CN103763686A

CN103763686A - Processing method and device for short messages

Info

Publication number: CN103763686A
Application number: CN201310718463.7A
Authority: CN
Inventors: 赵赟昊; 万仁国
Original assignee: Beijing Qihoo Technology Co Ltd
Current assignee: Beijing Qihoo Technology Co Ltd
Priority date: 2013-12-23
Filing date: 2013-12-23
Publication date: 2014-04-30

Abstract

The invention provides a processing method and device for short messages. The method comprises the steps of determining the fact that the received short messages comprise payment information, deleting the short messages from an inbox of a system, and saving the short messages in private space. According to the processing method, malicious software in a mobile terminal can not obtain the payment information in the short messages, and therefore the payment safety can be improved.

Description

The processing method of short message and device

Technical field

The present invention relates to the communications field, particularly relate to a kind of SMS processing and device.

Background technology

In recent years, the mobile terminal of operating system is installed more and more.The terminal that operating system has been installed can be as PC, by user's program that the third party service provider such as mounting software, game, navigation provides voluntarily, by this class method, constantly the function of terminal equipment is expanded, and can realize wireless network access by mobile communication network.

Along with the increasing of mobile terminal of operating system is installed, the quantity that operates in the application software (APP) on mobile terminal operating system has also had the explosive growth that is geometric progression.Most of application software are all that third party provides, and when terminal equipment operation application software, have likely introduced the Malwares such as wooden horse, fishing.

On-line payment refers to when the seller and the buyer conclude the business by the e-commerce website on internet (Internet), and bank is its a kind of business that online capital settlement service is provided.It provides a quick and easy E-business applications environment and online capital settlement instrument for enterprises and individuals.When carrying out on-line payment, common bank can pass through short message (that is, note) and to user, send the payment informations such as identifying code, and then, user inputs the identifying code of receiving on Internet, to complete on-line payment.

After the mobile terminal that includes Malware is received the payment informations such as identifying code, Malware may be stolen the short message that comprises payment information by inbox, and this payment information is sent to third party, thereby user's safety of payment is threatened.

Summary of the invention

In view of the problem that the above-mentioned existing note that comprises payment information is easily revealed, the present invention has been proposed to a kind of overcome the problems referred to above or the SMS processing addressing the above problem at least in part and device are provided.

According to one aspect of the present invention, a kind of SMS processing is provided, comprising: determine in the short message receiving and comprise payment information; From the inbox of system, delete short message, and short message is kept in privacy space.

Alternatively, determine that in the short message receiving, comprising payment information comprises: for interception software arranges the limit priority that receives short message; In the definite short message receiving of interception software, comprise payment information.

Alternatively, determine in the short message receiving and comprise payment information, comprising: in the short message that judgement receives, whether comprise verification code information, and whether addresser's number of short message belongs to predetermined set; When the addresser's number that comprises verification code information and short message in the short message receiving belongs to predetermined set, determine in the short message receiving and comprise payment information, wherein, predetermined set is comprised of the SMS sender number of Net silver.

Alternatively, in short message is kept to privacy space before, said method also comprises: being that privacy space is random generates secret key, and secret key is kept in encrypt file, for password is read in the file setting in privacy space.

Alternatively, in short message is kept to privacy space after, said method also comprises: prompting user in privacy space, process short message.

Alternatively, if the application software in mobile terminal gets short message, said method also comprises: the process that interception dynamic base is loaded into short message service place; The address of the input and output control function in process is replaced with to the first address of interception dynamic base; When application software is called short message service and sent SMS message, based on the first address, carry out interception dynamic base, to obtain the information of application software; The information of display application software and short message; According to the instruction from user, determine whether to allow application software to call short message service and send SMS message.

Alternatively, according to the instruction from user, determining whether to allow application software to call short message service sends SMS message and comprises: in the case of receiving from user's permission application software, call short message service sends SMS message, determine that allowing application software to call short message service sends SMS message, according to the address of short message service, carry out the transmission of short message, and return to active service result to application software; Or, in the case of receiving from user's the application software that do not allow, call short message service sends SMS message, determine that not allowing application software to call short message service sends SMS message, stop application software to call short message service and send SMS message, and return to predefined service result to application software.

Alternatively, the information of application software comprises the Name and Description of application software.

Alternatively, comprise payment information in definite short message receiving before, said method also comprises: Quick Response Code is scanned; When link corresponding to Quick Response Code belongs to dangerous chained library, link corresponding to prompting user's Quick Response Code is unsafe; According to determine whether to download the link that Quick Response Code is corresponding from user's instruction.

Alternatively, after Quick Response Code is scanned, said method also comprises: link corresponding Quick Response Code is sent to cloud server, and wherein, the link that Quick Response Code is corresponding is that server is judged whether belong to dangerous chained library beyond the clouds; Reception is from the indication information of cloud server, and indication information is used to indicate the link that Quick Response Code is corresponding and whether belongs to dangerous chained library.

Alternatively, when link corresponding to Quick Response Code belongs to secure link, link corresponding to prompting user's Quick Response Code is safe.

According to a further aspect in the invention, provide a kind of short message processing apparatus, having comprised: determining unit, for determining that the short message receiving comprises payment information; Delete cells, deletes short message for the inbox from system; Storage unit, for being kept at short message in privacy space.

Alternatively, determining unit also for: for interception software arranges, receive the limit priority of short message; Determine in the short message receiving and comprise payment information.

Alternatively, determining unit also for: whether the short message that receives of judgement comprises verification code information, and whether addresser's number of short message belongs to predetermined set; When the addresser's number that comprises verification code information and short message in the short message receiving belongs to predetermined set, determine in the short message receiving and comprise payment information, wherein, predetermined set is comprised of the SMS sender number of Net silver.

Alternatively, said apparatus also comprises: initialization unit, for before short message is kept to privacy space, generates secret key for privacy space is random, and secret key is kept in encrypt file, for password is read in the file setting in privacy space.

