TWI739010B - Electronic equipment - Google Patents

Abstract

The present invention provides an electronic device including a main circuit A board, a processor, a sensing device, and a storage medium; the main circuit board is provided with a universal integrated circuit card slot, and the universal integrated circuit card slot is provided with a universal integrated circuit card; the sensing The device is connected to the processor. The present invention stores the user's physiological characteristics information in the UICC card, and does not need to be verified by the cloud server during the identification and authentication process. Instead, the processor obtains the preset identification information in the UICC card and transfers it to It is compared with the identity information to be authenticated collected by the sensing device to realize the identity recognition authentication process.

Description

Electronic equipment

The present invention relates to the field of safety certification, in particular to an electronic device.

Universal Integrated Circuit Card (Universal Integrated Circuit Card, UICC) is a general term for smart cards with physical characteristics. If used in a terminal device on a broadband mobile network, the UICC can be used as a removable smart card in the terminal to store user information, authentication keys (including public keys and keys), payment methods and other information. The ISO/IEC International Standards Organization has formulated a series of smart card security feature agreements to ensure the secure access of UICC files by terminal devices of broadband mobile network users. UICC introduces the concept of multi-application platform and realizes a multi-channel mechanism in which multiple logic applications run at the same time. The UICC can include a variety of logic modules, such as Subscriber Identity Module (SIM), Universal Subscriber Identity Module (USIM), and IP Multimedia Service Identity Module (IP Multimedia Service Identity). Module, ISIM) and other non-telecommunications application modules such as electronic signature authentication and electronic wallets. The logic modules in UICC can exist alone, or multiple logic modules can exist at the same time.

Although UICC has been used in terminal devices related to electronic signature authentication, electronic wallets and other application modules that involve user privacy, and the ISO/IEC international standard group The security feature agreement of the organization guarantees the secure access of the terminal device to the UICC file, but it is not suitable for the mobile terminal identification which has become more and more popular. For example, fingerprint recognition, face recognition, etc., the current methods still rely on the sensing devices and application programs configured in the terminal to achieve. Conventionally, this type of recognition function is based on unlocking the terminal device as the main purpose, or considering information security. The unlocking function is realized on the application program of the recognition function. The application program or the recognition hardware processor with the recognition function only presses the input recognition image (such as fingerprint message) by the user through the software or hardware configured on the terminal device and the original storage The image (pre-set fingerprint image) of the terminal is compared, and it is not bound with the encryption function of UICC.

However, in applications such as financial payment and physiological health monitoring with higher information security, more and more rigorous identity authentication and message encryption are the general trend, especially such applications that require extreme information security are usually cloud servers. As a back-end computing processing platform. In order to ensure that the terminal device sending the physiological characteristic message is a registered terminal device, the cloud computing server generally performs security verification on the legitimacy of the terminal device. For example, in a financial transaction application, after the user sends an authentication request to the financial transaction cloud platform, the cloud platform usually sends a security verification code to the same terminal device or a different terminal device, prompting the user to enter the verification code to Improve the security of financial transactions. Even so, this cloud-verified platform still cannot improve that the user operating the terminal device is the person who legally registered the user, that is, although the verification of the legitimacy of the terminal device is achieved, it cannot identify whether the terminal device is used. The head of the household (that is, the legal user) still has a greater security risk.

For this reason, it is necessary to provide an electronic device to solve the problem that the current cloud server is unable to authenticate the user operating the terminal device, which leads to security risks in the message verification process.

In order to achieve the above object, the inventor provides an electronic device that includes a main circuit board, a processor, a sensing device, and a storage medium; the main circuit board is provided with a universal integrated circuit card slot, and The universal integrated circuit card slot is provided with a universal integrated circuit card; the sensing device is connected to the processor; an executable computer program is stored in the storage medium, and the following steps are implemented when the computer program is executed by the processor : Receive a preset identity recognition message, and write the preset identity recognition message into a universal integrated circuit card; receive an identity authentication request and the identity information to be authenticated collected by the sensing device, from the universal integrated circuit card Obtain the preset identification information, compare the to-be-authenticated identification information with the corresponding preset identification information, if the matching is successful, the identification is successful, otherwise the authentication fails.

In an embodiment of the present invention, when the computer program is executed by the processor, the step of "receiving a preset identification message and writing the preset identification message into a universal integrated circuit card" includes: receiving an external identity The preset identification information collected by the sensing device and the preset identification information is written into the universal integrated circuit card, and the external identification sensing device is a sensing device set independently of the electronic equipment.

In an embodiment of the present invention, when the computer program is executed by the processor, the step of "receiving a preset identification message and writing the preset identification message to a universal integrated circuit card" includes: receiving electronic equipment The preset body collected by the sensing device Copy identification information, and write the preset identification information into the universal integrated circuit card.

In an embodiment of the present invention, the sensing device includes any one or more of a normal camera, an infrared camera, and a microphone, and the preset identification information includes facial information, eyeball information, iris information, and voice information. Any one or more of.

In an embodiment of the present invention, when the computer program is executed by the processor, the following steps are further implemented: using an encrypted hash function to convert the default identification message into a default identification message digest, the default identification message It is stored in the general integrated circuit card in the form of a preset identification message summary.

In an embodiment of the present invention, the number of the sensing devices is multiple, and they are respectively used to collect different preset identification information; when the computer program is executed by the processor, the following steps are implemented: receiving multiple sensing devices The collected different preset identification messages are converted into preset identification message digests by using an encrypted hash function.

In an embodiment of the present invention, when the computer program is executed by the processor, the following steps are implemented: receiving multiple preset identification messages collected by the same sensing device, and using an encrypted hash function to convert the collected multiple preset identification messages Set the identification message to be converted to the default identification message summary.

