WO2018107398A1 - Method for verifying validity of message and server - Google Patents

Abstract

Provided by the present application are a method for verifying the validity of a message and a server, the method comprising: a terminal device determines summary information corresponding to a received message; the terminal devices generates verification information, the verification information comprising the summary information and identification information, the identification information being used for identifying the terminal device; the terminal device sends the verification information to a first server, the first server being a server determined by the terminal device for sending the message; and the terminal device receives a verification result sent by the first server that is determined according to the verification information, the verification result being used for indicating whether the message is valid. The present invention may help a user avoid being deceived by an invalid message and improve user experience.

Description

Method and server for verifying the legitimacy of a message Technical field

Embodiments of the present application relate to the field of communication technologies, and more specifically to a method and server for verifying the legitimacy of a message.

Background technique

In recent years, pseudo-base station SMS fraud and theft of personal information have become increasingly rampant, and have received the attention of relevant government management departments and telecom operators (such as mobile, China Unicom, and telecommunications companies). The "pseudo base station" device is mainly composed of a host computer and a notebook computer, and can search for mobile phone information within a certain radius within a certain radius by means of a short message group sender, a short message sender, and the like, and arbitrarily pretend to be a carrier base station, and arbitrarily Use other people's mobile phone numbers to force short messages such as fraud and advertising to the user's mobile phone. For example, fraudulent use of the number of a legitimate institution such as a bank or an operator in a crowded place such as a bank or a shopping mall, in the name of various remittances, to send a short message to a certain range of mobile phones; or, to filter out a mobile phone with a better "mantissa" No., send short messages in the name of this number, and implement targeted fraud in their acquaintances such as friends, family, and colleagues. For the user, it is difficult to identify whether these fraudulent SMS messages are actually from the SMS servers of the corresponding banks, operators and Internet service providers.

At present, the identification of the illegal short message is implemented in the user terminal, and the identification method mainly identifies the short message based on the short message content, the blacklist or the whitelist, that is, by identifying the risk content in the short message content and determining that the short message number belongs to the blacklist. Or a whitelist to comprehensively identify received text messages.

However, the existing short message identification method is likely to be regarded as a white list because the forged SMS number belongs to a public service organization, or is considered to be a legitimate short message because the content of the fraudulent short message is very close to the content of the legitimate short message, and thus cannot be effective. The identification of fraudulent text messages.

Therefore, an effective method for verifying the legitimacy of messages is urgently needed to prevent users from being blinded by illegal messages.

Summary of the invention

The present application provides a method and a server for verifying the validity of a message, so that the user can accurately determine whether the message is legal, and prevent the user from being blinded by the illegal message, thereby improving the user experience.

The first aspect provides a method for verifying the validity of a message, including: determining, by the terminal device, summary information corresponding to the received message; the terminal device generating verification information, where the verification information is And including the summary information and the identifier information, where the identifier information is used to identify the terminal device; the terminal device sends the verification information to a first server, where the first server sends the a server of the message; the terminal device receives the verification result determined by the first server according to the verification information, and the verification result is used to indicate whether the message is legal.

According to the method for verifying the validity of a message according to the present application, after receiving the message, the terminal device generates verification information related to the message, and sends the verification information to the server that sends the message determined by the terminal device, so that the server verifies the message according to the verification information. Whether it is legal and sends the verification result to the terminal device. The user can accurately determine whether the message is legal, prevent the user from being blinded by illegal messages, and improve the user experience.

With reference to the first aspect, in an implementation manner of the first aspect, the sending, by the terminal device, the verification information to the first server, includes: sending, by the terminal device, the verification information to a second server, to facilitate the The second server sends the verification information to the first server.

Optionally, the second server encrypts the verification information by using the public key of the first server. Correspondingly, the first server decrypts the received verification information by using its own private key.

Since the terminal device and the first server can interact through the second server, the interaction between the terminal device and the first server can be simplified, and the implementation of the terminal device is simplified.

With reference to the first aspect and the foregoing implementation manner, in another implementation manner of the first aspect, the terminal device receives the verification result that is determined by the first server and is determined according to the verification information, and includes: receiving, by the terminal device The verification result forwarded by the first server by the second server.

In conjunction with the first aspect and the foregoing implementation manner, in another implementation manner of the first aspect, before the sending, by the terminal device, the verification information to the second server, the method further includes: Encrypting the verification information, wherein the first key corresponds to a second key, and the second key is used by the second server to decrypt the encrypted by the first key The key of the verification information.

Optionally, the first key is a public key of the second server, and the second key is a private key of the second server.

In conjunction with the first aspect and the foregoing implementation manner, in another implementation manner of the first aspect, the method further includes: the terminal device, according to the verification result, indicating whether the message is legal.

By marking the legality of the message, the user can intuitively recognize the legitimacy of the message and enhance the user experience.

In combination with the first aspect and the foregoing implementation manner, in another implementation manner of the first aspect, the identifier information includes at least one of the following information: an identifier ID of the terminal device, a mobile phone number of the terminal device The sending time of the message and the account information of the user.

The account information of the user may be the account information of the user logging in to the second server through the terminal device, or may be the user ID used by the user to log in to the payment application.

In conjunction with the first aspect and the foregoing implementation manner, in another implementation manner of the first aspect, the summary information is a hash value.

In combination with the first aspect and the foregoing implementation manner, in another implementation manner of the first aspect, before the terminal device determines the digest information of the message, the method further includes: the terminal device determining the message For the target class message, the target class message is a message related to the privacy and/or property of the user.

Optionally, the target class message is a payment short message, a transfer short message or an advertisement short message.

The second aspect provides a method for verifying the validity of a message, where the second server receives the verification information sent by the terminal device, where the verification information includes summary information and identification information, and the summary information is related to the terminal. Corresponding to the message received by the device, the identifier information is used to identify the terminal device; the second server sends the verification information to the first server, where the first server is a sending station determined by the second server The server of the message, so that the first server determines whether the message is legal according to the verification information, and sends a verification result to the terminal device to indicate whether the message is legal.

According to the method for verifying the validity of the message according to the present application, after the first server receives the verification information sent by the terminal device, the first server sends the verification information to the first server that is sent by the first server to send the message, so that the first server is configured according to the first server. After verifying the validity of the information verification message, the verification result is sent to the terminal device. Therefore, the user can accurately determine whether the message is legal, and prevent the user from being blinded by the illegal message, thereby improving the user experience.

With reference to the second aspect, in an implementation manner of the second aspect, before the sending, by the second server, the verification information to the first server, the method further includes: determining, by the second server, that the terminal device is A terminal device authenticated by the second server.

Optionally, the second server determines that the terminal device is a terminal device that has been authenticated by the second server, and may also be understood that the second server determines that the terminal device is a legal terminal device.

With reference to the second aspect and the foregoing implementation manner, in another implementation manner of the second aspect, the method further includes: the second server receiving the verification result sent by the first server; The second server sends the verification result to the terminal device.

With reference to the second aspect and the foregoing implementation manner, in another implementation manner of the second aspect, the receiving, by the second server, the verification information that is sent by the terminal device, The verification information after the first key is encrypted; wherein the method further comprises: determining, by the second server, the result of decrypting the verification information encrypted by using the first key, using the second key Whether the terminal device is a terminal device that has been authenticated by the second server, and the second key corresponds to the first key.

Optionally, the first key is a public key of the second server, and the second key is a private key of the second server.