Alternatively, said apparatus also comprises: Tip element, for after short message is kept to privacy space, prompting user processes short message in privacy space.

Alternatively, said apparatus also comprises: loading unit, for getting short message in the application software of mobile terminal, is loaded into interception dynamic base the process at short message service place; Replacement unit, for replacing with the address of the input and output control function of process the first address of interception dynamic base; Performance element, while sending SMS message for calling short message service in application software, carries out interception dynamic base based on the first address, to obtain the information of application software; Display unit, for information and the short message of display application software; Determining unit also, for according to the instruction from user, determines whether to allow application software to call short message service and sends SMS message.

Alternatively, determining unit also for: in the case of receiving from user's permission application software, call short message service sends SMS message, determine that allowing application software to call short message service sends SMS message, according to the address of short message service, carry out the transmission of short message, and return to active service result to application software; Or, in the case of receiving from user's the application software that do not allow, call short message service sends SMS message, determine that not allowing application software to call short message service sends SMS message, stop application software to call short message service and send SMS message, and return to predefined service result to application software.

Alternatively, said apparatus also comprises: scanning element, for before determining that the short message receiving comprises payment information, scans Quick Response Code; Tip element, for when link corresponding to Quick Response Code belongs to dangerous chained library, link corresponding to prompting user's Quick Response Code is unsafe; Determining unit also determines whether to download from user's instruction the link that Quick Response Code is corresponding for basis.

Alternatively, said apparatus also comprises: transmitting element, for after Quick Response Code is scanned, link corresponding Quick Response Code is sent to cloud server, and wherein, the link that Quick Response Code is corresponding is that server is judged whether belong to dangerous chained library beyond the clouds; Receiving element, for receiving the indication information from cloud server, indication information is used to indicate the link that Quick Response Code is corresponding and whether belongs to dangerous chained library.

Alternatively, Tip element is for when link corresponding to Quick Response Code belongs to secure link, and link corresponding to prompting user's Quick Response Code is safe.

In the prior art, be provided with in the APP on the mobile terminal of intelligent operating system and may have the Malwares such as wooden horse, fishing, when user carries out on-line payment, may get the payment information such as identifying code by the short message in inbox, Malware in mobile terminal may get this payment information by note, and pass to third party, thereby jeopardize the safety of payment.In this application, when comprising payment information in short message, this short message is deleted from inbox, be kept in privacy space, owing to not opening to the outside world in privacy space, Malware in mobile terminal cannot obtain the payment information in this short message, thereby can improve the fail safe of payment.

Above-mentioned explanation is only the general introduction of technical solution of the present invention, in order to better understand technological means of the present invention, and can be implemented according to the content of specification, and for above and other objects of the present invention, feature and advantage can be become apparent, below especially exemplified by the specific embodiment of the present invention.

Accompanying drawing explanation

By reading below detailed description of the preferred embodiment, various other advantage and benefits will become cheer and bright for those of ordinary skills.Accompanying drawing is only for the object of preferred implementation is shown, and do not think limitation of the present invention.And in whole accompanying drawing, represent identical parts by identical reference symbol.In the accompanying drawings:

Fig. 1 is according to the flow chart of steps of a kind of SMS processing of the embodiment of the present invention one;

Fig. 2 is according to the flow chart of steps of a kind of SMS processing of the embodiment of the present invention two;

Fig. 3 is according to the flow chart of steps of a kind of SMS processing of the embodiment of the present invention three;

Fig. 4 is according to the structured flowchart of a kind of short message processing apparatus of the embodiment of the present invention four;

Fig. 5 is according to the structured flowchart of a kind of preferred short message processing apparatus of the embodiment of the present invention four;

Fig. 6 is according to the structured flowchart of the preferred short message processing apparatus of another kind of the embodiment of the present invention four;

Fig. 7 is according to the structured flowchart of another preferred short message processing apparatus of the embodiment of the present invention four.

embodiment

Exemplary embodiment of the present disclosure is described below with reference to accompanying drawings in more detail.Although shown exemplary embodiment of the present disclosure in accompanying drawing, but should be appreciated that and can realize the disclosure and the embodiment that should do not set forth limits here with various forms.On the contrary, it is in order more thoroughly to understand the disclosure that these embodiment are provided, and can be by the those skilled in the art that conveys to complete the scope of the present disclosure.

Embodiment mono-

Fig. 1 is according to the flow chart of steps of a kind of SMS processing of the embodiment of the present invention one, and this embodiment can be applied to mobile terminal side, can be applied in the safety detection module in the application software such as such as mobile phone bodyguard or mobile terminal.In this application, mobile terminal includes but not limited to be provided with the following electronic equipment of Android (Android) operating system or IOS operating system: the portable computing devices such as mobile phone, panel computer, navigator, audio frequency and/or video player, broadcast receiver, mobile TV, multifunctional remote controlller.

Hereinafter, take mobile terminal that Android system is installed as example, the principle of the embodiment of the present invention is carried out to exemplary description, but this description is only exemplary, scope of the present invention is not limited to this.As shown in Figure 1, the method comprises:

Step 102, determines in the short message receiving and comprises payment information;

Can the cycle or short message that aperiodic, ground detected in inbox whether comprise payment information, for example, whether comprise identifying code, if so, perform step 104.But, inventor's discovery, before whether the short message in detection inbox comprises payment information, this short message may have been deposited a period of time in inbox, during this period of time, Malware in mobile terminal also may get payment information from inbox, therefore, and in a preferred embodiment of the embodiment of the present invention, for example, for (tackling software, mobile phone bodyguard above-mentioned) limit priority that receives short message is set, that is, this interception software can receive short message at first; Then, then determine in the short message receiving whether comprise payment information by interception software, if do not comprise payment information, this short message is sent to inbox.In order to guarantee that tackling software has the limit priority that receives short message, can be by operating system preferential this interception software that starts before other application program launchings.Concrete, interception software can be added in the startup list that operating system carries, and the startup priority of interception software is set, when os starting, the interception software starting in list will preferentially start before other application program launchings, thereby can preferentially receive short message.By this embodiment, reduced Malware and got from inbox the possibility of payment information, improved the fail safe paying.