In an embodiment of the present invention, when the computer program is executed by the processor, the following steps are further implemented: the authentication key is stored in the integrated circuit card, and the authentication key includes a public key and a private key ; Obtain the public key in the universal integrated circuit card, and use the RSA encryption algorithm to apply the public key to the preset identification message summary Encryption is performed to obtain a preset encrypted message, the preset encrypted message includes an encrypted preset identification message digest; after receiving the identity message to be authenticated, the encrypted hash function is used to convert the identity message to be authenticated into the identity to be authenticated Message digest; and using the RSA encryption algorithm and applying the public key to encrypt the digest of the identity message to be authenticated to obtain the encrypted message to be authenticated, the encrypted message to be authenticated including the encrypted digest of the identity message to be authenticated; obtain the general integrated circuit card The private key of RSA encryption algorithm is used to decrypt the default encrypted message with the private key to obtain the default identification message digest. The default identification message digest is compared with the identification message digest to be authenticated. If the match is successful, then The identity authentication is successful, otherwise the authentication fails.

In an embodiment of the present invention, when the computer program is executed by the processor, the following steps are further implemented: after receiving a preset identification message, a first random number string and a first random filling blank are randomly generated, and the first The random fill blank is a character randomly generated and filled in the preset identification message summary; the preset encrypted message also includes the encrypted first random number string and the first random fill blank; after receiving the identity message to be authenticated , Randomly generate a second random number string and a second randomly filled blank, the second randomly filled blank is a character randomly generated and filled in the digest of the identity message to be authenticated; obtaining the private key in the universal integrated circuit card, Use the RSA encryption algorithm and apply the private key to decrypt the preset encrypted message to obtain the first random number string and the first random padding blank; compare the first random number string with the second random number string and the first random padding Whether the blank matches the second randomly filled blank successfully, if yes, the identity authentication is successful, otherwise the authentication fails.

In an embodiment of the present invention, when the computer program is executed by the processor The following steps are also implemented: receiving an encryption level setting instruction, setting an encryption level of the electronic device, the encryption level including a first encryption level, a second encryption level, and a third encryption level; when the electronic device is at the first encryption level, determine the identity The conditions for successful authentication are that the preset identification message digest and the identification message digest to be authenticated, the first random number string and the second random number string, the first random filling blank and the second random filling blank are all matched successfully. ; When the electronic device is at the second encryption level, the condition for determining the success of the identity authentication is that the preset identity recognition message digest and the identity message digest to be authenticated match successfully, and the first random number string and the second random number string, the first Either one of the randomly filled blanks and the second randomly filled blanks is matched successfully; when the electronic device is at the third encryption level, the condition for judging successful identity authentication is that the preset identity message digest matches the identity message digest to be authenticated successfully .

The present invention stores the user's physiological characteristics information in the UICC card, and does not need to be verified by the cloud server during the identification and authentication process. Instead, the processor obtains the preset identification information in the UICC card and transfers it to Compare with the identity information to be authenticated collected by the sensing device to realize the identity recognition authentication process. Since the identity information is collected and authenticated in real time, it can be ensured that the verification operator of the device is the legal registered user himself, which effectively improves the security of the authentication process.

1: gate

2: source

3: Dip pole

4: Insulation layer

5: Light absorbing semiconductor layer

101: Touch screen or cover glass

102: display unit

105: flexible circuit board

106: main circuit board

107: Universal integrated circuit card slot

108: General integrated circuit card

D: Drain electrode

G: Gate electrode

n1, n2, i2, p1, p2: semiconductor layer

S: source electrode

S801~S804: steps

S1201~S1207: steps

S1301~S1306: steps

TFT: Thin Film Transistor

FIG. 1 is a schematic diagram of an electronic device related to an embodiment of the present invention.

FIG. 2 is a schematic circuit diagram of a pixel detection area according to an embodiment of the present invention.

FIG. 3 is a schematic diagram of the structure of a light detecting film according to an embodiment of the present invention.

4 is a schematic diagram of the structure of a light detecting film according to another embodiment of the present invention.

FIG. 5 is a schematic diagram of the cooperation of the source and drain structures according to an embodiment of the present invention.

FIG. 6 is a schematic diagram of a distribution mode of optical devices according to an embodiment of the present invention.

FIG. 7 is a flowchart of a method for preparing a light detecting film according to an embodiment of the present invention.

FIG. 8 is a schematic diagram of the photodetecting film according to an embodiment of the present invention during the preparation process.

FIG. 9 is a schematic diagram of the photodetecting film according to another embodiment of the present invention during the preparation process.

FIG. 10 is a schematic diagram of the photodetecting film according to another embodiment of the present invention during the preparation process.

FIG. 11 is a schematic diagram of the light detecting film according to another embodiment of the present invention during the preparation process.

FIG. 12 is a flowchart of steps when a computer program according to an embodiment of the present invention is executed by a processor.

FIG. 13 is a flowchart of steps when a computer program according to another embodiment of the present invention is executed by a processor.

In order to describe in detail the technical content, structural features, achieved objectives and effects of the technical solution, the following is a detailed description in conjunction with specific embodiments and accompanying drawings.

Please refer to FIG. 1, which is a schematic diagram of an electronic device related to an embodiment of the present invention; the electronic device is a device with a touch display screen, such as a smart mobile device such as a mobile phone, a tablet computer, a personal digital assistant, etc., or a personal computer, Computers and other electronic equipment for industrial equipment. The electronic equipment includes a main circuit board 106, a processor, a sensing device, and a storage medium; the main circuit board 106 is provided with a universal integrated circuit card slot 107, and the universal integrated circuit card slot 107 is provided There is a universal integrated circuit card 108. The processor is an electronic component with a data processing function, such as a central processing unit (Central Processing Unit, CPU for short), a digital signal processor (DSP for short), or a System on Chip (SoC for short). The storage medium is an electronic component with data storage function, including but not limited to: RAM, ROM, magnetic disk, tape, optical disk, flash memory, U disk, mobile hard disk, memory card, memory stick, etc.

An executable computer program is stored in the storage medium. When the computer program is executed by the processor, the following steps are implemented: receiving a preset identification message, and writing the preset identification message to a universal integrated circuit card; receiving The identity authentication request and the identity information to be authenticated collected by the sensing device, obtain the preset identity information from the universal integrated circuit card, and compare the identity information to be authenticated with the corresponding preset identity information, if If the match is successful, the identity authentication is successful, otherwise the authentication fails.