With reference to the second aspect and the foregoing implementation manner, in another implementation manner of the second aspect, the identifier information includes at least one of the following information: an identifier ID of the terminal device, a mobile phone number of the terminal device The sending time of the message and the account information of the user.

The third aspect provides a method for verifying the validity of a message, including: the first server receives the verification information sent by the terminal device, where the verification information includes the digest information and the identifier information, where the digest information is received by the terminal device. Corresponding to the message, the identifier information is used to identify the terminal device; the first server determines, according to the verification information, whether a message is sent to the terminal device; The terminal device sends the result of the message to determine whether the message is legal. The first server sends a verification result to the terminal device, where the verification result is used to indicate whether the message is legal.

According to the method for verifying the legitimacy of the message according to the present application, the server receives the verification information sent by the terminal device, and after verifying whether the message is legal according to the verification information, sends the verification result to the terminal device. This enables the user to accurately determine whether the message is legal, to prevent the user from being blinded by illegal messages, and to enhance the user experience.

With reference to the third aspect, in an implementation manner of the third aspect, the receiving, by the first server, the verification information that is sent by the terminal device, includes: the first server receiving the verification that the terminal device forwards by using the second server information.

With the third aspect and the foregoing implementation manner, in another implementation manner of the third aspect, the sending, by the first server, the verification result to the terminal device, includes: sending, by the first server, the second server The verification result is such that the second server forwards the verification result to the terminal device.

With reference to the third aspect and the foregoing implementation manner, in another implementation manner of the third aspect, the first server determines, according to the verification information, whether to send the cancellation to the terminal device The information includes: when the first server determines to send a message to the terminal device according to the identifier information, the first server determines summary information corresponding to the message sent by the terminal device; When the first server determines that the digest information corresponding to the message sent by the terminal device matches the digest information included in the verification information, the first server determines to send the message to the terminal device.

Optionally, when the first server determines, according to the identification information, that no message has been sent to the terminal device, the first server determines that the message received by the terminal device is illegal.

With reference to the third aspect and the foregoing implementation manner, in another implementation manner of the third aspect, the identifier information includes at least one of the following information: an identifier ID of the terminal device, a mobile phone number of the terminal device , the time when the information is sent, and the account information of the user.

In conjunction with the third aspect and the foregoing implementation manner, in another implementation manner of the third aspect, the summary information is a hash value.

In a fourth aspect, a terminal device is provided for performing the method of any of the above first aspect or any of the possible implementations of the first aspect. In particular, the terminal device comprises means for performing the method of any of the above-described first aspect or any of the possible implementations of the first aspect.

In a fifth aspect, a server is provided for performing the method of any of the above-described second aspect or any of the possible implementations of the second aspect. In particular, the server comprises means for performing the method of any of the above-described second aspect or any of the possible implementations of the second aspect.

In a sixth aspect, a server is provided for performing the method of any of the above-described third aspect or any of the possible implementations of the third aspect. In particular, the server comprises means for performing the method of any of the above mentioned third or third aspects of the third aspect.

According to a seventh aspect, a terminal device includes a processor, a memory, a receiver, and a transmitter, the processor, the memory, the receiver, and the transmitter are connected by a bus system, and the memory is configured to store an instruction, where The receiver receives information according to the control of the processor, and the transmitter transmits information according to the control of the processor, and the processor is configured to invoke the instruction stored in the memory to perform any of the foregoing first aspect or the first aspect. The method in the implementation.

In an eighth aspect, a server is provided, including a processor, a memory, a receiver, and a transmitter, the processor, the memory, the receiver, and the transmitter are connected by a bus system, and the memory is configured to store an instruction, the receiving Receiving information according to control of the processor, the transmitter transmitting information according to control of the processor, the processor for invoking instructions stored in the memory, performing any possible implementation of the second aspect or the second aspect The method in the way.

In a ninth aspect, a server is provided, including a processor, a memory, a receiver, and a transmitter, the processor, the memory, the receiver, and the transmitter are connected by a bus system, and the memory is configured to store an instruction, the receiving Receiving information according to control of the processor, the transmitter transmitting information according to control of the processor, the processor for invoking instructions stored in the memory, performing any of the foregoing third aspect or any possible implementation of the third aspect The method in the way.

A tenth aspect, a computer readable medium for storing a computer program, the computer program comprising instructions for performing the method of any of the first aspect or the first aspect of the first aspect.

In an eleventh aspect, a computer readable medium is provided for storing a computer program, the computer program comprising instructions for performing any of the possible implementations of the second or second aspect described above.

According to a twelfth aspect, there is provided a computer readable medium for storing a computer program comprising instructions for performing any of the possible implementations of the third or third aspect above.

DRAWINGS

FIG. 1 is a schematic diagram of an application scenario of an embodiment of the present application;

2 is a schematic structural diagram of a terminal device according to an embodiment of the present application;

FIG. 3 is a schematic flowchart of a method for verifying the legitimacy of a message according to an embodiment of the present application; FIG.

4 is a schematic flowchart of a method for verifying the legitimacy of a message according to another embodiment of the present application;

FIG. 5 is a schematic block diagram of a terminal device according to another embodiment of the present application; FIG.

6 is a schematic block diagram of a server according to an embodiment of the present application;

FIG. 7 is a schematic block diagram of a server according to another embodiment of the present application; FIG.

FIG. 8 is a schematic block diagram of a terminal device according to still another embodiment of the present application; FIG.

FIG. 9 is a schematic block diagram of a server according to still another embodiment of the present application; FIG.

FIG. 10 is a schematic block diagram of a server according to still another embodiment of the present application.

detailed description

The technical solutions in the embodiments of the present application will be clearly and completely described in the following with reference to the accompanying drawings in the embodiments.

In the embodiment of the present application, a terminal device (Terminal Device) may also be referred to as a user device (User Device), a mobile station (Mobile Station, referred to as "MS"), a mobile terminal (Mobile Terminal), and a client (Station). The terminal device can communicate with one or more core networks via a radio access network (Radio Access Network, hereinafter referred to as "RAN"). For example, the terminal device can be a mobile phone (or "Cellular" telephone, computer with mobile terminal, etc., for example, portable, pocket, handheld, computer built-in or in-vehicle mobile devices, and terminal devices in future 5G networks or in future evolved PLMN networks Terminal equipment, etc.

In this embodiment, the base station may be a base station (Base Transceiver Station, abbreviated as "BTS") in the GSM system or CDMA, or a base station (NodeB, abbreviated as "NB") in the WCDMA system, or may be An evolved base station (Evolutional Node B, referred to as "eNB" or "eNodeB") in the LTE system, or the base station may be a network device in a future 5G network or a network device in a future evolved PLMN network.

FIG. 1 is a schematic diagram of an application scenario of an embodiment of the present application. The communication system shown in FIG. 1 includes a base station, a terminal device, a first server, and a second server. The first server can exchange information between the base station and the terminal device, and the interaction between the terminal device and the first server can be simplified by the second server.

At present, as shown in Figure 1, the criminals usually use a "pseudo base station" composed of a host computer and a laptop computer to disguise themselves as a carrier base station, and arbitrarily use other people's numbers to send information such as fraud, advertising, and the like to the user's mobile phone. Therefore, it is necessary to provide a method for verifying the legitimacy of a message, which prevents the user from being blinded by the illegal message and improves the user experience.