When carrying out on-line payment, normally by Net silver, to user's mobile terminal, send identifying code, therefore, in a preferred embodiment of the embodiment of the present invention, can set addresser's set, this addresser's set is comprised of the SMS sender number of each Net silver, the SMS sender number of Net silver can 955XX form, for example, 95588 of industrial and commercial bank, safety detection module in mobile terminal judges in the short message receiving whether comprise verification code information, and whether the addresser's number that judges this short message (for example belongs to predetermined set, this addresser's set), when the addresser's number that comprises verification code information and short message in the short message receiving belongs to predetermined set, determine in the short message receiving and comprise payment information.By the present embodiment, can determine easily in a short message whether comprise payment information.

Step 104 is deleted the short message that this comprises payment information from the inbox of system, and this short message is kept in privacy space.

Privacy space can be a privacy space in the application software such as mobile phone bodyguard, can first to privacy space, carry out initialization, for password is read in the file setting in privacy space, then, again the short message that comprises payment information is kept in privacy space, like this, after short message is put into privacy space, the Malware that does not read password just cannot obtain this short message.Wherein, in initialization procedure, system generates secret key at random, is stored in certain region of encrypt file.Preferably, after in this short message is kept to privacy space, prompting user processes short message in privacy space, for example, prompting user in privacy space to this short message read, copy, shear, the operation such as deletion, the mode of prompting can be the mode that adopts prompting frame.When prompting user reads this short message in privacy space, user can obtain payment information by this short message, thereby completes payment; When prompting user copies or shears this short message in privacy space, user can be according to other positions of short message being copied or being clipped in mobile terminal, for example, inbox, certainly, this copy operation preferably user use this payment information complete pay after carry out, thereby the safety of guaranteeing payment; When prompting user deletes this short message in privacy space, user can delete this short message from privacy space, this operation can user use this payment information complete pay after carry out so that in the fail safe of guaranteeing payment, reduce the burden in privacy space.

In the prior art, be provided with on the mobile terminal of intelligent operating system various APP can be installed, in some APP, may there is the Malwares such as wooden horse, fishing, when user carries out on-line payment, may get the payment information such as identifying code by the short message in inbox, Malware in mobile terminal may get this payment information by note, and passes to third party, thereby jeopardizes the safety of payment.In the present embodiment, when comprising payment information in short message, this short message is deleted from inbox, be kept in privacy space, owing to not opening to the outside world in privacy space, Malware in mobile terminal cannot obtain the payment information of this short message, thereby can improve the fail safe of payment.

Embodiment bis-

Fig. 2 is according to the flow chart of steps of a kind of SMS processing of the embodiment of the present invention two, and this embodiment can be applied to mobile terminal side, can be applied in the safety detection module in the application software such as such as mobile phone bodyguard or mobile terminal.Hereinafter, take mobile terminal that Android system is installed as example, principle of the present invention is carried out to exemplary description, but this description is only exemplary, scope of the present invention is not limited to this.As shown in Figure 2, the method comprises:

Step 202, determines in the short message receiving and comprises payment information;

Can the cycle or short message that aperiodic, ground detected in inbox whether comprise payment information, for example, whether comprise identifying code, if so, perform step 204.But, inventor's discovery, before whether the short message in detection inbox comprises payment information, this short message may have been deposited a period of time in inbox, during this period of time, Malware in mobile terminal also may get payment information from inbox, therefore, and in a preferred embodiment of the embodiment of the present invention, for example, for (tackling software, mobile phone bodyguard above-mentioned) limit priority that receives short message is set, that is, this interception software can receive short message at first; Then, then determine in the short message receiving whether comprise payment information by interception software, if do not comprise payment information, this short message is sent to inbox.In order to guarantee that tackling software has the limit priority that receives short message, can be by operating system preferential this interception software that starts before other application program launchings.Concrete, interception software can be added in the startup list that operating system carries, and the startup priority of interception software is set, when os starting, the interception software starting in list will preferentially start before other application program launchings, thereby can preferentially receive short message.By this embodiment, reduced Malware and got from inbox the possibility of payment information, improved the fail safe paying.

When carrying out on-line payment, normally by Net silver, to user's mobile terminal, send identifying code, therefore, the number that sends payment information is some numbers of fixing.In a preferred embodiment of the embodiment of the present invention, can set addresser's set, this addresser's set is comprised of the number of each Net silver, the number of Net silver can 955XX form, for example, whether 95588 of industrial and commercial bank, comprise verification code information in the short message that judgement receives, and whether the addresser's number that judges this short message belongs to predetermined set (for example, this addresser's set); When the addresser's number that comprises verification code information and short message in the short message receiving belongs to predetermined set, determine in the short message receiving and comprise payment information.By the present embodiment, can determine easily in a short message whether comprise payment information.

Step 204 is deleted the short message that this comprises payment information from the inbox of system, and this short message is kept in privacy space.

Privacy space can be a privacy space in the application software such as mobile phone bodyguard, can first to privacy space, carry out initialization, for password is read in the file setting in privacy space, then, again the short message that comprises payment information is kept in privacy space, like this, after short message is put into privacy space, the Malware that does not read password just cannot obtain this short message.Wherein, in initialization procedure, system generates secret key at random, is stored in certain region of encrypt file.Preferably, after in this short message is kept to privacy space, prompting user processes short message in privacy space, for example, prompting user in privacy space to this short message read, copy, shear, the operation such as deletion, the mode of prompting can be the mode that adopts prompting frame.When prompting user reads this short message in privacy space, user can obtain payment information by this short message, thereby completes payment; When prompting user copies or shears this short message in privacy space, user can be according to other positions of short message being copied or being clipped in mobile terminal, for example, inbox, certainly, this copy operation preferably user use this payment information complete pay after carry out so that the safety of guaranteeing payment; When prompting user deletes this short message in privacy space, user can delete this short message from privacy space, this operation can user use this payment information complete pay after carry out so that in the fail safe of guaranteeing payment, reduce the burden in privacy space.