Because the preset identification information is pre-stored in the universal integrated circuit card In the (hereinafter referred to as the UICC card), the processor can obtain the preset identification information in the UICC card, and compare it with the identification information to be authenticated, so as to realize the identification and authentication process. Since the identity information is collected and authenticated in real time, it can be ensured that the verification operator of the device is the legally registered user himself. Compared with the authentication method on the cloud server, the security of the authentication process is effectively improved.

In this embodiment, the sensing device includes any one or more of a normal camera, an infrared camera, and a microphone, and the preset identification information includes any one of face information, eyeball information, iris information, and voice information. Or multiple. Specifically, an ordinary camera can be used to collect facial information and eyeball information, an infrared camera can be used to collect iris information, and a microphone can be used to collect voice information. The user can turn on different sensing devices on the electronic device according to actual needs to collect identity information. The settings of a variety of sensing devices provide users with more choices and effectively improve the user's sensory experience.

In some embodiments, when the computer program is executed by the processor, the step of "receiving a preset identification message and writing the preset identification message to a universal integrated circuit card" includes: receiving external identification sensing The device collects a preset identity recognition message, and writes the preset identity recognition message into a universal integrated circuit card, and the external identity sensing device is a sensing device set independently of the electronic device. In other embodiments, when the computer program is executed by the processor, the step of "receiving a preset identification message and writing the preset identification message into a universal integrated circuit card" includes: receiving the electronic device's feeling The preset identification information collected by the test device is written, and the preset identification information is written into the universal integrated circuit card. In short, for preset identification The input of information can be collected by sensing devices on electronic devices (such as cameras and microphones integrated on electronic devices), or it can rely on external identity sensing devices (such as external cameras, external microphones, etc.) ) To complete, so as to apply to more application scenarios.

In some embodiments, the electronic device further includes a display unit 102, the display unit 102 is disposed above the main circuit board 106, and the display unit 102 is a display that uses an active array thin film transistor as a scanning drive and transmitting data. screen. The display screen includes an AMOLED display screen or a micro light emitting diode display screen. The light transmittance of the display screen is greater than 3%, so in the process of realizing the light detection function, the luminous flux of the light passing through the display screen is large enough, and then it is received by the light detection device arranged under the display screen to realize the light detection function . In other embodiments, a touch screen or cover glass 101 is further provided above the display unit 102 to meet the requirements of different terminal products.

In some embodiments, the display unit 102 and the main circuit board 106 are connected via a flexible circuit board 105, and the flexible circuit board 105 includes a chip with an image signal reading and identifying function. The identification chip includes a fingerprint image reading chip, a fingerprint identification algorithm chip, etc. The chip model is an ADAS1256 chip from Analog Devices. Flexible circuit boards are also called flexible circuit boards and flexible circuit boards. Referred to as soft board or FPC, it is compared with ordinary hard resin circuit boards, flexible circuit boards have the advantages of high wiring density, light weight, thin thickness, less wiring space restrictions, and high flexibility. The arrangement of the flexible circuit board can make the light detection device lighter and thinner as a whole to meet market demand.

In order to enhance the security of the preset identification information in the UICC card and save the storage space of the preset identification information in the UICC card, in some embodiments, the computer program further implements the following steps when being executed by the processor: An encrypted hash function is used to convert the preset identification message into a preset identification message digest, and the preset identification message is stored in the universal integrated circuit card in the form of the preset identification message digest. The cryptographic hash function, or Hash Function (also directly transliterated as "Hash"), is to transform an input of any length (also called pre-image) into a fixed-length output through a hash algorithm. The output is the hash value. This conversion is a compression mapping, that is, the space of the hash value is usually much smaller than the space of the input, and different inputs may be hashed into the same output. In short, the cryptographic hash function is a function that compresses messages of any length to a fixed-length message digest (Digest). The storage space of the default identification message can be compressed by conversion, so that the identification message can be preset. Better storage.

In some embodiments, the number of the sensing devices is multiple, and they are used to collect different preset identification information; when the computer program is executed by the processor, the following steps are implemented: For different preset identification messages of, an encrypted hash function is used to convert the collected multiple preset identification messages into preset identification message digests. In other embodiments, when the computer program is executed by the processor, the following steps are implemented: receiving multiple preset identification messages collected by the same sensing device, and using an encrypted hash function to convert the multiple preset identities collected The identification message is converted to the default identification message summary.

For example, the default identification message can be a multi-segment voice message, and the user can By sequentially inputting multiple segments of different voice messages through the microphone of the electronic device, the processor receives multiple segments of voice messages (that is, multiple preset identification messages collected by the same sensing device), and uses an encrypted hash function to collect multiple segments of voice The message is converted into a voice summary. For another example, if multiple preset identification messages include a certain segment of voice message and face message, an encrypted hash function will be used to convert the face message and the voice message into a corresponding identification digest. There are multiple preset identification messages, on the one hand, it provides users with more choices, on the other hand, it also effectively improves the security and accuracy of identity message authentication.

As shown in FIG. 12, it is a flowchart of steps when a computer program according to an embodiment of the present invention is executed by a processor. When the computer program is executed by the processor, the following steps are also implemented: first, step S1201 is entered to store the authentication key in the integrated circuit card, the authentication key includes a public key and a private key; and then step S1202 is entered. Obtain the public key in the universal integrated circuit card, and use the RSA encryption algorithm to apply the public key to encrypt the default identification message digest to obtain the default encrypted message, which includes the encrypted default identity Identify the message digest; and then enter step S1203 to receive the identity message to be authenticated, use an encrypted hash function to convert the identity message to be authenticated into a digest of the identity message to be authenticated; and use the RSA encryption algorithm to apply the public key to the digest of the authenticated identity message Performing encryption to obtain an encrypted message to be authenticated, where the encrypted message to be authenticated includes an encrypted digest of an identity message to be authenticated; Then go to step S1204 to obtain the private key in the universal integrated circuit card, and use the RSA encryption algorithm to apply the private key to decrypt the preset encrypted message to obtain the preset identification message summary; then go to step S1205 to identify the preset identity The message digest is compared with the digest of the identity message to be authenticated, and if the match is successful, then it proceeds to step S1207 that the identity authentication is successful; otherwise, it proceeds to step S1206 that the authentication fails. With the above method, public key encryption and private key decryption are adopted. Since the public key and the private key are stored in the UICC card, the extraction security of the default identification message digest in the UICC card is greatly improved. In other embodiments, the algorithm for encrypting or decrypting the digest is not limited to the RSA algorithm, and may also be other existing encryption and decryption algorithms.