FIG. 2 is a block diagram showing a part of the structure of a terminal device related to an embodiment of the present application. Referring to FIG. 2, the terminal device 100 includes a radio frequency (Radio Frequency, abbreviated as "RF") circuit 110, an input unit 120, a display unit 130, a sensor 140, an audio circuit 150, a memory 160, a processor 170, and a power source 180. These components communicate over one or more communication buses or signal lines. It will be understood by those skilled in the art that the device structure shown in FIG. 2 does not constitute a limitation to the terminal device, and may include more or less components than those illustrated, or a combination of certain components, or different component arrangements.

The components of the terminal device 100 will be specifically described below with reference to FIG. 2:

The RF circuit 110 can be used for receiving and transmitting signals during transmission and reception or during a call, in particular, after receiving the downlink information of the base station, and processing it to the processor 170; Send to the base station. Generally, the RF circuit 110 includes, but is not limited to, an antenna, at least one amplifier, a transceiver, a coupler, a Low Noise Amplifier (LNA), a duplexer, and the like. In addition, RF circuitry 110 can also communicate with the network and other devices via wireless communication.

The network is, for example, the Internet (also known as the World Wide Web (WWW)), an intranet, and/or a wireless network (such as a cellular telephone network, a wireless local area network (Wireless Local Area Network, WLAN for short). ") and / or Metropolitan Area Network ("MAN"). Wireless communication can use any of a variety of communication standards, protocols and technologies, including but not limited to GSM systems, enhanced data GSM environment (EDGE ), High Speed Downlink Packet Access (HSDPA), High Speed Uplink Packet Access (HSUPA), WCDMA, CDMA, Time Division Multiple Access (TDMA), LTE, Bluetooth, WiFi (eg, IEEE 802.11a, IEEE 802.11b) , IEEE 802.11g and/or IEEE 802.11n), Voice over Internet Protocol (VoIP), Wi-MAX, email protocols (eg, Internet Message Access Protocol (IMAP) and/or Post Office Protocol (POP)), instant messaging (eg , Extensible Messaging Processing Site Protocol (XMPP), Session Initiation Protocol (SIMPLE) for Instant Messaging and Field Utilization Extensions, Instant Messaging and Presence Service (IMPS), and/or Short Message Service (SMS), or whatever appropriate Communication protocols, including the submission date has not yet developed a communication protocol in this application.

The memory 160 can be used to store software programs and modules, and the processor 170 executes various functional applications and data processing of the terminal devices by running software programs and modules stored in the memory 160. The memory 160 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application required for at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may be stored according to Data created by the use of wireless communication devices (such as audio data, phone books, etc.). Moreover, memory 160 can include high speed random access memory, and can also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device.

The input unit 120 can be configured to receive input gesture information, digital or character information, and generate key signal input related to user settings and function control of the terminal device 100. In particular, the input unit 120 can include a touch screen as well as other input devices. The touch screen can collect touch operations on or near the user (such as the user using a finger, a stylus, or the like on the touch screen or near the touch screen), and drive the corresponding connection according to a preset program. Device. In addition to the touch screen, the input unit 120 may also include other input devices. Specifically, other input devices include, but are not limited to, a physical keyboard, function keys (such as volume control buttons, switch buttons, etc.), tracks One or more of a ball, a mouse, a lever, and the like.

The display unit 130 can be used to display information input by the user or information provided to the user as well as various menus of the wireless communication device. The display unit 130 may include a display screen. Alternatively, the display screen may be configured in the form of a liquid crystal display ("LCD") or an organic light emitting diode (OLED). Although in FIG. 2, the touch screen and the display screen are two separate components to implement the input and input functions of the wireless communication device, in some embodiments, the input of the wireless communication device can be implemented by integrating the touch screen with the display screen. And output function.

The terminal device 100 may also include at least one type of sensor 140, such as a capacitive sensor, a light sensor, a motion sensor, and other sensors. The light sensor can include an ambient light sensor and a proximity sensor. Proximity sensors can be used to detect if an object is in proximity to the wireless communication device. Capacitive sensors can be used to detect if an object (such as a human or animal) capable of causing a change in capacitance value is in proximity to the wireless communication device.

The audio circuit 150, the speaker, and the microphone can provide an audio interface between the user and the terminal device. The audio circuit 150 can transmit the converted electrical signal of the received audio data to the speaker, and convert it into a sound signal output by the speaker; on the other hand, the microphone converts the collected sound signal into an electrical signal, which is received by the audio circuit 150 and then converted. The audio data is processed by the audio data output processor 170, transmitted via the RF circuit 110 to, for example, another wireless communication device, or the audio data is output to the memory 170 for further processing.

The processor 170 is a control center of the terminal device that connects various portions of the entire wireless communication device using various interfaces and lines, by running or executing software programs and/or modules stored in the memory 160, and recalling stored in the memory 160. The data, performing various functions and processing data of the wireless communication device, thereby performing overall monitoring of the wireless communication device. Optionally, the processor 170 includes an application processor (Application Processer) and a modem processor (Modem Processer). The application processor mainly processes an operating system, a user interface, an application, and the like, and the modem processor mainly processes wireless communication. It can be understood that the above-mentioned modem processor and modem processor can be integrated into the same processor, or can be separate and independent processors. The processor 170 can be a central processing unit ("CPU"), and can also be other general purpose processors, digital signal processors (DSPs), application specific integrated circuits (ASICs), and off-the-shelf programmable gate arrays ( FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, and the like. The general purpose processor may be a microprocessor or the processor may also be Any conventional processor, etc. It can be understood that the foregoing processor 170 and the memory 160 may be integrated in the same chip, or may be separate and independent chips.

The terminal device 100 further includes a power source 180 (such as a battery) for supplying power to the various components. Preferably, the power source can be logically connected to the processor 170 through the power management system to manage functions such as charging, discharging, and power management through the power management system. .

Although not shown, the terminal device 100 may further include a camera, a GPS communication module, a Bluetooth communication module, and the like, and details are not described herein.

It should be noted that the message received by the terminal device in the embodiment of the present application includes, but is not limited to, a message received by a short message and a chat type software (for example, WeChat, QQ). A method for verifying the legitimacy of a message according to an embodiment of the present application will be described below with the message as a short message as an example. As shown in FIG. 3, method 200 includes:

S210. The terminal device determines summary information corresponding to the received short message.

After receiving the short message, the RF circuit 110 of the terminal device delivers the short message to the processor 170, and the processor 170 determines the summary information of the short message.

It should be noted that the summary information or simply “summary” refers to a fixed length value that uniquely corresponds to the short message. Optionally, it is generated by a one-way hash function that acts on the short message. The one-way hash function is used to "snap" the plaintext that needs to be encrypted into a string of 128-bit ciphertext. This ciphertext is also called a fingerprint (Finger Print), which has a fixed length, and different plaintexts are ciphered. The results are always different, and the same plain text must have the same summary. This summary can be used as a "fingerprint" to verify that the plaintext is "real". So if the text message changes on the way, the receiver can know whether the text message has changed by comparing the new digest received with the original digest with the original digest. Therefore, the summary of the SMS guarantees the integrity of the SMS.

Specifically, in some embodiments, the processor 170 performs hash processing on the short message and obtains a hash value of 1 by hash calculation.

It can be understood that the terminal device receives the short message sent by the base station through the RF circuit 110. The base station here may be a carrier base station, or may be a “pseudo base station”, and the short messages received by the RF circuit 110 may be classified into multiple types. For example, the short message may be classified into a communication rumor type message, a promotion service type message, and a pastime. Entertainment text messages, text messages related to users' privacy and/or property, etc.

