DE102018204842A1 - Method for operating a motor vehicle, authentication device, storage medium, motor vehicle, mobile portable terminal, data server device for operating on the Internet - Google Patents

Abstract

The invention relates to a method for operating a motor vehicle. An authentication device (12) performs: provision of an authorization condition (26, 28, S1) which predetermines a predetermined number of authentication steps for enabling an operating function of a motor vehicle system (18) of the motor vehicle 10 is necessary, wherein the authorization condition (26, 28) specifies for each authentication step an authentication feature (30) to be detected, receiving at least one authentication signal from a detection device (20) of the motor vehicle 10, wherein the at least one authentication signal respectively describes an authentication feature (30) (S5), Checking whether for each of the predetermined authentication steps an authentication signal describing the respective predetermined authentication feature (30) is present (S6) if the authorization condition (26, 28) is fulfilled: determining a permission of the person to the Ben utility of the motor vehicle system (18), generating an enable signal (S8), and transmitting the generated enable signal to the motor vehicle system (18, S9).

Description

The invention relates to a method for operating a motor vehicle, which is performed by an authentication device. An authentication device is understood to be a device or a device component which is set up to receive, generate and transmit control signals.

Motor vehicles contain more and more electronics, even for unlocking and starting the motor vehicles, the hardware, so the key, not physically needed, but only outgoing from them radio signals. In radio technologies, one would like to avoid that the motor vehicle can be opened and started undamaged by means of, for example, radio range extensions of the radio signals of the key or by imitating the radio signals, and thus stolen. This can happen in seconds without the arousal of attention, so there may be no eyewitness.

In order to give a person access to the motor vehicle, it is necessary to hand over the physical key. Thus, possibly an organizational effort or the key is hidden in the vicinity of the motor vehicle, for example, on the wheel well. However, it is not desirable for such a key to be discovered by third parties. But just when, for example, sports and / or outdoor activities, a user of the motor vehicle does not want to carry the key with him.

It requires a secure mechanism to protect against theft. The mere assurance that the existing vehicle keys are not accessible to strangers may not be sufficient. In addition, thieves often leave hardly any traces and usually attract no attention.

The DE 10 2014 204 882 A1 describes a system and method for authenticating a user and generating and applying a user profile that may include authenticating an administrator via an administrator identification.

The DE 10 2016 004 579 A1 relates to a method for controlling at least one vehicle component of a motor vehicle.

Finally, that describes DE 10 2016 012 787 A1 a method for operating an access system of a vehicle, wherein at least one sensor detects a geometric feature of a user.

An object of the invention is to improve a theft protection.

The stated object is achieved by the method according to the invention and the devices according to the invention according to the independent claims. Advantageous developments are given by the dependent claims.

The invention is based on the idea of checking, on the basis of a provided authorization condition, which specifies a predetermined number of authentication steps and, for each of the authentication steps, an authentication feature to be detected, whether the predetermined number of authentication steps is performed with the predetermined authentication features. An authorization of a person to use a motor vehicle system of a motor vehicle is then determined if the authorization condition is met. In this case, the authorization condition preferably specifies a multi-stage authentication process in which the person in need of access to the motor vehicle must identify himself with a plurality of different authentication features. Advantageously, a theft of the motor vehicle can be made significantly more difficult, and under certain circumstances, the carrying of the key may be obsolete.

The method according to the invention for operating a motor vehicle has the following steps performed by an authentication device. The authentication device is preferably a device or a device component of the motor vehicle.

There is firstly a provision of a person-specific authorization condition, which specifies a predetermined number of authentication steps, which is necessary for releasing an operating function of a motor vehicle system of the motor vehicle, the authorization condition specifying an authentication feature to be detected for each authentication step. The authorization condition can be stored, for example, in the authentication device, and preferably specify at least two authentication steps, for example a use of the motor vehicle key and the authentication by a biometric feature.

The authentication by the person who demands access, that is the proof of one's own identity, can be achieved in different ways. For example, proof of a knowledge of an information can take place, that is to say that the person knows, for example, a password as an authentication feature. The authentication can be done by using an item in the current possession of the person, that is, the person has to Example as an authentication feature a suitable motor vehicle key. An alternative authentication feature can be a biometric feature of the person, that is to say the authentication can be done by the presence of the person himself, ie by the person being a certain person and being authenticated by, for example, a fingerprint. In a further method step, the authentication device receives at least one authentication signal from a detection device of the motor vehicle, wherein the at least one authentication signal in each case describes an authentication feature. In this case, a detection device is understood to mean a device or a device component for detecting an authentication feature, that is, for example, a locking system that detects an unlocking with a suitable key, or, for example, a device with a sensor for detecting a fingerprint or an eye iris.