In actual mechanical process; if after having adopted the operation of step 202-step 204; the application software such as Malware in mobile terminal has still got the short message that comprises payment information; and attempt payment information to send to third party; need to adopt further safeguard measure to guarantee the fail safe paying; for example, adopt step 206-step 214 to tackle the transmission of the short message that comprises payment information.Take application program, the Binder mechanism by Android system is called as example and is described service below, but this description is only exemplary, and the present invention is also applicable to other communication mechanism.

Step 206, if the application software in mobile terminal gets the short message that comprises payment information, tackles software interception dynamic base is loaded into the process at short message service place;

If the application software in mobile terminal gets the short message that comprises payment information, in Android system, find in advance the process at short message service place, interception dynamic base is loaded into the process at short message service place.According to embodiments of the invention, for example can by Android system based on application programming interface (Application Programming Interface, the API) dlopen that provides of linux system this interception dynamic base is loaded into the process at described service place.According to embodiments of the invention, before interception dynamic base is loaded into the process at short message service place, can suspend described process, the application programming interface ptrace that for example can provide by linux system realizes this pausing operation.

Step 208, replaces with the address of the input and output control function in process first address of tackling dynamic base; In a preferred embodiment of the embodiment of the present invention, this input and output control function is the IOCTL function in Binder mechanism.The first address of this interception dynamic base is used for carrying out interception dynamic base.

Step 210, when application software is called short message service and sent SMS message, carries out interception dynamic base based on the first address, to obtain the information of application software.

In specific implementation process, when application software is called service, based on the first address, carry out interception dynamic base, to obtain the information of application software and the information of calling, and the address of wanting invoked service that the information of calling can be comprised replaces with the second address of interception dynamic base.For example, when application software is called service by Binder mechanism, will arrive IOCTL function, because the address of IOCTL function has been replaced by first address of tackling dynamic base, therefore just will carry out interception dynamic base based on the first address.Now, interception dynamic base just can obtain the information of application software and the information of calling prior to Android system by IOCTL function.

According to embodiments of the invention, the information of application software comprises the Name and Description of application software, and the information of calling comprises the interface sequence number of calling and the address of wanting invoked service.Address that will invoked service replaces with the second address of interception dynamic base, can come the information of display application software and the information of calling based on this second address, and to calling, carries out processing according to the selection for calling.

Step 212, the information of display application software and short message;

For example, by mobile phone bodyguard, show the information of this application software and the short message that application software will send, whether prompting user can send this short message.If in step 210, address that will invoked service has been replaced by the second address of interception dynamic base, can be based on the second address, come the information of display application software and the information of calling, and according to carry out processing by operating system for the selection of calling on electronic equipment.

Step 214, according to the instruction from user, determines whether to allow application software to call short message service and sends SMS message.

In a preferred embodiment of the embodiment of the present invention, in the case of receiving from user's permission application software, call short message service sends SMS message, determine that allowing application software to call short message service sends SMS message, according to the address of short message service, carry out the transmission of short message, and return to active service result to application software; In the case of receiving from user's the application software that do not allow, call short message service sends SMS message, determine that not allowing application software to call short message service sends SMS message, stop application software to call short message service and send SMS message, and return to predefined service result to application software.Predefined service result can be for example to have represented to call successfully service result, to make application software think that it is successful for calling of service, and knows nothing for the interception of carrying out according to embodiments of the invention.

Embodiment tri-

Fig. 3 is according to the flow chart of steps of a kind of SMS processing of the embodiment of the present invention three, and this embodiment can be applied to mobile terminal side, can be applied in the safety detection module in the application software such as such as mobile phone bodyguard or mobile terminal.Hereinafter, take mobile terminal that Android system is installed as example, principle of the present invention is carried out to exemplary description, but this description is only exemplary, scope of the present invention is not limited to this.As shown in Figure 3, the method comprises:

Step 302, scans Quick Response Code;

At present, the application of Quick Response Code is more and more extensive, and Quick Response Code is a kind of information carrier, can be text, for example, is writing 360 mobile phone assistants; Also can be agreement, for example, be the download protocol that points to 360 mobile phone assistants; The download protocol that also third party market generates, resolves by client, can indicate download link.When Quick Response Code is text, mobile terminal can directly show this Quick Response Code, if during the download protocol that the corresponding third party of Quick Response Code market generates, may in mobile terminal, form Malware, if using, user exist the mobile terminal of Malware to receive payment information, may reveal payment information, reduce the fail safe paying.Therefore, whether the link corresponding to Quick Response Code judges safely, is conducive to improve the fail safe paying.

Step 304, judges whether safety of link that this Quick Response Code is corresponding, if so, performs step 306, otherwise, execution step 308;

When specific implementation, can be first at mobile terminal, determine whether safety of Quick Response Code, (for example parsing information that this Quick Response Code is corresponding, the link that Quick Response Code is corresponding) afterwards, if determine that this information is in the white list list setting in advance, determine that this Quick Response Code is safe Quick Response Code, thereby determine that link corresponding to Quick Response Code is safe.Wherein, white list list is the white list list of mobile terminal this locality, white list list can be that mobile terminal logs in the white list list that download cloud security service centre of cloud security service centre (also referred to as cloud server) collects in advance, preserves the security information of collecting in advance that cloud security service centre collects in advance in white list list.

If determine, this information is in the blacklist list setting in advance, and can determine that this Quick Response Code is unsafe Quick Response Code, thereby determines that link corresponding to Quick Response Code is unsafe.This blacklist list is the blacklist list of subscriber equipment this locality, can from cloud security service centre, obtain in advance, and the mode of acquisition is identical with white list list, does not repeat them here.