Optionally, after the RF circuit 110 receives a short message, the processor 170 determines whether the short message is a target type short message, where the target type short message refers to the short message content and the user's privacy and/or property related short message, that is, the above Similar to the user's privacy and/or property related text messages, for example, goals The class message may be, for example, a payment text message, a transfer message, an advertisement message, or the like. When the processor 170 determines that the short message is a target type short message, the steps of the method 200 are performed.

Specifically, in some embodiments, the processor 170 parses the short message content. When it is determined that the short message includes a Uniform Resource Locator ("URL") and/or a preset keyword, the processor 170 Make sure the SMS is the target class SMS.

For example, the content of the short message is "Your credit card with a tail number of 1234 on the 11th, 23:11 consumption of 1000 yuan, 100 yuan repayment, hand slow no → cmbtcn / mZm", because the message contains URL, the processor 170 Make sure the text message is a suspected illegal text message. Alternatively, when the short message content includes a transfer, payment, transaction, xx far, download, verification code equal to a user's property security and privacy security related to a higher risk of the preset keyword, the processor 170 determines that the short message is the target type of short message. For example, the content of the target class SMS is "You pass the credit card with the ending number "2356" to Zhang**, the transfer bank's tail number 4567 card fails to transfer, and the transfer amount will be returned to your account within one hour. Call 95533 for details."

Alternatively, when the processor 170 determines that the sender number of the short message is a special service number, the processor 170 determines that the short message is a target type short message.

The special service number refers to a number or a non-private number that provides a special service, and may be a business consulting number, an after-sales service number, a service consultation number, etc. of the company or institution. For example, China Mobile Service Number 10086, China Telecom Service Number 10000, Construction Bank Service Number 95533. For example, the sender number of the short message is 95555, and the processor 170 determines that the short message is a target type short message.

Optionally, the memory 160 in the terminal device stores a list of special service numbers in advance. After the RF circuit 110 receives the short message, the processor 170 may determine whether the number of the short message sender is a special service number through a local query. The processor 170 may also obtain a special service number directory or a rule in advance, and perform local inquiry through the obtained special service number directory or rule to determine whether the number of the short message sender is a special service number. The processor 170 can also control the RF circuit 110 to interact with the cloud server to determine whether the number of the sender of the short message is a special service number.

Alternatively, when the processor 170 determines that the sender number of the short message is not the mobile phone number of the common contact, the processor determines that the short message is the target type short message. Specifically, the processor 170 acquires a list of frequently used contact numbers (address book) stored in the memory 160. If the processor 170 determines that the sender number of the short message is not in the list of frequently used contacts, the processor 170 determines that the short message is a target type of short message.

S220, the terminal device generates the verification information, where the verification information includes the summary information and the identifier information, where the identifier information is used to identify the terminal device;

Optionally, as an example, the identifier information includes at least one of the following information: an identifier ID of the terminal device, a mobile phone number of the terminal device, a sending time of the short message, and account information of the user.

The account information of the user may be the account information of the user logging in to the server through the terminal device, or the account information of the user may be the user ID of the user logging in to the payment application.

S230: The terminal device sends the verification information to the first server, where the first server is the server that sends the message that is determined by the terminal device.

Specifically, in some embodiments, the processor 170 transmits the verification information to the first server via the RF circuit 110. The first server identifies the short message sent to the terminal according to the identification information in the verification information, and calculates the hash value 2 of the short message. When the hash value 2 calculated by the first server matches the hash value 1 calculated in S210, the first party server determines that the short message received by the terminal device originates from the first server, that is, the terminal device receives The incoming SMS is a legitimate SMS.

It can be understood that the first server is a sending server of the message that the terminal device considers, but in fact, the first server may be the sending server of the message, or may not be the sending server of the message. For example, in the case where the message is transmitted by the pseudo base station to the terminal device, the first server is not the transmitting server of the message.

The first server may refer to a background server related to user privacy and/or property, for example, the first server is a background server corresponding to the payment application, a background server of the bank, a background server of the operator, a background server of the financial platform, and the like. .

Optionally, as an example, the processor 170 in the terminal device determines the first server by parsing the short message content, and then sends the verification information to the first server.

For example, the content of the text message received by the terminal device is "We will help you on the way forward, and you will be able to apply for the "Lightning Loan" application for the amount of 11000.00 yuan (whether or not the loan is subject to final approval). As low as 1.80, it is valid until December 31. [China Merchants Bank]. The processor 170 parses the content of the short message and finds that the short message includes “China Merchants Bank”, and the processor 170 determines that the first server should be the background server of the China Merchants Bank, and the terminal device sends the short message to the background server of the China Merchants Bank through the RF circuit 110. Verify the package.

Alternatively, the processor 170 determines the first server based on the short message sender number.

For example, the content of the short message received by the terminal device is “You pass the bank card with the tail number 3578”, and the bank transfer of the agricultural bank with the tail number of 1346 fails. The transfer amount will be returned within one hour. For your account, you can call 95599 for details, and the processor 170 determines the short The sender's number of the letter is the customer service number of the Agricultural Bank. Therefore, the processor 170 determines that the first server is the background server of the Agricultural Bank, and the terminal device sends the SMS verification packet to the background server of the Agricultural Bank through the RF circuit 110.

S240. The terminal device receives the verification result that is determined by the first server according to the verification information, and the verification result is used to indicate whether the short message is legal.

Optionally, after the terminal device receives the verification result sent by the first server by using the RF circuit 110, the processor 170 performs a marking process on the short message. For example, when the short message is displayed on the display unit 130, the short message is displayed at the same time as illegal or illegal. For example, when the processor 170 determines that the short message is an illegal short message according to the short message verification result, the prompt information of the “received short message is a spam message from the pseudo base station” is displayed on the display unit 130, so that the user can clearly know the short message. The source, and thus the corresponding processing, to ensure the information security of the terminal device, to avoid the user being defrauded.

Alternatively, when the processor 170 determines that the short message is invalid according to the verification result, when the short message is displayed on the display unit 130, only the short message content is displayed, and the identifier of the short message sender is not displayed.

FIG. 4 illustrates a method for verifying the legitimacy of a message according to another embodiment of the present application. As shown in FIG. 4, the method 300 includes:

S301: The terminal device performs key agreement with the second server, and the second server performs key negotiation with the first server.

Optionally, the second server refers to a server of the terminal device manufacturer. For example, if the terminal device is a Huawei mobile phone, the second server is a Huawei server.

Optionally, the process of performing key agreement between the terminal device and the second server may include the following steps:

The terminal device transmits the identity of the terminal device to the second server through the RF circuit 110. The second server sends the public parameter used in the key negotiation process and the second server identifier to the terminal device, where the public parameter refers to the key negotiation process, and the backup is retained on the terminal device and the second server, and The parameters with the same value in the backups retained by the two include system feature values, coefficient bases, and hash functions. The processor 170 of the terminal device calculates the private key of the terminal device according to the public parameter and the identifier of the terminal device, calculates the second server public key according to the public parameter and the second server identifier, and passes the encrypted second server public key to the RF circuit 110. Send to the second server. The second server calculates the second server private key according to the public parameter and the second server identifier, calculates the terminal device public key according to the public parameter and the identifier of the terminal device, and sends the encrypted terminal device public key to the terminal device.

Afterwards, the processor 170 of the terminal device calculates the terminal device verification value according to the encrypted terminal device public key and the pseudo random code of the terminal device by bilinear mapping, where the terminal device verification value is equal to the encrypted terminal device public key. And the product of the mapping value obtained by performing the two-line mapping of the terminal device private key and the pseudo random code of the terminal device. The second server calculates a second server verification value according to the encrypted second server public key and the second server pseudo random code through a bilinear mapping, wherein the second server verification value is equal to the encrypted second server public key And the product of the mapping value obtained by bilinear mapping of the second server private key and the pseudo random code of the second server.