A check is made as to whether an authentication signal describing the respective given authentication feature exists for each of the predetermined authentication steps. In other words, a check is made as to whether the detected authentication features correspond to the authentication features specified by the authorization condition. If the authorization condition is met, the person is authorized to use the motor vehicle system, ie to use and operate the motor vehicle. This is followed by generating an enable signal, which may describe, for example, enabling an ignition system of the motor vehicle, and transmitting the generated enable signal to the motor vehicle system.

As a result, the above advantages are achieved. For a further user of a motor vehicle, there are the advantages that, depending on a selected setting, he can also use the motor vehicle without handing over the key. In addition, depending on these settings, that is, depending on the authorization condition, he can use the motor vehicle, for example, without carrying the key, that is to say carrying the key may be obsolete, which is particularly suitable for outdoor activities.

For those who want to rent their car to someone else, there are the following advantages. A theft of his motor vehicle is much more difficult. He can always have documented, who drove his car at what time, whereby a guide of a logbook is much easier. Authorized users may be able to use the motor vehicle without handing over the keys. Depending on the selected settings, ie depending on the authorization condition, keeping the key can be obsolete, which is particularly suitable for outdoor activities. By personalizing, for example, push messages in real time, the use of the motor vehicle can be made possible, by which he is constantly informed who uses when and how the motor vehicle. Depending on the selected settings, for example, he can authorize new drivers via an application program ("App").

It may be advantageous for the motor vehicle manufacturer that this is a unique feature allows, and a way to generate more revenue, it may for example be possible to sell the system and / or rent, as well as for example to offer different packages (for example a number of users and / or live service with certain durations). In addition, the possibility arises in car sharing offers, with the car manufacturer stand out from other providers and can ensure the identification of the driver.

The authentication feature may preferably be one of the following authentication features: an authentication object, preferably a motor vehicle key, or a biometric feature of the person. Preferably, the authorization condition may specify at least two authentication steps, wherein the authentication features of the at least two authentication steps may be different authentication features. Such a multi-stage authentication method makes the method even more specific, in particular if one of the authentication features is a biometric feature. In other words, at least one double check is carried out, as a result of which theft and / or unauthorized use can be prevented even more effectively.

The method is particularly efficient if at least one of the authentication steps specifies a biometric feature to be detected as the authentication feature, and the authorization condition is thus a person-specific authorization condition. If, for example, a person is in possession of the motor vehicle key, and this is required, for example, in a first authentication step, personalization by querying the biometric feature can operate the motor vehicle or only a corresponding motor vehicle system if the person unambiguously associates with a predetermined one Identify identity. In particular, the combination of a biometric feature with other authentication features can prevent or even prevent unauthorized use of the motor vehicle or the motor vehicle system. As a result, for example, the function of the logbook is possible because it can be accurately documented which person has used which motor vehicle system (or even the motor vehicle itself).

According to a particularly user-friendly embodiment of the method according to the invention, which moreover can also prevent an unauthorized "hacking" of the authentication device, the operating function can be a programming function of the authentication device for specifying the authorization condition. In other words, the specification of the authorization condition can be ensured by the method according to the invention, so that the person who would like to change the settings first has to authenticate himself in accordance with an authorization condition. If the authentication device is not a vehicle-internal device but, for example, a component or a component of a mobile terminal, the user can also specify the conditions for the use of his motor vehicle without the motor vehicle. If the authentication device is an authentication device of the motor vehicle, the specification of the authorization conditions is additionally secured once again by the fact that the person must be in or on the motor vehicle, for example.

In order to enable the previously mentioned logbook function and monitoring function, the method according to the invention can have the following steps performed by the authentication device. It may be a determination of an identity of those persons who are currently using the motor vehicle, on the basis of one or all of the authentication features. It may then follow a determination of those vehicle functions that are currently being used or operated by the person. In addition, a determination of an operating parameter of the vehicle system currently being used by the person can take place. The authentication device carries out a generation of a protocol signal that can respectively describe information about the detected person, the detected motor vehicle function and the determined operating parameter, and a transmission of the generated protocol signal to a predetermined mobile terminal and / or in a memory device. In this case, a storage device is understood to be a component or a component for storing data, for example, it can be issued as a memory chip or memory card.