If after subscriber equipment is inquired about local blacklist list and white list list, determine that the information of carrying in the described two-dimension code image of identification is not when the blacklist list of subscriber equipment this locality and white list list, can send inquiry request to cloud security service centre, this inquiry request comprises the information of carrying in the two-dimension code image of described two-dimension code image and identification.

After cloud security service centre receives inquiry request, the blacklist list of inquiry cloud security service centre this locality, if this blacklist list comprises the information of identification, to subscriber equipment, send dangerous tip information, represent that this Quick Response Code is dangerous Quick Response Code, that is, unsafe Quick Response Code, thus determine that link corresponding to Quick Response Code is unsafe; The white list list of inquiry cloud security service centre this locality, if this white list list comprises the information of identification, sends safety instruction information to subscriber equipment, represents that this Quick Response Code is safe Quick Response Code, thereby determines that link corresponding to Quick Response Code is safe.

If after the blacklist list of inquiry cloud security service centre this locality and white list of file names, the information of identification is neither in the blacklist list of cloud security service centre this locality, also not in the local white list list of cloud security service centre, cloud security service centre can not prove that the information of identification is danger or safe, can return to selection information to subscriber equipment, request user selects whether to scan the selection information of described two-dimension code image.

The form of expression of blacklist list can comprise blacklist database, high-risk name single database or doubtful name single database, and wherein, blacklist database comprises communication object and illegal act record thereof.What in blacklist list, record particularly, can be the relevant information of the malfeasant communication objects such as certified swindle.For example, the mode that certain communication object is reported to send Email by a certain user is propagated false prize-winning information, with the guarantee fund's that receives the award name, gain the some units of this user by cheating, the fraud that this user can provide relevant evidence to confirm certain communication object, and the relevant information such as the sign of this communication object.

Wherein, high-risk name single database can comprise communication object and very dangerous behavior record thereof.That in high-risk name single database, records particularly, can be for being accused of relating to the relevant informations such as the communication object of the malfeasances such as swindle (as abnormal transaction value information, other users' report information etc.) and correspondence sign.As a preferred exemplary of the embodiment of the present invention, can adopt net purchase first to pay for that (user and security platform carry out agreement in advance, user is when carrying out shopping at network, if because the service that security platform provides fails to tackle in time fishing website or net purchase wooden horse, thereby cause user to suffer property loss, security platform can be in advance for user provides compensation) the high-risk name of illegal act typing single database in, also can for example, from other platforms (information promulgating platform, gaming platform), confirm the high-risk name of illegal act typing single database.

Wherein, doubtful name single database can comprise communication object and doubtful illegal act record thereof.Particularly, that in doubtful name single database, records can be for being accused of relating to the relevant informations such as the communication object of the malfeasances such as swindle (as relate to sensitive information, other users safety detection request etc.) and object identity thereof, and in more high-risk single database of its danger, communication object is low.For example, certain communication object at short notice (for example 1 week) by a large amount of user in all parts of the country, submitted to safety detection request, in these type of abnormal conditions, this communication object such as is accused of swindling at the malfeasance.Again for example, certain communication object in large quantities to its good friend send part-time, the sensitive information that relates to wealth such as supplement with money, deposit simultaneously and change at short notice login place or batch remove buddy, exit the abnormal conditions such as communication group, this type of situation may exist by the possibility of steal-number.Again for example, certain communication object service life low (for example, in 1 month), but a large amount of issue is part-time, the information such as rent a house, and may there is the malfeasant risks such as swindle in this type of situation.

It should be noted that, high-risk name single database can be collected information promulgating platform, gaming platform, communication groups such as part-time, taxi, cargo transactions, by the keyword such as such as part-time, gold coin, low price is carried out to the crawl of information, then for example, by default artificial rule (time limit of communication object, the user's of number of times, the request detection of requested safety detection location, transaction value abnormal information, net purchase abnormal information etc. in Preset Time section), or manually carry out information filtering and include.In addition, can by grab but the information that is not embodied in high-order name single database by artificial rule or artificial filtration is embodied in doubtful name single database.

Step 306, after judging that this Quick Response Code is safe Quick Response Code, can two-dimensional code display be the information of safe Quick Response Code, link corresponding to prompting user's Quick Response Code is safe, so that user uses this Quick Response Code of mobile scanning terminal according to this information, and link corresponding to Quick Response Code downloaded in relieved use.

Step 308, after judging that this Quick Response Code is safe Quick Response Code, can two-dimensional code display be the information of dangerous Quick Response Code, link corresponding to prompting user's Quick Response Code be unsafe, so that user judges whether to use this Quick Response Code of mobile scanning terminal according to this information;

Step 310, according to determining whether to use this Quick Response Code from user's instruction.

If user determines, will download the link that this Quick Response Code is corresponding, mobile terminal can receive the instruction of downloading the link that Quick Response Code is corresponding, and the link of downloading this Quick Response Code; If user determines, do not need to download the link that this Quick Response Code is corresponding, mobile terminal can receive the instruction of not downloading the link that Quick Response Code is corresponding, thereby refusal is downloaded the link of this Quick Response Code;

In the present embodiment, when link corresponding to Quick Response Code is dangerous, prompting user, and determine whether to download according to user's instruction the link that Quick Response Code is corresponding, like this, can avoid, in and dissenting situation ignorant user, the application software that Quick Response Code is corresponding is installed, can improve the fail safe of system, avoid unsafe application software to steal user's payment information.

But, if user knows the link that Quick Response Code is corresponding perfectly well, still adhere to installing the application software that Quick Response Code is corresponding, this still can cause a hidden trouble to the system safety of mobile terminal, and the application software of installation still may be stolen user's payment information.In this case, can further improve by step below the fail safe of payment.