Finally, the processor 170 of the terminal device determines the accuracy of the key agreement by comparing the terminal device verification value with the second server verification value. The second server determines the accuracy of the key negotiation by comparing the terminal device verification value with the second server verification value. The key agreement process is accurate when the processor 170 and the second server of the terminal device determine that the terminal device verification value is the same as the second server verification value. Then, when the terminal device communicates with the second server, the information is encrypted by using the key calculated in the above key negotiation process. For example, the terminal device encrypts the information to be sent to the second server by using the public key of the second server. Correspondingly, the second server decrypts the information sent by the terminal device by using its own private key.

Optionally, the key negotiation between the second server and the first server may be the same as the method for the key negotiation between the terminal device and the second server. For brevity, details are not described herein again. Similarly, after the key negotiation succeeds, the second server encrypts the information to be sent to the first server by using the public key of the first server, and correspondingly, the first server uses the private key of the first server to receive the second server. The information sent is decrypted.

It should be noted that the foregoing method for key negotiation is only an example, and any method capable of performing key agreement can be applied to the embodiment of the present application.

S302. The terminal device receives the short message.

S303. The terminal device performs hash processing on the received short message.

The processor 170 of the terminal device performs a hash calculation on the short message and obtains a hash value of one.

Optionally, the processor 170 may perform a hash calculation on the short message directly, and the processor 170 may first determine whether the short message is a target type short message, and when the short message is determined to be a target type short message, the short message is hashed. The method for the processor 170 to determine whether the short message is the target type of the short message is the same as the implementation method of the method S200 in the method 200. For brevity, details are not described herein again.

S304: The terminal device acquires the identifier information, and generates the verification information, where the verification information includes the identifier information and the hash value obtained in S303.

Alternatively, the identification information may be any information that can be uniquely indexed to the terminal device and to a particular user. For example, the identification information includes the ID of the terminal device, the current mobile phone number, the sending time of the short message, or the account information of the user. The account information of the user may be the account information of the user logging in to the second server through the terminal device, or the account information of the user may be the user ID of the user logging in to the payment application.

S305. The terminal device encrypts the verification information, and sends the verification information to the second server.

Specifically, in some embodiments, the processor 170 of the terminal device encrypts the authentication information by using the public key of the second server generated in the key negotiation process in S301, and then transmits the verification information to the second server through the RF circuit 110.

S306. The second server decrypts the received verification information, confirms that the verification information is from a legal terminal device, and encrypts the verification information.

Specifically, in some embodiments, after receiving the verification information, the second server decrypts the verification information by using its own private key. If the decryption is successful, the second server determines that the terminal device is a legitimate terminal device. Or the second server can successfully decrypt the verification information, and the verification information has a specific format, and the second server determines that the terminal device is a legitimate terminal device.

In the embodiment of the present application, the terminal device is legally understood as a terminal device that is authenticated by the second server.

S307. The second server sends the encrypted verification information and the signature of the second server to the first server.

The second server determines, according to the sender number of the short message, that the server that sends the short message is the first server, and uses the public key of the first server determined according to the key negotiation process in S301 to encrypt the verification information and join the signature of the second server. Sent to the first server. Here, the signature of the second server is sent to the first server for informing the sender of the first server to verify the information and the verification information has been verified by the second server to originate from the legal terminal device.

It can be understood that the first server is the sending server of the message that the second server considers, but in fact, the first server may be the sending server of the message, or may not be the sending server of the message. For example, in the case where the message is transmitted by the pseudo base station to the terminal device, the first server is not the transmitting server of the message.

S308. The first server decrypts the received verification information.

The first server decrypts using the received verification information sent by the second server corresponding to its own private key.

S309. The first server verifies whether the short message is legal according to the verification information.

Specifically, in some embodiments, the first server determines, according to the identification information in the verification information, whether there is a short message sent to the terminal device, and when the third-party server determines that the short message is not sent to the terminal device, the first The server can directly determine that the short message received by the terminal device is illegal. When the first server determines that there is a short message sent to the terminal device according to the identification information, the first server performs a hash calculation on the short message to obtain a hash value of 2. After that, the first server compares the hash value 2 with the hash value 1. If the hash value 2 matches the hash value 1, it is confirmed that the short message received by the terminal device is indeed from the first server, that is, the terminal. The SMS received by the device is a legitimate SMS.

S310. The first server sends the verification result to the second server.

S311. The second server sends the verification result to the terminal device.

S312. The terminal device receives the verification result sent by the second server.

S313. The terminal device performs marking processing on the short message according to the verification result.

Optionally, after the terminal device receives the verification result sent by the second server by using the RF circuit 110, the processor 170 performs a marking process on the short message. For example, when the short message is displayed on the display unit 130, the short-time legal or illegal display is simultaneously displayed. For example, when the processor 170 determines that the short message is an illegal short message according to the verification result, the prompt information of “the received short message is a spam message from the pseudo base station” is displayed on the display unit 130, so that the user can clearly know the short message. The source, and thus the corresponding processing, to ensure the information security of the terminal device, to avoid the user being defrauded.

Alternatively, when the processor 170 determines that the short message is invalid according to the verification result, when the short message is displayed on the display unit 130, only the short message content is displayed, and the identifier of the short message sender is not displayed.

The method for verifying the legitimacy of a message according to an embodiment of the present application is described in detail above with reference to FIG. 3 and FIG. 4. The terminal device according to the embodiment of the present application will be described in detail below with reference to FIG.

FIG. 5 is a schematic block diagram of a terminal device according to an embodiment of the present application. As shown in FIG. 5, the terminal device 10 includes: a transceiver module 11 and a processing module 12;

The processing module 12 is configured to determine summary information of the message received by the transceiver module;

The processing module 12 is further configured to generate the verification information, where the verification information includes the summary information and the identifier information, where the identifier information is used to identify the terminal device;

The transceiver module 11 is configured to send the verification information to the first server, where the first server is a server that is sent by the processing module 12 to send the message;

The transceiver module 11 is further configured to receive a verification result that is sent by the first server according to the verification information, where the verification result is used to indicate whether the message is legal.

Therefore, after receiving the message, the terminal device according to the embodiment of the present application generates verification information related to the message, and sends the verification information to the server that sends the message determined by the terminal device, so that the server verifies whether the message is legal according to the verification information. And send the verification result to the terminal device. The user can accurately determine whether the message is legal, prevent the user from being blinded by illegal messages, and improve the user experience.

In the embodiment of the present application, the transceiver module 11 is specifically configured to: send the verification information to the second server, so that the second server sends the verification information to the first server.

In the embodiment of the present application, the transceiver module 11 is specifically configured to: receive the verification result that is forwarded by the first server by using the second server.

In the embodiment of the present application, the processing module 12 is further configured to: before the sending and receiving module 11 sends the verification information to the second server, encrypt the verification information by using a first key, where The first key corresponds to a second key, and the second key is a key used by the second server to decrypt the verification information encrypted by using the first key.

In the embodiment of the present application, the processing module 12 is further configured to: according to the verification result, indicate whether the message is legal.

In the embodiment of the present application, optionally, the identifier information includes at least one of the following information: an identifier ID of the terminal device, a mobile phone number of the terminal device, a sending time of the message, and an account of the user. information.

