支付安全的方法在进入支付场景后，对终端内进程的变化情况进行监控和分析，及时终止存在支付风险的进程，因此可以保护支付场景的安全，提高移动支付的安全性。并且在进入支付场景时，清除与支付无关的进程，完成支付清场，为安全支付提供安全的支付环境。从而消除了移动支付过程中由于移动终端进程导致的安全隐患。The method for protecting the payment security of the mobile terminal in this embodiment, after entering the payment scenario, monitors and analyzes the change of the process in the terminal, and terminates the process of the payment risk in time, thereby protecting the security of the payment scenario and improving the security of the mobile payment. Sex. And when entering the payment scenario, the process unrelated to the payment is cleared, the payment is cleared, and a secure payment environment is provided for the secure payment. Thereby, the security risk caused by the mobile terminal process in the mobile payment process is eliminated.
此外，本领域的技术人员能够理解，尽管在此所述的一些实施例包括其它实施例中所包括的某些特征而不是其它特征，但是不同实施例的特征的组合意味着处于本发明的范围之内并且形成不同的实施例。例如，在下面的权利要求书中，所要求保护的实施例的任意之一都可以以任意的组合方式来使用。In addition, those skilled in the art will appreciate that, although some embodiments described herein include certain features that are included in other embodiments and not in other features, combinations of features of different embodiments are intended to be within the scope of the present invention. Different embodiments are formed and formed. For example, in the following claims, any one of the claimed embodiments can be used in any combination.
本发明的各个部件实施例可以以硬件实现，或者以在一个或者多个处理器上运行的软件模块实现，或者以它们的组合实现。本领域的技术人员应当理解，可以在实践中使用微处理器或者数字信号处理器(DSP)来实现根据本发明实施例的基于移动终端的支付装置及移动终端，以及保护移动终端支付安全的装置及移动终端中的一些或者全部部件的一些或者全部功能。本发明还可以实现为用于执行这里所描述的方法的一部分或者全部的设备或者装置程序(例如，计算机程序和计算机程序产品)。这样的实现本发明的程序可以存储在计算机可读介质上，或者可以具有一个或者多个信号的形式。这样的信号可以从因特网网站上下载得到，或者在载体信号上提供，或者以任何其他形式提供。The various component embodiments of the present invention may be implemented in hardware, or in a software module running on one or more processors, or in a combination thereof. It should be understood by those skilled in the art that a mobile terminal or a digital signal processor (DSP) can be implemented in practice to implement a mobile terminal-based payment device and mobile terminal according to an embodiment of the present invention, and a device for protecting payment security of a mobile terminal. And some or all of the functions of some or all of the components of the mobile terminal. The invention can also be implemented as a device or device program (e.g., a computer program and a computer program product) for performing some or all of the methods described herein. Such a program implementing the invention may be stored on a computer readable medium or may be in the form of one or more signals. Such signals may be downloaded from an Internet website, provided on a carrier signal, or provided in any other form.
EPROM、硬盘或者ROM之类的电子存储器。存储器820具有用于执行上述方法中的任何方法步骤的程序代码831的存储空间830。例如，用于程序代码的存储空间830可以包括分别用于实现上面的方法中的各种步骤的各个程序代码831。这些程序代码可以从一个或者多个计算机程序产品中读出或者写入到这一个或者多个计算机程序产品中。这些计算机程序产品包括诸如硬盘，紧致盘(CD)、存储卡或者软盘之类的程序代码载体。这样的计算机程序产品通常为如参考图9所述的便携式或者固定存储单元。该存储单元可以具有与图8的计算设备中的存储器820类似布置的存储段、存储空间等。程序代码可以例如以适当形式进行压缩。通常，存储单元包括计算机可读代码831’，即可以由例如诸如810之类的处理器读取的代码，这些代码当由计算设备运行时，导致该计算设备执行上面所描述的方法中的各个步骤。For example, Figure 8 illustrates a computing device that can implement a method of transferring data between intelligent terminals. The computing device conventionally includes a processor 810 and a computer program product or computer readable medium in the form of a memory 820. The memory 820 can be, for example, a flash memory, an EEPROM (Electrically Erasable Programmable Read Only Memory),
Electronic memory such as EPROM, hard disk or ROM. Memory 820 has a memory space 830 for program code 831 for performing any of the method steps described above. For example, storage space 830 for program code may include various program code 831 for implementing various steps in the above methods, respectively. The program code can be read from or written to one or more computer program products. These computer program products include program code carriers such as hard disks, compact disks (CDs), memory cards or floppy disks. Such a computer program product is typically a portable or fixed storage unit as described with reference to FIG. The storage unit may have storage segments, storage spaces, and the like that are similar to the storage 820 in the computing device of FIG. The program code can be compressed, for example, in an appropriate form. Typically, the storage unit includes computer readable code 831', ie, code readable by a processor, such as 810, that when executed by a computing device causes the computing device to perform each of the methods described above step.
本文中所称的“一个实施例”、“实施例”或者“一个或者多个实施例”意味着，结合实施例描述的特定特征、结构或者特性包括在本发明的至少一个实施例中。此外，请注意，这里“在一个实施例中”的词语例子不一定全指同一个实施例。"an embodiment," or "an embodiment," or "an embodiment," In addition, it is noted that the phrase "in one embodiment" is not necessarily referring to the same embodiment.
应该注意的是上述实施例对本发明进行说明而不是对本发明进行限制，并且本领域技术人员在不脱离所附权利要求的范围的情况下可设计出替换实施例。在权利要求中，不应将位于括号之间的任何参考符号构造成对权利要求的限制。单词“包含”不排除存在未列在权利要求中的元件或步骤。位于元件之前的单词“一”或“一个”不排除存在多个这样的元件。本发明可以借助于包括有若干不同元件的硬件以及借助于适当编程的计算机来实现。在列举了若干装置的单元权利要求中，这些装置中的若干个可以是通过同一个硬件项来具体体现。单词第一、第二、以及第三等的使用不表示任何顺序。可将这些单词解释为名称。It is to be noted that the above-described embodiments are illustrative of the invention and are not intended to be limiting, and that the invention may be devised without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as a limitation. The word "comprising" does not exclude the presence of the elements or steps that are not recited in the claims. The word "a" or "an" The invention can be implemented by means of hardware comprising several distinct elements and by means of a suitably programmed computer. In the unit claims enumerating several means, several of these means can be embodied by the same hardware item. The use of the words first, second, and third does not indicate any order. These words can be interpreted as names.
In addition, it should be noted that the language used in the specification has been selected for the purpose of readability and teaching, and is not intended to be construed or limited. Therefore, many modifications and changes will be apparent to those skilled in the art without departing from the scope of the invention. The disclosure of the present invention is intended to be illustrative, and not restrictive, and the scope of the invention is defined by the appended claims.