The object set out above is achieved by an authentication device which is set up to carry out the method steps relating to the authentication device of one of the above-described embodiments of the method according to the invention. It results in the above advantages. The authentication device can preferably have a processor device, that is to say a component or a device component for electronic data processing, which can have at least one microprocessor and / or one microcontroller. In a memory device may optionally be stored a program code which is set up to cause the authentication device to execute the method according to the invention when it is executed by the processor device.

The abovementioned advantages also result from an embodiment of a storage medium according to the invention having a program code which is set up, when executed by a processor device, to carry out a method according to one of the embodiments described above.

The stated object is achieved by a motor vehicle, preferably a passenger car, having an embodiment of the authentication device according to the invention and / or an embodiment of the storage medium according to the invention.

The stated object is achieved by a mobile, portable terminal, for example a smartphone or a laptop, comprising an embodiment of the authentication device according to the invention and / or an embodiment of the storage medium according to the invention. If the mobile, portable terminal has an embodiment of the storage medium according to the invention, then the processor device can preferably be a processor device of the mobile, portable terminal.

The stated object is achieved by a data server device for operating on the Internet, for example a computer network for providing a data cloud or a data server, comprising an embodiment of the authentication device according to the invention and / or an embodiment of the storage medium according to the invention. Again, there are the above benefits.

The invention also includes the combinations of the described embodiments.

• eine schematische Darstellung zu einer ersten Ausführungsform des erfindungsgemäßen Verfahrens und zu den erfindungsgemäßen Vorrichtungen.

In the following, embodiments of the invention are described. The only figure ("Fig.") Shows:

• a schematic representation of a first embodiment of the method according to the invention and to the devices according to the invention.

The exemplary embodiments explained below are preferred embodiments of the invention. In the exemplary embodiments, the described components of the embodiments each represent individual features of the invention, which are to be considered independently of one another, which also develop the invention independently of each other and thus also individually or in a different combination than the one shown as part of the invention. Furthermore, the described embodiments can also be supplemented by further features of the invention already described.

In the figures, functionally identical elements are each provided with the same reference numerals.

The figure illustrates the principle of the method according to the invention with reference to an embodiment. For this purpose, the figure shows an exemplary motor vehicle 10 , which may be configured for example as a passenger car. The car 10 has an authentication device in the example of the figure 12 on, which may be configured for example as a control unit or as a control board. Alternatively, the authentication device 12 implementing the method according to the invention, a component of a mobile terminal 14 be, for example, the mobile terminal may be configured as a smartphone or a laptop. In the figure, a further variant is shown, in which the method performing authentication device 12 a component of a motor vehicle external data server device 16 may be, wherein the motor vehicle external data server device 16 For example, as a data server or as a data server network can be configured. For the sake of clarity, the details of the authentication device are shown in the figure 12 and the method steps only in the authentication device 12 of the motor vehicle 10 shown the authentication device 12 of the mobile terminal 14 and the authentication device 12 the data server device 16 however, as below for the authentication device 12 for the motor vehicle 10 be designed and configured described. Optionally, the authentication device 12 be configured as a storage medium with a program code for performing the method according to the invention.

The car 10 The figure shows an exemplary motor vehicle system 18 on, its release by the authentication device 12 can be regulated. The motor vehicle system 18 For example, it may be an engine, an infotainment system or, for example, a system of longitudinal or lateral control of the motor vehicle 10 ,

The car 10 also has a detection device 20 for example, which may include a sensor for detecting insertion of a suitable motor vehicle key. Alternatively or additionally, the detection device 20 For example, a camera or a scanner in an interior of the motor vehicle 10 for example, detecting an eye iris of a person within the motor vehicle 10 or a face of the person.

The individual components are in the figure by data communication links 21 connected, wherein a data communication connection 21 For example, a wireless data communication connection may be, for example, a WLAN connection or a Bluetooth LE connection, or, for example, a wired data communication connection 21 , such as a data bus of the motor vehicle 10 ,

The authentication device 12 shows an optional storage device 22 , which can be configured as a skilled in the art data storage. The authentication device 12 The figure also has an optional processor device 24 on, which may for example have multiple microprocessors.