In the embodiment of the present application, optionally, the summary information is a hash value.

In the embodiment of the present application, optionally, before the processing module 12 determines the summary information of the message, the processing module 12 is further configured to: determine that the message is a target class message, and the target class message is Content related to the user's privacy and/or property.

It should be understood that the terminal device 10 herein is embodied in the form of a functional module. The term "module" as used herein may refer to an application specific integrated circuit ("ASIC"), an electronic circuit, a processor for executing one or more software or firmware programs (eg, a shared processor, a proprietary A processor or group processor, etc.) and memory, merge logic, and/or other suitable components that support the functions described. In an alternative example, those skilled in the art may understand that the terminal device 10 may be used to perform various processes and/or steps in the method 200 or 300 in the foregoing method embodiments. To avoid repetition, details are not described herein again.

FIG. 6 shows a server according to an embodiment of the present application. As shown in FIG. 6, the server 20 includes Transceiver module 21, processing module 22;

The transceiver module 21 is configured to receive the verification information sent by the terminal device, where the verification information includes digest information and identifier information, where the digest information corresponds to the message received by the terminal device, The identification information is used to identify the terminal device;

The transceiver module 21 is further configured to send the verification information to the first server, where the first server is a server that is sent by the server to send the message, so that the first server determines according to the verification information. After the message is legal, the terminal device sends a verification result indicating whether the message is legal.

Therefore, the server according to the embodiment of the present application sends the verification information to the first server that is sent by the first server to send the message according to the received verification information sent by the terminal device, so that the first server verifies the message according to the verification information. After the legality, the verification result is sent to the terminal device. Therefore, the user can accurately determine whether the message is legal, and prevent the user from being blinded by the illegal message, thereby improving the user experience.

In the embodiment of the present application, before the sending and receiving module 21 sends the verification information to the first server, the processing module 22 is configured to: determine that the terminal device is a terminal that has been authenticated by the server. device.

In the embodiment of the present application, the transceiver module 21 is further configured to: receive the verification result sent by the first server; and send the verification result to the terminal device.

In the embodiment of the present application, the transceiver module 21 is specifically configured to: receive the verification information that is encrypted by the terminal device by using a first key;

The processing module 22 is further configured to: determine, by using the second key, the verification information that is encrypted by using the first key, to determine whether the terminal device is a terminal device that has been authenticated by the server, The second key corresponds to the first key.

In the embodiment of the present application, optionally, the first identifier information includes at least one of the following information: an identifier ID of the terminal device, a mobile phone number of the terminal device, a sending time of the message, and a user. Account information.

It should be understood that the server 20 herein is embodied in the form of a functional module. The term "module" as used herein may refer to an application specific integrated circuit ("ASIC"), an electronic circuit, a processor for executing one or more software or firmware programs (eg, a shared processor, a proprietary A processor or group processor, etc.) and memory, merge logic, and/or other suitable components that support the functions described. In an alternative example, those skilled in the art can For example, the server 20 may be used to perform various processes and/or steps in the method 200 or 300 in the foregoing method embodiments. To avoid repetition, details are not described herein again.

FIG. 7 is a schematic block diagram of a server according to another embodiment of the present application. As shown in FIG. 7, the server 30 includes:

The transceiver module 31 is configured to receive the verification information sent by the terminal device, where the verification information includes the digest information and the identifier information, where the digest information is corresponding to the message received by the terminal device, where the identifier information is used to identify the Terminal device

The processing module 32 is configured to determine, according to the verification information, whether the message is sent to the terminal device;

The processing module 32 is further configured to determine whether the message is legal according to the determined result of whether the message is sent to the terminal device.

The transceiver module 31 is further configured to send a verification result to the terminal device, where the verification result is used to indicate whether the message is legal.

Therefore, the server according to the present application receives the verification information sent by the terminal device, and after verifying whether the message is legal according to the verification information, sends the verification result to the terminal device. This enables the user to accurately determine whether the message is legal, to prevent the user from being blinded by illegal messages, and to enhance the user experience.

In the embodiment of the present application, optionally, the transceiver module 31 is specifically configured to:

Receiving the verification information that is forwarded by the terminal device through the second server.

In the embodiment of the present application, optionally, the transceiver module 31 is specifically configured to:

Sending the verification result to the second server, so that the second server forwards the verification result to the terminal device.

In the embodiment of the present application, the processing module 32 is specifically configured to: when determining to send a message to the terminal device according to the identifier information, determining, corresponding to the message sent to the terminal device, The summary information is determined to be sent to the terminal device when it is determined that the digest information corresponding to the message sent to the terminal device matches the digest information included in the verification information.

In the embodiment of the present application, optionally, the identifier information includes at least one of the following information: an identifier ID of the terminal device, a mobile phone number of the terminal device, a sending time of the message, and an account of the user. information.

In the embodiment of the present application, optionally, the summary information is a hash value.

It should be understood that the server 30 herein is embodied in the form of functional modules. The term "module" here May refer to an Application Specific Integrated Circuit ("ASIC"), an electronic circuit, a processor (eg, a shared processor, a proprietary processor, or a group processor) for executing one or more software or firmware programs. And memory, merge logic, and/or other suitable components that support the described functionality. In an alternative example, those skilled in the art may understand that the server 30 may be used to perform various processes and/or steps in the method 200 or 300 in the foregoing method embodiments. To avoid repetition, details are not described herein again.

FIG. 8 is a schematic block diagram of a terminal device according to still another embodiment of the present application. The terminal device 1000 shown in FIG. 8 includes a receiver 1100, a transmitter 1200, a processor 1300, and a memory 1400. The processor 1300 controls the operation of the terminal device 1000 and can be used to process signals. Memory 1400 can include read only memory and random access memory and provides instructions and data to processor 1300. The various components of terminal device 1000 are coupled together by a bus system 1500, which in addition to the data bus includes a power bus, a control bus, and a status signal bus. However, for clarity of description, various buses are labeled as bus system 1500 in the figure.

Specifically, the processor 1300 is configured to determine summary information corresponding to the message received by the receiver 1100. The processor 1300 is further configured to generate verification information, where the verification information includes the summary information and Identification information, the identifier information is used to identify the terminal device, and the sender 1200 is configured to send the verification information to the first server, where the first server sends the message determined by the processor 1300. The server 1100 is configured to receive a verification result that is sent by the first server and is determined according to the verification information, where the verification result is used to indicate whether the message is legal.

It should be understood that the terminal device 1000 according to the embodiment of the present application may correspond to the terminal device 10 of the embodiment of the present application, and each unit and module in the terminal device 1000 and the other operations and/or functions described above are respectively implemented to implement the method 200 or 300. The corresponding process, for the sake of brevity, will not be described here.

Therefore, after receiving the message, the terminal device according to the embodiment of the present application generates verification information related to the message, and sends the verification information to the server that sends the message determined by the terminal device, so that the server verifies whether the message is legal according to the verification information. And send the verification result to the terminal device. The user can accurately determine whether the message is legal, prevent the user from being blinded by illegal messages, and improve the user experience.

FIG. 9 is a schematic block diagram of a server according to still another embodiment of the present application. The server 2000 shown in FIG. 9 includes a receiver 2100, a transmitter 2200, a processor 2300, and a memory 2400. Processor The 2300 controls the operation of the server 2000 and can be used to process signals. Memory 2400 can include read only memory and random access memory and provides instructions and data to processor 2300. The various components of server 2000 are coupled together by a bus system 2500, which in addition to the data bus includes a power bus, a control bus, and a status signal bus. However, for clarity of description, various buses are labeled as bus system 2500 in the figure.