As shown in FIG. 13, in order to further improve the security of message authentication, in some embodiments, the computer program is executed by the processor and further implements the following steps: first enter step S1301 after receiving a preset identification message, randomly generate The first random number string and the first random fill in blanks. The first randomly filled blank is a character randomly generated and filled in the preset identification message summary; the preset encrypted message further includes an encrypted first random number string and a first random filled blank; and then enter the step S1302, after receiving the identity message to be authenticated, randomly generates a second random number string and a second randomly filled blank, the second randomly filled blank is a character randomly generated and filled in the digest of the identity message to be authenticated; and then proceeds to step S1303 Obtain the private key in the universal integrated circuit card, use the RSA encryption algorithm and apply the private key to decrypt the preset encrypted message, and obtain the first random number string Fill the blank with the first random number; then go to step S1304 to compare whether the first random number string and the second random number string, the first random fill blank and the second random fill blank match successfully, and if so, go to step S1306 for successful identity authentication. Otherwise, the authentication fails in step S1305. In short, in order for the identity message to be authenticated to pass the authentication, in addition to the generated digest matching the default identification message digest in the UICC card, the first random number string and the second random number string are also required. , The first randomly filled blank matches one or more of the second randomly filled blanks, thereby effectively improving the security of identity information authentication.

In order to allow users to set different application software or encryption levels for electronic devices to boot according to actual needs, in some embodiments, when the computer program is executed by the processor, the following steps are further implemented: receiving an encryption level setting instruction, and setting the electronic device. The encryption level of the device, the encryption level includes a first encryption level, a second encryption level, and a third encryption level; when the electronic device is at the first encryption level, the condition for judging the success of the identity authentication is the preset identification message digest and waiting The authentication identity message digest, the first random number string and the second random number string, the first random filling blank and the second random filling blank are all matched successfully; when the electronic device is at the second encryption level, the identity is determined The conditions for successful authentication are the successful matching of the default identification message digest and the identification message digest to be authenticated, and the first random number string and the second random number string, the first random filling blank and the second random filling blank. Any item is matched successfully; when the electronic device is at the third encryption level, it is judged that the identity authentication is successful The condition is that the preset identification message digest matches successfully with the identification message digest to be authenticated.

In short, the degree of encryption from high to low is the first encryption level, the second encryption level, and the third encryption level. For some applications that require enhanced encryption, such as software involving financial transactions, trade secrets, and online payment passwords, users can set the encryption level of these applications to the first encryption level, so that during the identity message authentication process, Only when the default identification message summary and the identification message summary to be authenticated, the first random number string and the second random number string, the first random padding blank and the second random padding blank match successfully, then The corresponding unlocking operation or payment operation can be completed, thereby improving the security of the message data. For applications that do not require enhanced encryption, such as viewing album pictures, users can set the encryption level of the application to the second encryption level or the third encryption level according to their own needs.

In some embodiments, the electronic device further includes a light detection device, an identification area is provided on the display unit, and the light detection device is provided below the identification area, and the display unit 102 The end face and the upper end face of the light detecting device can be bonded by a low-refractive-index glue, and the refractive index of the low-refractive-index glue is less than 1.4. On the one hand, the low-refractive index glue can play a role in bonding, so that the light detection film is fastened to the bottom surface of the display unit, and it is not easy to send off; on the other hand, the low-refractive index glue is used to detect when light passes through the display unit. When filming, due to the refraction effect of the low-refractive-index glue (the refractive index of the glue is lower than the refractive index of the contact part on the photodetection film, usually the refraction of the part contacting the low-refractive-index glue on the photodetection film) Rate above 1.4), so that after the light is refracted at the position of the low refractive index glue, it can be as vertical as possible It is incident on the light detecting film in a straight direction, which can effectively improve the photoelectric conversion rate. In this embodiment, the low refractive index glue is an organic compound glue material with carbon-fluorine bonds.

When the electronic device further includes a light detection device, the preset identification information can also be blood volume information, fingerprint information, and the like. Taking the default identification information as blood volume information as an example, when light passes through the human skin and enters other tissues below the body surface, some light will be absorbed, and some light will be reflected, scattered, etc. The change of the light path depends on The structure of the tissue below the skin. Under normal circumstances, human blood can absorb more light than surrounding tissues, so when the light signal encounters more blood, the less light signal is reflected back. Therefore, the user's corresponding blood volume information can be obtained by detecting the light signal information reflected by the body part, and the user's other preset identification information (such as blood pressure index) can be obtained by conversion based on the user's corresponding blood volume information. , Body fat content, blood oxygen saturation, cardiopulmonary index, electrocardiogram, etc.).

Further, when the electronic device collects the identity information to be authenticated, it uses a preset array of pixel combinations on the display unit to illuminate the body part where the identity information to be collected is located, and the light detection device receives the reflected light signal to obtain Identification message. When the preset identification information is collected, the computer program can cooperatively encode the array pixel group on the display unit, illuminate the body part with the encrypted combined light source, and receive the light information returned by the body part. The preset array pixel combination may be a pixel array in which a certain part of the display unit is arranged in a preset pattern, and the preset pattern may be set according to actual needs. Compared with the way that all array pixels on the display unit emit light sources, the above method can further improve the security of information collection.

In some embodiments, the light detecting device is a TFT image sensor array The film includes MxN pixel detection areas, and each pixel detection area is correspondingly provided with one or more thin film transistors to form a set of pixel film circuits for scanning driving and data transmission, and a light detection film; the light detection The thin film includes a photosensitive diode or a photosensitive electric transistor. Taking the photodetection film including a photosensitive diode as an example, the basic circuit composition of each pixel detection area is shown in Figure 2. The photosensitive diode is the main sensing device that forms the light detection film. The gate and gate scanning lines operate the thin film transistor (TFT) in the on mode at a fixed frame rate. When the light detection The device detects the light signal, and the opened thin film transistor can transmit the capacitance voltage data to the reading chip. For details, please refer to the following two documents: [1] "MJPowell, IDFrench, JRHughes, NCBird, OSDavies, C. Glass, and JECurran, [2] "Amorphous silicon image sensor arrays," in Mater.Res .Soc.Symp.Proc., 1992, vol.258, pp.1127-1137", "B. Razavi, "Design of Analog CMOS Integrated Circuits," McGraw-Hill, 2000".