In the storage device 22 For example, you can have two permission conditions 26 . 28 filed and thus be provided (method step S1 ). Preferably, these may be personal or person-specific authorization conditions 26 . 28 that is, each of the authorization conditions 26 . 28 only applies to one particular person. The first authorization condition 26 may, for example, be a personal authorization condition 26 for a main user of the motor vehicle 10 and provide, for example, only one authentication step. This authentication step can be used as an authentication feature 30 a face of the main user, so a biometric feature, be predetermined. In the figure is by the symbol of the face as an authentication feature 30 schematically illustrated that, for example, an image of the face of the main user in the storage device 22 can be stored.

Another authorization condition for another person may, for example, provide that this additional person must authenticate himself in two authentication steps, and as authentication features 30 must present a motor vehicle key in which the other person this car key in a lock of the motor vehicle 10 plug in and unlock, and as another authentication feature 30 For example, a fingerprint may be provided, with the other person, for example, placing a finger on an optional fingerprint Fingerprint sensor of the detection device 20 must lay. The exemplary fingerprint sensor may be, for example, in a center console of the motor vehicle 10 or in an outside of the motor vehicle 10 , For example, on a door handle of the motor vehicle 10 be arranged. An image of the other person's fingerprint can already be used for authentication in the storage device 22 be filed and compared with a later recorded fingerprint.

Optionally, in the authentication device 12 be deposited, that upon fulfillment of the respective authorization condition 26 . 28 for example, only certain motor vehicle systems 18 may be used. For example, the main user can use all vehicle systems 18 For example, the other person may only use an infotainment system or, for example, the engine, whereby the engine may only be used up to a certain power or speed.

The exemplary main user of the motor vehicle 10 can for example with the motor vehicle 10 have driven to a parking lot from which he wants to jog. Because the permission condition tailored for him 26 only provides identification via a face scan, he does not have to carry his car key while jogging. The detection device 20 can be arranged so that a camera for detecting the face is directed to an outside of the motor vehicle. If the main user returns from jogging after a while, he can authenticate himself by using the exemplary camera as the authentication feature 30 , that is, the image of his face, can capture (S2), and the detector 20 may generate an authentication signal (S3) that can describe an image of the face. In process step ( S4 ) can this authentication signal to the authentication device 12 which are transferred in process step ( S5 ) receives the authentication signal.

The authentication device 12 can for checking whether for each of the predetermined authentication steps, a corresponding authentication signal with the authentication feature 30 is present (S6), for example, the stored authorization conditions 26 . 28 Check if the number of authentication steps and the corresponding authentication features 30 with the authentication feature described by the received authentication signal 30 to match. In a comparison with the authorization condition 26 can then be found that this requires exactly one authentication step and that with this permission condition 26 deposited authentication feature 30 a picture of a face is that with the face of the main user, in front of the motor vehicle 10 stands, agrees. For this purpose, the authentication device 12 For example, have an image processing software that can compare the stored image and the received image, for example, in the context of a pattern recognition. Matching the face scan with the stored image then means that the permission condition 26 is met, and the authorization of the main user to use all motor vehicle systems 18 can in step ( S7 ).

Releasing the automobile system 18 , For example, a locking device of the motor vehicle for opening the door, can be done by the authentication device 12 generates a release signal ( S8 ), and transmits this to the locking device ( S9 ). The motor vehicle opens, and also the other motor vehicle systems 18 can be released for the main user.

For another user of the motor vehicle 10 For example, the authorization condition can be provided ( S1 ), which can provide a two-step authentication process. The more levels, ie the more authentication steps, the authorization condition 26 . 28 pretends, the safer the release process. Preferably, it can therefore be provided that the authorization condition 26 . 28 For example, it may provide three authentication steps, such as presenting the car key, checking a fingerprint, and, for example, checking a face scan and / or, for example, an eye iris scan.

The authorization conditions 26 . 28 may alternatively or additionally in the motor vehicle external data server device 16 be stored, and a communication with the data server device, for example, via an Internet connection (not shown in the figure) take place.

Ideally, both motor vehicle 10 , as well as data server facilities 16 , in each case an authentication device 12 have, where the authorization conditions 26 . 28 both locally in the authentication device 12 of the motor vehicle 10 , as well as in the data server device 16 can be stored. So falls for example, a communication with the data server device 16 because, for example, a mobile module of the motor vehicle 10 is defective, are the eligibility conditions 26 . 28 continue to be available in-vehicle, allowing the authentication process to continue.