Specifically, the receiver 2100 is configured to receive the verification information sent by the terminal device, where the verification information includes digest information and identification information, where the digest information corresponds to the message received by the terminal device, where The identifier information is used to identify the terminal device; the sender 2200 is configured to send the verification information to the first server, where the first server is a server that is sent by the server to send the message, so as to facilitate After determining whether the message is legal according to the verification information, the first server sends a verification result to the terminal device to indicate whether the message is legal.

It should be understood that the server 2000 according to the embodiment of the present application may correspond to the server 20 in the embodiment of the present application, and each unit and module in the server 2000 and the other operations and/or functions described above are respectively implemented to implement the method 200 or 300. The corresponding process, for the sake of brevity, will not be described here.

Therefore, the server according to the embodiment of the present application sends the verification information to the first server that is sent by the first server to send the message according to the received verification information sent by the terminal device, so that the first server verifies the message according to the verification information. After the legality, the verification result is sent to the terminal device. Therefore, the user can accurately determine whether the message is legal, and prevent the user from being blinded by the illegal message, thereby improving the user experience.

FIG. 10 is a schematic block diagram of a server according to still another embodiment of the present application. The server 3000 shown in FIG. 10 includes a receiver 3100, a transmitter 3200, a processor 3300, and a memory 3400. The processor 3300 controls the operation of the server 3000 and can be used to process signals. Memory 3400 can include read only memory and random access memory and provides instructions and data to processor 3300. The various components of server 3000 are coupled together by a bus system 3500 that includes, in addition to the data bus, a power bus, a control bus, and a status signal bus. However, for clarity of description, various buses are labeled as bus system 3500 in the figure.

Specifically, the receiver 3100 receives the verification information sent by the terminal device, where the verification information includes summary information and identification information, where the summary information corresponds to the message received by the terminal device, and the identifier information is used by the identifier information. The processor 3300 is configured to determine, according to the verification information, whether the message is sent to the terminal device; the processor 3300, And a method for determining whether the message is legal according to the determined result of whether the message is sent to the terminal device; the sender 3200 is configured to send a verification result to the terminal device, where the verification result is used for Indicates whether the message is legal.

It should be understood that the server 3000 according to the embodiment of the present application may correspond to the server 30 in the embodiment of the present application, and the units and modules in the server 3000 and the other operations and/or functions described above are respectively implemented to implement the method 200 or 300. The corresponding process, for the sake of brevity, will not be described here.

Therefore, the server according to the embodiment of the present application receives the verification information sent by the terminal device, and after verifying whether the message is legal according to the verification information, sends the verification result to the terminal device. This enables the user to accurately determine whether the message is legal, to prevent the user from being blinded by illegal messages, and to enhance the user experience.

It should be understood that, in the foregoing embodiment of the present application, the processor may be a central processing unit ("CPU"), and the processor may also be other general-purpose processors, digital signal processors (DSPs), and dedicated integration. Circuit (ASIC), off-the-shelf programmable gate array (FPGA) or other programmable logic device, discrete gate or transistor logic device, discrete hardware component, etc. The general purpose processor may be a microprocessor or the processor or any conventional processor or the like.

The memory can include read only memory and random access memory and provides instructions and data to the processor. A portion of the memory may also include a non-volatile random access memory. For example, the memory can also store information of the device type.

In the implementation process, each step of the above method may be completed by an integrated logic circuit of hardware in a processor or an instruction in a form of software. The steps of the method disclosed in the embodiments of the present application may be directly implemented as a hardware processor, or may be performed by a combination of hardware and software modules in the processor. The software module can be located in a conventional storage medium such as random access memory, flash memory, read only memory, programmable read only memory or electrically erasable programmable memory, registers, and the like. The storage medium is located in the memory, and the processor reads the information in the memory and combines the hardware to complete the steps of the above method. To avoid repetition, it will not be described in detail here.

Those of ordinary skill in the art will appreciate that the elements and algorithm steps of the various examples described in connection with the embodiments disclosed herein can be implemented in electronic hardware or a combination of computer software and electronic hardware. Whether these functions are performed in hardware or software depends on the specific application and design constraints of the solution. A person skilled in the art can use different methods to implement the described functions for each particular application, but such implementation should not be considered to be beyond the scope of the present application.

It will be apparent to those skilled in the art that the above description is convenient and concise for the description. For the specific working process of the system, the device and the unit, reference may be made to the corresponding process in the foregoing method embodiment, and details are not described herein again.

In the several embodiments provided by the present application, it should be understood that the disclosed systems, devices, and methods may be implemented in other manners. For example, the device embodiments described above are merely illustrative. For example, the division of the unit is only a logical function division. In actual implementation, there may be another division manner, for example, multiple units or components may be combined or Can be integrated into another system, or some features can be ignored or not executed. In addition, the mutual coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection through some interface, device or unit, and may be in an electrical, mechanical or other form.

The units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of the embodiment.

In addition, each functional unit in each embodiment of the present application may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit.

The functions may be stored in a computer readable storage medium if implemented in the form of a software functional unit and sold or used as a standalone product. Based on such understanding, the technical solution of the present application, which is essential or contributes to the prior art, or a part of the technical solution, may be embodied in the form of a software product, which is stored in a storage medium, including The instructions are used to cause a computer device (which may be a personal computer, server, or network device, etc.) to perform all or part of the steps of the methods described in various embodiments of the present application. The foregoing storage medium includes: a U disk, a mobile hard disk, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk, and the like. .

The foregoing is only a specific embodiment of the present application, but the scope of protection of the present application is not limited thereto, and any person skilled in the art can easily think of changes or substitutions within the technical scope disclosed in the present application. It should be covered by the scope of protection of this application. Therefore, the scope of protection of the present application should be determined by the scope of the claims.

Claims (38)

1. A method for verifying the legitimacy of a message, comprising:

   The terminal device determines summary information corresponding to the received message;

   The terminal device generates the verification information, where the verification information includes the summary information and the identifier information, where the identifier information is used to identify the terminal device;

   Transmitting, by the terminal device, the verification information to a first server, where the first server is a server that is sent by the terminal device to send the message;

   The terminal device receives the verification result determined by the first server according to the verification information, and the verification result is used to indicate whether the message is legal.
2. The method according to claim 1, wherein the transmitting, by the terminal device, the verification information to the first server comprises:

   The terminal device sends the verification information to the second server, so that the second server sends the verification information to the third-party server.
3. The method according to claim 2, wherein the receiving, by the terminal device, the verification result determined by the first server according to the verification information comprises:

   The terminal device receives the verification result forwarded by the first server by using the second server.
4. The method according to claim 2 or 3, wherein before the sending, by the terminal device, the verification information to the second server, the method further comprises:

   The terminal device encrypts the verification information by using a first key, where the first key corresponds to a second key, and the second key is used by the second server to decrypt The key of the verification information after a key is encrypted.
5. The method according to any one of claims 1 to 4, further comprising:

   The terminal device indicates, according to the verification result, whether the message is legal.
6. The method according to any one of claims 1 to 5, wherein the identification information comprises at least one of the following information: an identification ID of the terminal device, a mobile phone number of the terminal device, the The time the message was sent and the account information of the user.
7. The method according to any one of claims 1 to 6, wherein the summary information is a hash value.
8. Method according to any one of claims 1 to 7, characterized in that at the end Before the end device determines the summary information of the message, the method further includes:

