The latter, I believe, is using NBAR, and if that's correct, there's various implementations of NBAR that can vary in how they determine if a packets belongs to one of the protocols that implementation of NBAR "knows".
In general, NBAR might just be a "pretty face" for a match that could be done as well with a simple ACL ACE or it might encompass deep packet inspection. To determine what criteria NBAR uses for matching, you need to find documentation on your particular implementation.