The light detection device is a TFT image sensing array film, and its light detection wavelength range includes visible light waveband or infrared light waveband. The TFT image sensing array film is composed of MXN light detecting films, and each light detecting film detects one pixel correspondingly, so the TFT image sensing array film can be used to detect MXN pixels to form a corresponding image. For each light detecting film, there are several ways to realize it:

Embodiment 1: The TFT image sensing array film (ie, the light detection device) is an array formed by photosensitive diodes, and the array formed by the photosensitive diodes includes Photodiode sensing area. Existing liquid crystal display (LCD) panels or organic light emitting diode (OLED) display panels all use a TFT structure to drive and scan a single pixel to realize the display function of the pixel array on the panel. The main structure that forms the switching function of TFT is semiconductor field effect transistor (FET), among which the well-known semiconductor layer materials mainly include amorphous silicon, polycrystalline silicon, indium gallium zinc oxide (IGZO), or organic compounds mixed with carbon nanomaterials, etc. Wait. Since the structure of the light-sensing diode can also be made of such semiconductor materials, and the production equipment is also compatible with the production equipment of the TFT array, in recent years, the TFT light-detecting diode (ie, photosensitive diode) has begun to use TFT array preparation method for production. For the specific structure of the existing photosensitive diode, please refer to the description of the structure of the light detection device in the US Patent No. 6,943,070B2 and the People's Republic of China Patent No. CN204808361U. The production process of the TFT image sensing array film is different from the TFT structure of the display panel in that the original pixel opening area of the display panel is changed to the light sensing area in the production process. The TFT preparation method can use thin glass as the base material, or use high-temperature resistant plastic material as the base material, as described in US Pat. No. 6,943,070 B2.

The existing TFT image sensing array film is susceptible to the surrounding ambient light or the reflection and refraction of visible light emitted by the pixels of the display screen, causing optical interference, which seriously affects the signal of the TFT image sensing array film embedded under the display panel Noise ratio (SNR), in order to improve the signal-to-noise ratio, as shown in Figure 3, the light detection film of the present invention has been further improved, so that the improved TFT image sensor array film can detect and identify the user's body part Infrared signal reflected back. The specific structure is as follows:

The photosensitive diode layer includes a p-type semiconductor layer, an i-type semiconductor layer, and an n-type semiconductor layer. The p-type semiconductor layer, the i-type semiconductor layer, and the n-type semiconductor layer are from top to bottom. The i-type semiconductor layer has a microcrystalline silicon structure or an amorphous germanium silicide structure. The microcrystalline silicon structure is a semiconductor layer formed by chemical vapor deposition of silane and hydrogen. The crystallinity of the microcrystalline silicon structure is greater than 40%, and its band gap is less than 1.7 eV. The amorphous germanium silicide structure is an amorphous semiconductor layer formed by chemical vapor deposition of silane, hydrogen, and germane, and its band gap is less than 1.7 eV.

Band gap (Band gap) refers to the width of a band gap (in electron volts (eV)). The energy of electrons in a solid cannot be taken continuously, but some discontinuous energy bands. To conduct electricity, there must be Free electrons exist, and the energy band in which free electrons exist is called conduction band (can conduct electricity). To become a free electron, it must obtain enough energy to transition from the valence band to the conduction band. The minimum value of this energy is the band gap. . The band gap is an important characteristic parameter of semiconductors, and its size is mainly determined by the energy band structure of the semiconductor, which is related to the crystal structure and the bonding properties of atoms.

At room temperature (300K), the band gap of germanium is about 0.66 eV. Silane contains germanium. When germanium is added, the band gap of the i-type semiconductor layer will decrease. When it is less than 1.7 eV, It shows that the i-type semiconductor layer can receive light signals in the wavelength range of visible light to infrared light (or near-infrared light). By adjusting the GeH4 concentration of chemical weather deposition, the operating wavelength range of photosensitive diodes containing amorphous or microcrystalline germanium silicide structure can be extended to the light wavelength range of 600nm to 2000nm.

Embodiment 2: Based on Embodiment 1, in order to improve the quantum efficiency of photoelectric conversion, the amorphous silicon photodiode can also be formed by stacking the p-type/i-type/n-type structure above the double junction. The p-type/i-type/n-type material of the first junction layer of the photodiode still has an amorphous silicon structure, and the p-type/i-type/n-type material above the second junction layer may have a microcrystalline structure, Polycrystalline structure or doped with compound materials that can extend the photosensitive wavelength range. In short, multiple sets of p-type/i-type/n-type structures can be stacked up and down to form a photosensitive diode structure. For each p-type/i-type/n-type structure, the photosensitive diode structure described in the first embodiment is used. Diode structure.

Embodiment 3: Based on Embodiment 1 or Embodiment 2, for each p-type/i-type/n-type structure, the p-type semiconductor layer contained therein may be a multilayer structure with more than two layers. For example, the p-type semiconductor layer has a three-layer structure, which includes a first p-type semiconductor layer (p1 layer), a second p-type semiconductor layer (p2 layer), and a third p-type semiconductor layer (p3 layer) from top to bottom. Among them, the p1 layer can adopt an amorphous structure and heavily doped with boron (the boron concentration is more than twice that of the standard process); the p2 and p3 layers adopt a microcrystalline structure and are normally doped with boron (doped according to the standard process concentration) , Relying on the thinned p2 layer and p3 layer to reduce the absorption of light, so that light enters the i layer as much as possible and is absorbed by the i layer, which improves the photoelectric conversion rate; on the other hand, the p2 and p3 layers use normal boron Doping can effectively avoid deterioration of the built-in potential due to heavy doping of the p1 layer. When the p-type semiconductor layer includes a multi-layer structure with other layers, it is similar, and will not be repeated here.