For example, when changing or adding a permission condition 26 . 28 then both memories can be synchronized. To make adjustments, it may be provided by way of example that the main user is in the motor vehicle 10 must, for example, authenticate by facial scan. Alternatively, settings can also be made without the physical presence in or on the motor vehicle 10 be made, for example using the mobile device 14 and / or the data server device 16 , Is the motor vehicle 10 For example, in Munich, but the main user is in Ingolstadt, he can, for example, using his mobile device 14 Authenticate via a user program ("App"). The authentication feature 30 , the exemplary face scan, or a fingerprint or an iris image, this can be stored in a data memory of the data server device. The main user can then be identified as authorized to make settings, and the function to add a permission condition, for example 26 . 28 can then be released. In other words, the main user may have authenticated himself by the procedure as a registered user and now make the changes.

In such a person-specific authentication feature 30 such as a face scan, iris scan, or fingerprint will allow an identity of the other person to be determined ( S10 ), and such identity may be, for example, with the authorization condition 28 be deposited. Use the other person in the vehicle 10 For example, an engine to the motor vehicle 10 From Munich to Augsburg, this can be determined for example by means of the on-board computer ( S11 ), and for example that the other person drives a maximum of 130 km / h ( S12 ). Such operating parameters as the exemplary speed may be provided by the on-board computer of the motor vehicle 10 be recorded and logged. To log the use of the motor vehicle 10 by the additional person, the authentication device 12 generate a protocol signal ( S13 ) that can describe the operational data and the identified identity. The generated protocol signal may, for example, be sent to the memory device 22 to be stored in a logbook for storage ( S14 ), or for example via a mobile connection to the mobile terminal, for example 14 of the main user ( S14 ). To transmit the generated protocol signal ( S14 ) can, for example, via a in the authentication device 12 implemented push message service, or in response to a request of the main user by means of his mobile terminal 14 ,

Such a live mode allows the main user to always be informed, such as his motor vehicle 10 is being used. Optionally, in such a live mode, a camera image of an indoor camera to the mobile terminal 14 be transmitted.

Overall, the examples illustrate how the invention provides a security assistance system in which the authentication device 12 For example, it can be configured as anti-theft software.

According to a further embodiment, it may be the authentication device 12 , which can be configured, for example, as a safety user program ("safety app"), it becomes a user of the motor vehicle 10 allows a user group to be his motor vehicle 10 For example, you can open and / or start setting up your own person. For the motor vehicle 10 preferably have additional hardware that can ensure identification of the potential driver. Thus it can be activated, for example, that for unlocking the motor vehicle, for example 10 , wherein the motor vehicle system 18 a locking device of the motor vehicle 10 may be, for example, a fingerprint of a released person is necessary, for example, analogous to the technology used to unlock smartphones for capturing the fingerprint. The user can specify in the settings themselves which method or which method he uses to unlock the motor vehicle 10 want to use (for example, only keys, key-fingerprint combination, or just fingerprint).

For example, for starting the engine, the motor vehicle 10 by means of the detection device 20 scan the potential driver and, for example, use a face recognition software to see if it really is a Registered Driver. Again, preferably between the settings can be selected, for example, only key, key / face scan combination; or just face scan.

For example, to add a new person to the allowed driver's circle, it may, for example, be predetermined to identify oneself as a vehicle owner (for example by fingerprint, as well as face scan), as well as physically placing the key in a dedicated lock, for example. Thus, hacking of the security assistance system can be prevented or at least made more difficult. The same can apply, for example, for changing the settings, which identification method, ie which or which authentication steps, is used for opening / starting (key and / or fingerprint and / or face scan).

It may optionally be possible for persons, such as children, merely to open and close the motor vehicle 10 to allow, but not starting the engine. All permissions can be granted, for example, once, temporarily or permanently.

Using the authentication device 12 , which may preferably be configured as an application program of the motor vehicle manufacturer, the vehicle owner can at any time view the settings and the allowed user group. In a live mode, he can also track who is driving where and where with his motor vehicle (possibly a consent of the user group may be provided especially for business use for example departmental vehicles). Additionally or alternatively, he can be informed, for example via a push message, if / if the motor vehicle 10 opened and / or the engine is started. A history, ie a log or logbook, can, for example, allow him to assign the right driver in case of traffic violations.