Step 312, determines in the short message receiving and comprises payment information;

Can the cycle or short message that aperiodic, ground detected in inbox whether comprise payment information, for example, whether comprise identifying code, if so, perform step 214.But, inventor finds, before whether the short message in mobile terminal detection inbox comprises payment information, this short message may have been deposited a period of time in inbox, during this period of time, Malware in mobile terminal also may get payment information from inbox, therefore, in a preferred embodiment of the embodiment of the present invention, for example, for (tackling software, mobile phone bodyguard above-mentioned) limit priority that receives short message is set, that is, this interception software can receive short message at first; Then, then determine in the short message receiving whether comprise payment information by interception software, if do not comprise payment information, this short message is sent to inbox.In order to guarantee that tackling software has the limit priority that receives short message, can be by operating system preferential this interception software that starts before other application program launchings.Concrete, interception software can be added in the startup list that operating system carries, and the startup priority of interception software is set, when os starting, the interception software starting in list will preferentially start before other application program launchings, thereby can preferentially receive short message.By this embodiment, reduced Malware and got from inbox the possibility of payment information, improved the fail safe paying.

Step 314 is deleted the short message that this comprises payment information from the inbox of system, and this short message is kept in privacy space.

It should be noted that, step 302-step 314 can be used as an independent embodiment, by the safe barcode scanning of step 302-step 310 and the secure payment of step 312-step 314, can improve the fail safe of payment.

In actual mechanical process; if after having adopted the operation of step 302-step 314; the application software such as Malware in mobile terminal has still got the short message that comprises payment information; and attempt payment information to send to third party; need to adopt further safeguard measure to guarantee the fail safe paying; for example, adopt step 316-step 324 to tackle the transmission of the short message that comprises payment information.Take application program, the Binder mechanism by Android system is called as example and is described service below, but this description is only exemplary, and the present invention is also applicable to other communication mechanism.

Step 316, if the application software in mobile terminal gets the short message that comprises payment information, tackles software interception dynamic base is loaded into the process at short message service place;

If the application software in mobile terminal gets the short message that comprises payment information, in Android system, find in advance the process at short message service place, interception dynamic base is loaded into the process at short message service place.According to embodiments of the invention, for example can by Android system based on the API dlopen that provides of linux system this interception dynamic base is loaded into the process at described service place.According to embodiments of the invention, before interception dynamic base is loaded into the process at short message service place, can suspend described process, the application programming interface ptrace that for example can provide by linux system realizes this pausing operation.

Step 318, replaces with the address of the input and output control function in process first address of tackling dynamic base; In a preferred embodiment of the embodiment of the present invention, this input and output control function is the IOCTL function in Binder mechanism.The first address of this interception dynamic base is used for carrying out interception dynamic base.

Step 320, when application software is called short message service and sent SMS message, carries out interception dynamic base based on the first address, to obtain the information of application software.

Step 322, the information of display application software and short message;

For example, by mobile phone bodyguard, show the information of this application software and the short message that application software will send, whether prompting user can send this short message.If in step 320, address that will invoked service has been replaced by the second address of interception dynamic base, can be based on the second address, come the information of display application software and the information of calling, and according to carry out processing by operating system for the selection of calling on electronic equipment.

Step 324, according to the instruction from user, determines whether to allow application software to call short message service and sends SMS message.

Embodiment tetra-

Fig. 4 is according to the structured flowchart of a kind of short message processing apparatus of the embodiment of the present invention four, this device can be mobile terminal, also can be the device for mobile terminal, it can also be the application software being applied in mobile terminal, as mobile phone bodyguard, this device is used for realizing said method, and therefore, feature relevant with mobile terminal in said method may be used in the present embodiment.As shown in Figure 4, this device comprises:

Determining unit 402, for determining that the short message receiving comprises payment information;

Delete cells 404, deletes short message for the inbox from system;

Storage unit 406, for being kept at short message in privacy space.

In a preferred embodiment of the embodiment of the present invention, determining unit 402 also for: for interception software arranges, receive the limit priority of short message; Determine in the short message receiving and comprise payment information.

In a preferred embodiment of the embodiment of the present invention, determining unit 402 also for: whether the short message that receives of judgement comprises verification code information, and whether addresser's number of short message belongs to predetermined set; When the addresser's number that comprises verification code information and short message in the short message receiving belongs to predetermined set, determine in the short message receiving and comprise payment information, wherein, this predetermined set is comprised of the SMS sender number of Net silver.

Fig. 5 is according to the structured flowchart of a kind of preferred short message processing apparatus of the embodiment of the present invention four, and in a preferred embodiment of the embodiment of the present invention, said apparatus also comprises:

Initialization unit 502, for before short message is kept to privacy space, generates secret key for described privacy space is random, and described secret key is kept in encrypt file, for password is read in the file setting in privacy space.

In a preferred embodiment of the embodiment of the present invention, said apparatus also comprises:

Tip element 504, for after short message is kept to privacy space, prompting user processes short message in privacy space.

Fig. 6 is according to the structured flowchart of the preferred short message processing apparatus of another kind of the embodiment of the present invention four, and as shown in Figure 6, in a preferred embodiment of the embodiment of the present invention, said apparatus also comprises:

Loading unit 602, for getting short message in the application software of mobile terminal, is loaded into interception dynamic base the process at short message service place;

Replacement unit 604, for replacing with the address of the input and output control function of process the first address of interception dynamic base;

Performance element 606, while sending SMS message for calling short message service in application software, carries out interception dynamic base based on the first address, to obtain the information of application software;

Display unit 608, for information and the short message of display application software;

Determining unit 402 also, for according to the instruction from user, determines whether to allow application software to call short message service and sends SMS message.

In a preferred embodiment of the embodiment of the present invention, determining unit 402 also for:

In the case of receiving from user's permission application software, call short message service sends SMS message, determine that allowing application software to call short message service sends SMS message, according to the address of short message service, carry out the transmission of short message, and return to active service result to application software; Or

In the case of receiving from user's the application software that do not allow, call short message service sends SMS message, determine that not allowing application software to call short message service sends SMS message, stop application software to call short message service and send SMS message, and return to predefined service result to application software.