Similarly, the n-type semiconductor layer can also have a multi-layer structure with more than two layers. For example, the n-type semiconductor layer has a three-layer structure, which includes a first n-type semiconductor layer (n1 layer), a second n-type semiconductor layer (n2 layer), and a third n-type semiconductor layer (n3 layer) from top to bottom. Among them, the n3 layer can adopt an amorphous structure and heavily doped with phosphorus (the phosphorus content is more than twice the standard process); the n1 and n2 layers adopt a microcrystalline structure and are normally doped with phosphorus (according to the standard production process), depending on the thickness The thinned n1 and n2 layers reduce the absorption of light, Make light enter the i-layer as much as possible and be absorbed by the i-layer, improving the photoelectric conversion rate; on the other hand, the normal phosphorus doping of the n1 and n2 layers can effectively avoid the deterioration of the built-in potential due to the heavy doping of the n3 layer . When the n-type semiconductor layer includes a multi-layer structure with other layers, it is similar to this, and will not be repeated here.

Fourth embodiment: This embodiment is a further improvement of the first or second or third embodiment, as shown in (a) in FIG. 6, specifically including: a first optical device is provided on the upper end surface of the p-type semiconductor layer The first optical device is used to reduce the reflectivity of the light on the upper end surface of the p-type semiconductor layer, or reduce the refraction angle of the light on the p-type semiconductor layer to increase the amount of light incident. Reducing the angle of refraction of light in the p-type semiconductor layer allows the light to enter the p-type semiconductor layer as close as possible to the vertical direction, so that the light is absorbed by the i-type semiconductor layer below the p-type semiconductor layer as much as possible, thereby Further improve the photoelectric conversion rate of the photosensitive diode. When the p-type semiconductor layer has a multilayer structure, the first optical device is disposed on the upper end surface of the uppermost p-type semiconductor layer.

The first optical device includes a photonic crystal structure or a microlens array structure whose refractive index changes periodically, or a diffuse scattering structure whose refractive index changes non-periodically. The refractive index of the first optical device is smaller than the refractive index of the p-type semiconductor layer, so that after the first optical device is refracted, the incident angle is smaller than the refraction angle, that is, the light enters the p-type as close to the vertical direction as possible. Semiconductor layer.

Embodiment 5: This embodiment is a further improvement of embodiment one or two or three or four. As shown in (b)(c) in FIG. 6, the lower end surface of the n-type semiconductor layer is also provided with a second An optical device, where the second optical device is used to increase the multiple reflectivity of light on the lower end surface of the n-type semiconductor layer. The multiple reflectivity means that the light is in After being reflected by the second optical device, it enters the i-type semiconductor layer and is absorbed by the i-type semiconductor layer again. The absorbed light is reflected by the second optical device again and then enters the i-type semiconductor layer. Repeat this many times to improve the i-type semiconductor layer. The photoelectric conversion rate of the layer. When the n-type semiconductor layer has a multilayer structure, the second optical device is arranged on the lower end surface of the lowermost n-type semiconductor layer.

The second optical device includes a photonic crystal structure whose refractive index changes periodically or a diffuse scattering structure whose refractive index changes non-periodically, and the refractive index of the second optical device is smaller than the refractive index of the n-type semiconductor layer . In this way, the light can be reflected as much as possible on the lower end surface of the n-type semiconductor layer, so that the reflected light is absorbed by the i-type semiconductor layer again, thereby appropriately amplifying the signal within the light wavelength range that the i-type semiconductor layer can absorb. Increase the photoelectric flux in this wavelength range.

Embodiment 6: As shown in FIG. 4, the TFT image sensing array film (ie, light detecting device) is an array formed by photosensitive electric transistors, and the array formed by photosensitive electric transistors includes photosensitive electric transistors. In the sensing area, the photosensitive transistor sensing area is provided with a photosensitive thin film transistor, and the photosensitive thin film transistor includes a gate electrode 1, a source electrode 2, a drain electrode 3, an insulating layer 4, and a light-absorbing semiconductor layer 5; The photosensitive thin film transistor is an inverted coplanar structure, and the inverted coplanar structure includes: the gate 1, the insulating layer 4, and the source 2 are arranged vertically from bottom to top, the drain 3 and the The source 2 is arranged laterally and coplanar; the insulating layer 4 wraps the gate 1 so that the gate 1 and the source 2, the gate 1 and the drain 3 are not in contact; the source There is a gap fit between 2 and the drain 3, a photosensitive current channel is formed between the source 2 and the drain 3 laterally, and the light absorbing semiconductor layer 5 is arranged in the photosensitive current channel.

Generally, when the TFT is controlled by the gate voltage to operate in the off state, no current will flow between the source and the drain; however, when the TFT is illuminated by a light source, electron-hole pairs are excited in the semiconductor due to the energy of the light. , The field effect of the TFT structure separates the electron-hole pairs, which in turn causes the TFT to generate a photosensitive current. Such photosensitive current characteristics allow TFT arrays to be used in photodetection or photodetection technology. Compared with devices that generally use TFT current as photosensitive thin film transistors, the present invention uses an inverted coplanar field-effect transistor structure to arrange the light-absorbing semiconductor layer on the uppermost light-absorbing layer, which greatly increases the excitation of photoelectrons and improves the photoelectric conversion. efficient.

As shown in FIG. 7, it is a flowchart of a method for preparing a light detecting film according to an embodiment of the present invention. The method is used to prepare the photosensitive thin film transistor (ie, the photodetecting film) of Example 6, and specifically includes the following steps: first, step S801 is used to coat the substrate of the pixel thin film transistor by magnetron sputtering. Pole gate. The substrate of the pixel thin film transistor can be a hard board or a flexible material (such as polyimide); then it proceeds to step S802, where chemical vapor deposition or magnetron sputtering is performed on the gate electrode. The insulating layer is formed by plating; and then it proceeds to step S803. On the insulating layer, the n-type doped semiconductor layer of the source and drain is coated by chemical vapor deposition, and the source and drain are coated by magnetron sputtering. In the metal layer of the electrode, the source and drain of the preset structure are defined by the yellow light etching process, and the source and the drain are laterally coplanar, and the gap is matched, and a photosensitive current is formed between the source and the drain laterally Channel; and then proceed to step S804 to chemical vapor deposition in the photosensitive current channel The coating emits light and absorbs the semiconductor layer.