This can also be done by keeping a logbook completely with the example app.

The technology can also be used in the area of car sharing, for example.

Optionally, for example, new permissions may also be made through the example app, for example, by acknowledging an assumption of a risk that may be hacked by the system, the vehicle owner or vehicle user may also do so after identifying himself and, for example, the Key in the lock provided, activate in the settings.

This results in the advantages already mentioned above.

According to a further embodiment, a technical implementation can take place, for example, in that a fingerprint sensor can be installed in the vicinity of a door handle of the driver's door, and a face scan can be carried out, for example, by means of a camera directed on the driver's seat.

The car 10 may preferably store the data locally, and preferably directly on a data server, preferably a data server device 16 of the motor vehicle manufacturer. If a deviation is detected after a change in an adjustment, the vehicle owner is immediately informed, this can confirm the deviations and thus make the change effective. This further increases safety. The data can be viewed at any time in real time in the motor vehicle 10 , and / or via the example app on a mobile terminal 14 be viewed on a smartphone, or a PC.

For example, to register new permissions, it may be provided that the key is physically placed in a dedicated lock and the user authenticates by face recognition. Subsequently, all settings can be made, for example, in a multimedia interface ("MMI"). A similar process can also take place, for example, during a resale.

QUOTES INCLUDE IN THE DESCRIPTION

This list of the documents listed by the applicant has been generated automatically and is included solely for the better information of the reader. The list is not part of the German patent or utility model application. The DPMA assumes no liability for any errors or omissions.

Cited patent literature

• DE 102014204882 A1 [0005]
• DE 102016004579 A1 [0006]
• DE 102016012787 A1 [0007]

Claims (10)

A method of operating a motor vehicle (10), the method comprising the following steps performed by an authentication device (12): - Providing an authorization condition (26, 28, S1), which specifies a predetermined number of authentication steps, which is necessary for releasing an operating function of a motor vehicle system (18) of the motor vehicle (10), wherein the authorization condition (26, 28) for each authentication step pretending authentication feature (30) Receiving at least one authentication signal from a detection device (20) of the motor vehicle (10), wherein the at least one authentication signal in each case describes an authentication feature (30) (S5), Checking whether an authentication signal describing the respective predetermined authentication feature (30) is present for each of the predetermined authentication steps (S6), if the authorization condition (26, 28) is fulfilled: determining an authorization of the person to use the motor vehicle system (18), Generating a release signal (S8), and - Transmission of the generated enable signal to the motor vehicle system (18, S9). Method according to Claim 1 wherein the authentication feature (30) is one of the following authentication features (30): - an authentication item, preferably a motor vehicle key, or - a biometric feature of the person; preferably wherein the authorization condition (26, 28) specifies at least two authentication steps, wherein the authentication features (30) of the at least two authentication steps are different authentication features (30). Method according to one of the preceding claims, wherein the authorization condition (26, 28) is a person-specific authorization condition (26, 28) and at least one authentication step specifies a biometric feature to be detected as the authentication feature (30). Method according to one of the preceding claims, wherein the operating function is a programming function of the authentication device (12) for specifying the authorization condition (26, 28). Method according to one of the preceding claims, comprising the following steps carried out by the authentication device (12): Determining an identity of the person currently using the motor vehicle (10) on the basis of one of the authentication features (30, S10), Determining the motor vehicle function currently used by the person (S11), Determining an operating parameter of the motor vehicle system currently being used by the person (18, S12), Generating a protocol signal, which in each case describes information about the detected person, the detected motor vehicle function and the determined operating parameter (S13), and - Transmission of the generated protocol signal to a predetermined mobile terminal (14) and / or to a memory device (22, S14). Authentication device (12) adapted to perform a method of Claims 1 to 5 perform. A storage medium having a program code that is set up, when executed by a processor device (24), a method according to one of Claims 1 to 5 perform. Motor vehicle (10), comprising an authentication device (12) according to Claim 6 and / or a storage medium Claim 7 , Mobile, portable terminal (14), comprising an authentication device (12) according to Claim 6 and / or a storage medium Claim 7 , Data server (16) for operating on the Internet, comprising an authentication device (12) according to Claim 6 and / or a storage medium Claim 7 ,

Images