In a preferred embodiment of the embodiment of the present invention, the information of application software comprises the Name and Description of application software.

Fig. 7 is according to the structured flowchart of another preferred short message processing apparatus of the embodiment of the present invention four, and as shown in Figure 7, in a preferred embodiment of the embodiment of the present invention, said apparatus also comprises:

Scanning element 702, for before determining that the short message receiving comprises payment information, scans Quick Response Code;

Tip element 704, for when link corresponding to Quick Response Code belongs to dangerous chained library, link corresponding to prompting user's Quick Response Code is unsafe;

Determining unit 402 also determines whether to download from user's instruction the link that Quick Response Code is corresponding for basis.

Transmitting element 706, for after Quick Response Code is scanned, sends to cloud server by link corresponding Quick Response Code, and wherein, the link that Quick Response Code is corresponding is that server is judged whether belong to dangerous chained library beyond the clouds;

Receiving element 708, for receiving the indication information from cloud server, indication information is used to indicate the link that Quick Response Code is corresponding and whether belongs to dangerous chained library.

In a preferred embodiment of the embodiment of the present invention, Tip element 704 is for when link corresponding to Quick Response Code belongs to secure link, and link corresponding to prompting user's Quick Response Code is safe.

Wherein, the embodiment of Fig. 5-7 can interosculate, in conjunction with after operation can mothed of participating embodiment, repeat no more herein.

The short message processing scheme providing at this is intrinsic not relevant to any certain computer, virtual system or miscellaneous equipment.Various general-purpose systems also can with based on using together with this teaching.According to description above, the desired structure of system that structure has the present invention program is apparent.In addition, the present invention is not also for any certain programmed language.It should be understood that and can utilize various programming languages to realize content of the present invention described here, and the description of above language-specific being done is in order to disclose preferred forms of the present invention.

In the specification that provided herein, a large amount of details have been described.But, can understand, embodiments of the invention can be put into practice in the situation that there is no these details.In some instances, be not shown specifically known method, structure and technology, so that not fuzzy understanding of this description.

Similarly, be to be understood that, in order to simplify the disclosure and to help to understand one or more in each inventive aspect, in the above in the description of exemplary embodiment of the present invention, each feature of the present invention is grouped together into single embodiment, figure or sometimes in its description.But, the method for the disclosure should be construed to the following intention of reflection: the present invention for required protection requires than the more feature of feature of clearly recording in each claim.Or rather, as reflected in claims, inventive aspect is to be less than all features of disclosed single embodiment above.Therefore, claims of following embodiment are incorporated to this embodiment thus clearly, and wherein each claim itself is as independent embodiment of the present invention.

Those skilled in the art are appreciated that and can the module in the equipment in embodiment are adaptively changed and they are arranged in one or more equipment different from this embodiment.Module in embodiment or unit or assembly can be combined into a module or unit or assembly, and can put them in addition multiple submodules or subelement or sub-component.At least some in such feature and/or process or unit are mutually repelling, and can adopt any combination to combine all processes or the unit of disclosed all features in this specification (comprising claim, summary and the accompanying drawing followed) and disclosed any method like this or equipment.Unless clearly statement in addition, in this specification (comprising claim, summary and the accompanying drawing followed) disclosed each feature can be by providing identical, be equal to or the alternative features of similar object replaces.

In addition, those skilled in the art can understand, although embodiment more described herein comprise some feature rather than further feature included in other embodiment, the combination of the feature of different embodiment means within scope of the present invention and forms different embodiment.For example, in claims, the one of any of embodiment required for protection can be used with compound mode arbitrarily.

All parts embodiment of the present invention can realize with hardware, or realizes with the software module of moving on one or more processor, or realizes with their combination.It will be understood by those of skill in the art that and can use in practice microprocessor or digital signal processor (DSP) to realize according to the some or all functions of the some or all parts in the short message processing scheme of the embodiment of the present invention.The present invention can also be embodied as part or all equipment or the device program (for example, computer program and computer program) for carrying out method as described herein.Realizing program of the present invention and can be stored on computer-readable medium like this, or can there is the form of one or more signal.Such signal can be downloaded and obtain from internet website, or provides on carrier signal, or provides with any other form.

It should be noted above-described embodiment the present invention will be described rather than limit the invention, and those skilled in the art can design alternative embodiment in the case of not departing from the scope of claims.In the claims, any reference symbol between bracket should be configured to limitations on claims.Word " comprises " not to be got rid of existence and is not listed as element or step in the claims.Being positioned at word " " before element or " one " does not get rid of and has multiple such elements.The present invention can be by means of including the hardware of some different elements and realizing by means of the computer of suitably programming.In the unit claim of having enumerated some devices, several in these devices can be to carry out imbody by same hardware branch.The use of word first, second and C grade does not represent any order.Can be title by these word explanations.

The embodiment of the present invention provides A1, a kind of SMS processing, comprising:

Determine in the short message receiving and comprise payment information;

From the inbox of system, delete described short message, and described short message is kept in privacy space.

A2, according to the method described in A1, wherein, determine that in the short message that receives, comprising payment information comprises:

For interception software arranges the limit priority that receives short message;

In the definite short message receiving of described interception software, comprise payment information.

A3, according to the method described in A1, wherein, determine in the short message that receives and comprise payment information, comprising:

In the short message that judgement receives, whether comprise verification code information, and whether addresser's number of described short message belongs to predetermined set; When the addresser's number that comprises verification code information and described short message in the short message receiving belongs to predetermined set, determine in the short message receiving and comprise payment information, wherein, described predetermined set is comprised of the SMS sender number of Net silver.

A4, according to the method described in any one in A1 to 3, wherein, in described short message is kept to privacy space before, described method also comprises:

For described privacy space is random, generate secret key, and described secret key is kept in encrypt file, for password is read in the file setting in described privacy space.

A5, according to the method described in any one in A1 to 3, wherein, in described short message is kept to privacy space after, described method also comprises:

Prompting user processes described short message in privacy space.