Embodiment 7: In terms of the well-known field-effect transistor structure, the TFT used as the scan drive and data transmission switch does not need to be specifically designed for the structure that collects the photocurrent between the source and the drain; however, it is applied to the field-effect transistor In the detection of photosensitive current, if the electron-hole pair excited by the light is separated by the field effect, the drift path driven by the electric field is too long, it is very likely that the photoelectron cannot reach the electrode smoothly. Recombination with holes (Recombination), or being trapped by the dangling bond defect of the light-absorbing semiconductor layer itself, cannot effectively contribute to the photocurrent output for light detection.

In order to improve the photo-sensing current affected by the length of the channel between the source and the drain, so as to increase the area of the light-absorbing semiconductor without deteriorating the photoelectric conversion efficiency, in this embodiment, the source and drain of the fourth embodiment are carried out. One step improvement, a new structure of source and drain is proposed.

As shown in FIG. 5, the number of the source and the drain is multiple, the source and the source are connected in parallel with each other, and the drain and the drain are connected in parallel with each other; the gap between the source and the drain is In cooperation, the formation of a photosensitive current channel between the source and the drain in the lateral direction includes: forming a first gap between adjacent sources, one drain is placed in the first gap, and a second gap is formed between adjacent drains. In the gap, a source is placed in the second gap, and the source and the drain are alternately arranged and matched with a gap. The distance between each source electrode and the adjacent drain electrode is less than the electron drift distance, which is the distance that electrons can survive under the action of the field effect. In this way, in each detection pixel, multiple sources belonging to the same pixel are connected in parallel, and multiple drains belonging to the same pixel are also connected to each other. It can effectively reduce the probability of recombination of light-excited electrons and holes, increase the probability of the electrode collecting photoelectrons under the action of the field effect, and maximize the photosensitivity of the TFT current photosensitive thin film transistor.

As shown in FIGS. 8 to 11, the process of preparing the photosensitive thin film transistor (ie, the light detecting film) of the seventh embodiment step by step, and the general steps are similar to those of preparing the photosensitive thin film transistor of the sixth embodiment. The difference is that when preparing the source and drain, in step S803, the source and drain of the preset structure are defined by the yellow photolithography process, so that the source and drain are laterally coplanar, and have a clearance fit, and make The formation of a photosensitive current channel between the source and the drain laterally" includes: the source electrode group and the drain electrode group are defined by the yellow photoetching process, each source electrode group includes a plurality of sources, a source electrode and a source electrode Are connected in parallel with each other; each drain electrode group includes a plurality of drains, and the drains are connected in parallel with each other; a first gap is formed between adjacent sources, and a drain is placed in the first gap , A second gap is formed between adjacent drains, one source is placed in the second gap, and the source and the drain are alternately arranged with clearance fit.

In some embodiments, the light detection device is used to receive the detection trigger signal, is in the light detection state, and receives the light signal reflected by the detection part (such as fingerprints, eyeballs, iris, etc.) to capture the user's Detecting position information; and for receiving light source trigger signal, in the state of emitting light source (such as infrared light source). Preferably, the light source trigger signal and the detection trigger signal are alternately switched and conform to a preset frequency. Take the photodetection device as an array formed by photosensitive diodes as an example. In the actual application process, a bias voltage (including forward bias, or zero bias or negative bias) can be applied by scanning and driving by TFT. Between p-type/i-type/n-type photodiode, realize thin TFT image sensor array The film emits infrared light function.

Specifically, a forward bias, or a zero bias or a negative bias may be alternately applied between the p-type/i-type/n-type infrared photosensitive diodes to trigger the first trigger signal or the second trigger signal. Taking the array of infrared photosensitive diodes with 10 columns of pixel dot matrix as an example, in the first period, the p-type/i-type/n-type infrared photosensitive diode is forward biased to make 10 columns of pixel dot matrix All are in the state of emitting infrared light; in the second period, zero bias or negative bias is applied to the p-type/i-type/n-type infrared photosensitive diode, so that the 10 columns of pixel lattices are in the infrared light detection state. To capture the infrared light information reflected by the user’s eyeballs and generate the corresponding infrared image output; in the third cycle, a forward bias is applied to the p-type/i-type/n-type infrared photosensitive diode to make 10 rows The pixel dots are all in the state of emitting infrared light, which alternates repeatedly, and so on. Further, the light source trigger signal (ie, the first trigger signal) and the detection trigger signal (ie, the second trigger signal) are alternately switched, and the switching frequency conforms to a predetermined frequency. The time interval between adjacent cycles can be set according to actual needs, and the preferred time interval can be set to the TFT array driving scan every frame (Frame) infrared photosensitive diode array can receive at least one frame of complete image signal Time, that is, the preset frequency is to switch every time the above time interval has elapsed.

In some embodiments, the identity recognition area includes a plurality of identity recognition sub-areas, and a light detecting device is correspondingly disposed under each identity recognition sub-areas. Taking fingerprint recognition as an example, when the computer program is executed by the processor, the following steps are implemented: receiving a start instruction for the fingerprint recognition sub-area (namely the identity recognition sub-area), and the detection control circuit turns on the fingerprint recognition sub-area (namely the identity recognition sub-area) ) Under Or, receiving a close instruction to the fingerprint recognition sub-area, the detection control circuit turns on the light detection device below the fingerprint recognition sub-area.

Taking the number of fingerprint recognition sub-areas as two as an example, the two fingerprint recognition sub-areas can be evenly distributed on the screen, one up and down, one left and one right, or they can be distributed on the screen in other arrangements. The application process of the terminal with two fingerprint recognition sub-areas is described in detail below: in the use process, the user triggers the start signal, and the two fingerprint recognition sub-areas below the light detection device (ie, light detection device) Both are set to the on state. In a preferred embodiment, the range formed by the two fingerprint recognition sub-areas covers the entire display screen, which ensures that when the light detection devices under the two fingerprint recognition sub-areas are all set to the on state, the light signal entering the display screen can be The lower TFT image sensor array film (ie, light detection device) is absorbed to capture the user's fingerprint information or body part information in time. Of course, the user can also set the light detection device under one fingerprint recognition sub-area to be turned on, and the light detection device under another fingerprint recognition sub-area to be turned off according to their own preferences.