   The terminal device determines that the message is a target class message, and the target class message is a message related to content privacy and/or property of the user.
9. A method for verifying the legitimacy of a message, comprising:

   The second server receives the verification information sent by the terminal device, where the verification information includes summary information and identification information, where the summary information corresponds to the message received by the terminal device, and the identifier information is used to identify the Terminal Equipment;

   Sending, by the second server, the verification information to the first server, where the first server is a server that is sent by the second server to send the message, so that the first server determines the After the message is legal, a verification result indicating whether the message is legal is sent to the terminal device.
10. The method according to claim 9, wherein before the sending, by the second server, the verification information to the first server, the method further comprises:

    The second server determines that the terminal device is a terminal device that has been authenticated by the second server.
11. The method according to claim 9 or 10, wherein the method further comprises:

    The second server receives the verification result sent by the first server;

    The second server sends the verification result to the terminal device.
12. The method according to claim 9, wherein the receiving, by the second server, the verification information sent by the terminal device comprises:

    The second server receives the verification information that is encrypted by the terminal device by using a first key;

    The method further includes:

    Determining, by the second server, whether the terminal device is a terminal device that has been authenticated by the second server, according to a result of decrypting the verification information encrypted by using the first key by using a second key, The second key corresponds to the first key.
13. The method according to any one of claims 9 to 12, wherein the identification information comprises at least one of the following information: an identification ID of the terminal device, a mobile phone number of the terminal device, the The time when the message was sent and the account information of the user.
14. A method for verifying the legitimacy of a message, comprising:

    The first server receives the verification information sent by the terminal device, where the verification information includes a digest message Information and identifier information, the summary information corresponding to the message received by the terminal device, the identifier information being used to identify the terminal device;

    Determining, by the first server, whether the message is sent to the terminal device according to the verification information;

    Determining, by the first server, whether the message is legal according to the determined result of whether the message is sent to the terminal device;

    The first server sends a verification result to the terminal device, where the verification result is used to indicate whether the message is legal.
15. The method according to claim 14, wherein the receiving, by the first server, the verification information sent by the terminal device comprises:

    The first server receives the verification information that is forwarded by the terminal device by using a second server.
16. The method according to claim 15, wherein the sending, by the first server, the verification information to the terminal device comprises:

    The first server sends the verification result to the second server, so that the second server forwards the verification result to the terminal device.
17. The method according to any one of claims 13 to 15, wherein the first server determines whether to send the message to the terminal device according to the verification information, including:

    When the first server determines to send a message to the terminal device according to the identifier information, the first server determines summary information corresponding to the message that is sent to the terminal device;

    When the first server determines that the digest information corresponding to the message sent to the terminal device matches the digest information included in the verification information, the first server determines to send the message to the terminal device.
18. The method according to any one of claims 13 to 17, wherein the identification information comprises at least one of the following: an identification ID of the terminal device, a mobile phone number of the terminal device, the The time the message was sent and the account information of the user.
19. The method according to any one of claims 13 to 18, wherein the summary information is a hash value.
20. A terminal device, comprising: a receiver, a transmitter, and a processor;

    The processor is configured to determine summary information corresponding to the message received by the receiver;

    The processor is further configured to generate the verification information, where the verification information includes the summary information and the identifier information, where the identifier information is used to identify the terminal device;

    The transmitter is configured to send the verification information to a first server, where the first server is a server that is sent by the processor to send the message;

    The receiver is configured to receive a verification result that is sent by the first server and that is determined according to the verification information, where the verification result is used to indicate whether the message is legal.
21. The terminal device according to claim 20, wherein the transmitter is specifically configured to:

    Sending the verification information to the second server, so that the second server sends the verification information to the first server.
22. The terminal device according to claim 21, wherein the receiver is specifically configured to:

    Receiving the verification result forwarded by the first server by the second server.
23. The terminal device according to claim 21 or 22, wherein the processor is further configured to:

    Before the sender sends the verification information to the second server, encrypting the verification information by using a first key, where the first key corresponds to a second key, and the second key is The second server is configured to decrypt a key of the verification information encrypted by using the first key.
24. The terminal device according to any one of claims 20 to 23, wherein the processor is further configured to:

    According to the verification result, it is indicated whether the message is legal.
25. The terminal device according to any one of claims 20 to 24, wherein the identification information comprises at least one of the following information: an identification ID of the terminal device, a mobile phone number of the terminal device, and a location The sending time of the message and the account information of the user.
26. The terminal device according to any one of claims 20 to 25, wherein the summary information is a hash value.
27. The terminal device according to any one of claims 20 to 26, wherein before the processor determines the digest information of the message, the processor is further configured to:

    The message is determined to be a target class message, which is a message related to the privacy and/or property of the user.
28. A server, comprising: a receiver, a transmitter, and a processor;

    The receiver is configured to receive the verification information sent by the terminal device, where the verification information includes digest information and identification information, where the digest information corresponds to the message received by the terminal device, where the identifier is The information is used to identify the terminal device;

    The sender is configured to send the verification information to a first server, where the first server is a server that is sent by the server to send the message, so that the first server determines the After the message is legal, a verification result indicating whether the message is legal is sent to the terminal device.
29. The server according to claim 28, wherein before the transmitter transmits the verification information to the first server, the processor is configured to:

    Determining that the terminal device is a terminal device that has been authenticated by the server.
30. The server according to claim 28 or 29, wherein the receiver is further configured to:

    Receiving the verification result sent by the first server;

    The transmitter is specifically configured to: send the verification result to the terminal device.
31. The server according to claim 29, wherein the receiver is specifically configured to:

    Receiving the verification information that is encrypted by the terminal device by using a first key;

    Wherein, the processor is further configured to:

    Determining, according to a result of decrypting the verification information that is encrypted by using the first key, using the second key, determining whether the terminal device is a terminal device that has been authenticated by the server, the second key and the The first key corresponds.
32. The server according to any one of claims 28 to 31, wherein the identification information comprises at least one of the following: an identification ID of the terminal device, a mobile phone number of the terminal device, the The time the message was sent and the account information of the user.
33. A server, comprising: a receiver, a transmitter, and a processor;

    The receiver is configured to receive the verification information sent by the terminal device, where the verification information includes summary information and identification information, where the summary information corresponds to the message received by the terminal device, and the identifier information is used by the identifier information. Identifying the terminal device;

    The processor is configured to determine, according to the verification information, whether the message is sent to the terminal device;

    The processor is further configured to: according to the determined whether the message is sent to the terminal device As a result, it is determined whether the message is legal;

    The sender is configured to send a verification result to the terminal device, where the verification result is used to indicate whether the message is legal.
34. The server according to claim 33, wherein the receiver is specifically configured to:

    Receiving the verification information that is forwarded by the terminal device through the second server.
35. The server according to claim 34, wherein the transmitter is specifically configured to:

    Sending the verification result to the second server, so that the second server forwards the verification result to the terminal device.
36. The server according to any one of claims 33 to 35, wherein the processor is specifically configured to:

    Determining, according to the identifier information, when the message is sent to the terminal device, the summary information corresponding to the message sent to the terminal device;

    When it is determined that the digest information corresponding to the message sent to the terminal device matches the digest information included in the verification information, it is determined that the message is sent to the terminal device.
37. The server according to any one of claims 32 to 36, wherein the identification information comprises at least one of the following: an identification ID of the terminal device, a mobile phone number of the terminal device, the The time the message was sent and the account information of the user.
38. The server according to any one of claims 32 to 37, wherein the summary information is a hash value.

Images