A6, according to the method described in any one in A1 to 3, wherein, if the application software in mobile terminal gets described short message, described method also comprises:

Interception dynamic base is loaded into the process at short message service place;

The address of the input and output control function in described process is replaced with to the first address of described interception dynamic base;

When described application software is called described short message service and sent described short message, based on described the first address, carry out described interception dynamic base, to obtain the information of described application software;

Show information and the described short message of described application software;

According to the instruction from user, determine whether to allow described application software to call described short message service and send described short message.

A7, according to the method described in A6, wherein, according to the instruction from user, determine whether to allow described application software to call described short message service and send described short message and comprise:

In the case of receiving, from user's the described application software of permission, call described short message service and send described short message, determine that allowing described application software to call described short message service sends described short message, according to the address of described short message service, carry out the transmission of described short message, and return to active service result to described application software; Or

In the case of receiving, from user, do not allow described application software to call described short message service to send described short message, determine that not allowing described application software to call described short message service sends described short message, stop described application software to call described short message service and send described short message, and return to predefined service result to described application software.

A8, according to the method described in A6, wherein, the information of described application software comprises the Name and Description of described application software.

A9, according to the method described in any one in A1 to 3, wherein, before determining and comprising payment information in the short message that receives, described method also comprises:

Quick Response Code is scanned;

When link corresponding to described Quick Response Code belongs to dangerous chained library, prompting user described in link corresponding to Quick Response Code be unsafe;

According to determine whether to download the link that described Quick Response Code is corresponding from user's instruction.

A10, according to the method described in A9, wherein, after Quick Response Code is scanned, described method also comprises:

Link corresponding described Quick Response Code is sent to cloud server, and wherein, the link that described Quick Response Code is corresponding is that server is judged whether belong to dangerous chained library beyond the clouds;

Reception is from the indication information of described cloud server, and described indication information is used to indicate the link that described Quick Response Code is corresponding and whether belongs to dangerous chained library.

A11, according to the method described in A9, wherein, when link corresponding to described Quick Response Code belongs to secure link, prompting user described in link corresponding to Quick Response Code be safe.

The embodiment of the present invention also provides B12, a kind of short message processing apparatus, comprising:

Determining unit, for determining that the short message receiving comprises payment information;

Delete cells, for deleting described short message from the inbox of system;

Storage unit, for being kept at privacy space by described short message.

B13, according to the device described in B12, wherein, described determining unit also for:

Determine in the short message receiving and comprise payment information.

B14, according to the device described in B12, wherein, described determining unit also for:

B15, according to the device described in any one in B12 to 14, wherein, described device also comprises:

Initialization unit, for before described short message is kept to privacy space, generates secret key for described privacy space is random, and described secret key is kept in encrypt file, for password is read in the file setting in described privacy space.

B16, according to the device described in any one in B12 to 14, wherein, described device also comprises:

Tip element, for after described short message is kept to privacy space, prompting user processes described short message in privacy space.

B17, according to the device described in any one in B12 to 14, wherein, described device also comprises:

Loading unit, for getting described short message in the application software of mobile terminal, is loaded into interception dynamic base the process at short message service place;

Replacement unit, for replacing with the address of the input and output control function of described process the first address of described interception dynamic base;

Performance element, while sending described short message for calling described short message service in described application software, carries out described interception dynamic base based on described the first address, to obtain the information of described application software;

Display unit, for showing information and the described short message of described application software;

Described determining unit also, for according to the instruction from user, determines whether to allow described application software to call described short message service and sends described short message.

B18, according to the device described in B17, wherein, described determining unit also for:

B19, according to the device described in B17, wherein, the information of described application software comprises the Name and Description of described application software.

B20, according to the device described in any one in B12 to 14, wherein, described device also comprises:

Scanning element, for before determining that the short message receiving comprises payment information, scans Quick Response Code;

Tip element, for when link corresponding to described Quick Response Code belongs to dangerous chained library, prompting user described in link corresponding to Quick Response Code be unsafe;

Described determining unit also determines whether to download from user's instruction the link that described Quick Response Code is corresponding for basis.

B21, according to the device described in B20, wherein, described device also comprises:

Transmitting element, for after Quick Response Code is scanned, sends to cloud server by link corresponding described Quick Response Code, and wherein, the link that described Quick Response Code is corresponding is that server is judged whether belong to dangerous chained library beyond the clouds;

Receiving element, for receiving the indication information from described cloud server, described indication information is used to indicate the link that described Quick Response Code is corresponding and whether belongs to dangerous chained library.

B22, according to the device described in B20, wherein, described Tip element is for when link corresponding to described Quick Response Code belongs to secure link, it is safe pointing out link corresponding to Quick Response Code described in user.

Claims

1. a SMS processing, comprising:

Determine in the short message receiving and comprise payment information;

2. method according to claim 1, wherein, determine that in the short message receiving, comprising payment information comprises:

3. method according to claim 1, wherein, determines in the short message receiving and comprises payment information, comprising:

4. according to the method in any one of claims 1 to 3, wherein, in described short message is kept to privacy space before, described method also comprises:

5. according to the method in any one of claims 1 to 3, wherein, in described short message is kept to privacy space after, described method also comprises:

Prompting user processes described short message in privacy space.

6. according to the method in any one of claims 1 to 3, wherein, if the application software in mobile terminal gets described short message, described method also comprises:

7. method according to claim 6, wherein, according to the instruction from user, determines whether to allow described application software to call described short message service and sends described short message and comprise:

8. method according to claim 6, wherein, the information of described application software comprises the Name and Description of described application software.

9. according to the method in any one of claims 1 to 3, wherein, comprise payment information in definite short message receiving before, described method also comprises:

Quick Response Code is scanned;

10. a short message processing apparatus, comprising:

Delete cells, for deleting described short message from the inbox of system;

Storage unit, for being kept at privacy space by described short message.