It should be noted that although the foregoing embodiments have been described in this article, the scope of patent protection of the present invention is not limited thereby. Therefore, based on the innovative concept of the present invention, changes and modifications to the embodiments described herein, or equivalent structure or equivalent process transformations made by the content of the description and drawings of the present invention, directly or indirectly apply the above technical solutions In other related technical fields, they are all included in the scope of patent protection of the present invention.

101: Touch screen or cover glass

102: display unit

105: flexible circuit board

106: main circuit board

107: Universal integrated circuit card slot

108: General integrated circuit card

Claims (9)

An electronic device, comprising a main circuit board, a processor, a sensing device, and a storage medium; the main circuit board is provided with a universal integrated circuit card slot, and the universal integrated circuit card slot is provided with a universal integrated circuit A circuit card; the sensing device is connected to the processor; the storage medium stores an executable computer program, and when the computer program is executed by the processor, the following steps are implemented: receiving a preset identification message, and Write the preset identification information into the universal integrated circuit card; receive an identity authentication request and the identification information to be authenticated collected by the sensing device, and obtain the preset from the universal integrated circuit card The identification message is to compare the identification message to be authenticated with the corresponding preset identification message, if the matching is successful, the identity authentication is successful, otherwise the authentication fails; wherein, the computer program is executed by the processor The following steps are also implemented: using an encrypted hash function to convert the preset identification message into a preset identification message digest, and the preset identification message is stored in the preset identification message digest in the form of the preset identification message digest. In general integrated circuit card. The electronic device described in item 1 of the scope of patent application, wherein when the computer program is executed by the processor, the preset identification information is received, and the preset identification information is written into the universal product. The step of the integrated circuit card includes: receiving the preset identification information collected by an external identification sensing device, and writing the preset identification information into the universal integrated circuit card, and the external identification sensing device is The sensing device is provided independently of the electronic device. The electronic device described in item 1 of the scope of patent application, wherein when the computer program is executed by the processor, the preset identification information is received, and the preset identification information is written into the universal product. The step of the integrated circuit card includes: receiving the preset identification information collected by the sensing device of the electronic equipment, and writing the preset identification information into the universal integrated circuit card. The electronic device according to item 3 of the scope of patent application, wherein the sensing device includes any one or more of a normal camera, an infrared camera, and a microphone, and the preset identification information includes face information, eyeball information, and iris information. Any one or more of messages and voice messages. For example, the electronic device described in item 1, item 3, or item 4 of the scope of patent application, wherein the number of the sensing devices is multiple, and they are used to collect different preset identification information; the computer When the program is executed by the processor, the following steps are implemented: receiving different preset identification messages collected by a plurality of the sensing devices, and converting the collected multiple preset identification messages using an encrypted hash function Is a summary of the preset identification information. For the electronic equipment described in item 1, item 3, or item 4 of the scope of patent application, the computer program, when executed by the processor, implements the following steps: receiving multiple data collected by the sensing device of the same type In the preset identification message, an encrypted hash function is used to convert the collected multiple types of preset identification messages into the preset identification message digest. For the electronic device described in item 1 of the scope of patent application, wherein the computer program is executed by the processor and further implements the following steps: storing an authentication key in an integrated circuit card, and the authentication key includes Public key and private key; obtain the public key in the universal integrated circuit card, and use the RSA encryption algorithm to apply the public key to encrypt the preset identification message digest to obtain the preset encrypted message , The preset encrypted message includes the encrypted preset identification message digest; after receiving the identity message to be authenticated, the encrypted hash function is used to convert the identity message to be authenticated into the identity to be authenticated Message digest; and using the RSA encryption algorithm to apply a public key to encrypt the digest of the identity message to be authenticated to obtain an encrypted message to be authenticated, and the encrypted message to be authenticated includes the encrypted digest of the identity message to be authenticated; Obtain the private key in the universal integrated circuit card, use the RSA encryption algorithm to apply the private key to decrypt the preset encrypted message, obtain the preset identification message summary, and convert the preset The identity recognition message digest is compared with the identity message digest to be authenticated, and if the matching is successful, the identity authentication is successful, otherwise the authentication fails. For the electronic device described in item 7 of the scope of patent application, the computer program further implements the following steps when being executed by the processor: after receiving the preset identification message, randomly generating a first random number string and a first random number string A randomly filled blank, the first randomly filled blank is randomly generated and filled Characters in the summary of the preset identification message; the preset encrypted message also includes the encrypted first random number string and the first random padding; after receiving the identification message to be authenticated , Randomly generating a second random number string and a second randomly filled blank, where the second randomly filled blank is a character randomly generated and filled in the summary of the identity message to be authenticated; acquiring the information in the universal integrated circuit card The private key uses the RSA encryption algorithm and applies the private key to decrypt the preset encrypted message to obtain the first random number string and the first random padding; and compare the first Whether a random number string matches the second random number string, the first random fill blank and the second random fill blank successfully, if yes, the identity authentication is successful, otherwise the authentication fails. For the electronic device described in item 8 of the scope of patent application, the computer program further implements the following steps when being executed by the processor: receiving an encryption level setting instruction, setting the encryption level of the electronic device, the encryption level including The first encryption level, the second encryption level, and the third encryption level; when the electronic device is at the first encryption level, the condition for determining the success of the identity authentication is the preset identity identification message digest and the identity to be authenticated The message summary, the first random number string and the second random number string, the first randomly filled blanks and the second randomly filled blanks all match successfully; when the electronic device is in In the case of the second encryption level, the conditions for determining the success of the identity authentication are the successful matching of the preset identity recognition message digest and the identity message digest to be authenticated, and the first random number string and the second random number Any one of the word string, the first random filling blank and the second random filling blank is successfully matched; when the electronic device is at the third encryption level, it is determined that the identity authentication is successful The condition is that the preset identification message digest and the identification message digest to be authenticated match successfully.

Images