JP2015153258A - Vehicle-purposed personal authentication system and vehicle-purposed personal authentication method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To protect security of a vehicle, and improve convenience.SOLUTION: A vehicle-purposed personal authentication system 10 comprises: a vehicle 200; and a smart key 100 controlling the vehicle 200, and authenticates an operator that operates the smart key 100. The smart key 100 comprises a voice acquisition unit 111 that acquires a voice, and the vehicle 200 comprises an apparatus authentication unit 221 that authenticates the smart key 100 and the vehicle 200; a personal authentication unit 222 that performs personal authentication of an operator when an apparatus authentication is succeeded; and an execution unit 260 that executes processing corresponding to a command generated based on the voice acquired by the voice acquisition unit 111 when the personal authentication is succeeded. The personal authentication unit 222 is configured to select one authentication mode from at least two authentication modes different in authentication intensity on the basis of the command generated based on the voice acquired by the voice acquisition unit 111, and perform the personal authentication on the basis of the selected authentication mode.

Description

  The present disclosure relates to a vehicle personal authentication system and a vehicle personal authentication method for authenticating an individual who uses a vehicle.

  Conventionally, immobilizers are known as devices for preventing theft of automobiles. The immobilizer compares the ID of the electronic key with the ID of the automobile, thereby making it impossible to start the engine except for a dedicated key with a matching ID. However, the conventional immobilizer has a problem that if the electronic key is stolen, the car is easily stolen.

  On the other hand, Patent Literature 1 and Patent Literature 2 disclose an authentication system that authenticates an original owner of an electronic key and a vehicle by biometric authentication. This makes car theft more difficult and increases the security of the car.

JP 2003-182528 A JP 2000-305586 A

  The present disclosure provides a vehicle personal authentication system and a vehicle personal authentication method capable of improving convenience while maintaining vehicle security.

  In order to solve the above problem, a vehicle personal authentication system according to the present disclosure includes a vehicle and an electronic key that controls the vehicle, and is a vehicle personal authentication system that authenticates an operator who operates the electronic key, The electronic key includes a voice acquisition unit that acquires voice, the vehicle includes a device authentication unit that performs device authentication between the electronic key and the vehicle, and a personal authentication unit that performs personal authentication of the operator when the device authentication is successful. And an execution unit that executes processing according to a command generated based on the voice acquired by the voice acquisition unit when the personal authentication is successful, and the personal authentication unit converts the voice acquired by the voice acquisition unit Based on the generated command, one of at least two authentication modes having different authentication strengths is selected, and personal authentication is performed based on the selected authentication mode.

  According to the present disclosure, it is possible to provide a vehicle personal authentication system and a vehicle personal authentication method capable of enhancing convenience while maintaining vehicle security.

It is the schematic which shows an example of the personal authentication system for vehicles which concerns on embodiment. It is a general | schematic perspective view which shows an example of the electronic key which concerns on embodiment. It is a functional block diagram which shows an example of the personal authentication system for vehicles which concerns on embodiment. It is a figure which shows an example of the classification of the personal authentication which concerns on embodiment. It is a figure which shows an example of the personal authentication data which the vehicle which concerns on embodiment memorize | stores. It is a figure which shows an example of the personal authentication data which the server apparatus which concerns on embodiment memorize | stores. It is a figure which shows another example of the personal authentication data which the server apparatus which concerns on embodiment memorize | stores. It is a figure which shows an example of the authentication mode of the personal authentication which concerns on embodiment. It is a figure which shows an example of the correspondence of the command which concerns on embodiment, and authentication strength. It is a flowchart which shows an example of operation | movement of the personal authentication system for vehicles which concerns on embodiment. 5 is a flowchart illustrating an example of an operation for performing personal authentication in a first authentication mode in the vehicle personal authentication system according to the embodiment. It is a flowchart which shows an example of the operation | movement which performs a personal authentication in 2nd authentication mode in the vehicle personal authentication system which concerns on embodiment. It is a flowchart which shows an example of the operation | movement which cancels | releases security in the vehicle personal authentication system which concerns on embodiment. It is a flowchart which shows an example of the operation | movement which registers a new user in the vehicle personal authentication system which concerns on embodiment. It is a flowchart which shows an example of the operation | movement which repeats personal authentication in the vehicle personal authentication system which concerns on embodiment.

  The present inventor has found that the following problems occur with respect to the conventional authentication system described in the “Background Art” column.

  For example, even if it is the original owner of an electronic key and a car, if biometric authentication fails for some reason, the car may not be operated. For example, in the case of voiceprint authentication, there is a possibility that authentication cannot be performed correctly when the person himself has a cold. In the case of fingerprint authentication, there is a possibility that fingerprint authentication cannot be performed in the first place when a finger is injured.

  Therefore, in order to solve such a problem, the present disclosure provides a vehicle personal authentication system and a vehicle personal authentication method that can improve convenience while maintaining vehicle security.

  Hereinafter, embodiments will be described in detail with reference to the drawings as appropriate. However, more detailed explanation than necessary may be omitted. For example, detailed descriptions of already well-known matters and overlapping descriptions for substantially the same configuration may be omitted. This is to avoid the following description from becoming unnecessarily redundant and to facilitate understanding by those skilled in the art.

  In addition, the inventors provide the accompanying drawings and the following description in order for those skilled in the art to fully understand the present disclosure, and these are intended to limit the subject matter described in the claims. is not.

  Each figure is a mimetic diagram and is not necessarily illustrated strictly. Moreover, in each figure, the same code | symbol is attached | subjected about the same structural member.

(Embodiment)
[1. Overview of vehicle personal authentication system]
First, the outline | summary of the vehicle personal authentication system which concerns on this Embodiment is demonstrated using FIG. FIG. 1 is a schematic diagram showing a vehicle personal authentication system 10 according to the present embodiment.

  As shown in FIG. 1, the vehicle personal authentication system 10 includes a smart key 100, a vehicle 200, a cloud server 300, and a mobile phone 410 possessed by a registrant 400. The vehicle personal authentication system 10 is a system for authenticating an operator who operates the smart key 100. The smart key 100, the vehicle 200, and the cloud server 300 can communicate with each other via a network.

  The smart key 100 is an example of an electronic key that controls the vehicle 200. The smart key 100 is, for example, an electronic key that can communicate with the vehicle 200 and is unique to the vehicle 200. Specifically, the smart key 100 causes the vehicle 200 to execute a predetermined process.

  Smart key 100 communicates directly or indirectly with vehicle 200. For example, when the distance to the vehicle 200 is short, direct communication with the vehicle 200 is possible. Further, the smart key 100 can communicate with the vehicle 200 via the cloud server 300 when the distance to the vehicle 200 is long.

  FIG. 2 is a schematic perspective view showing the smart key 100 according to the present embodiment. The smart key 100 is a wearable device, for example, and is a pendant type electronic device as shown in FIG. Alternatively, the smart key 100 may be a wristwatch type device. Thereby, hands-free can be implement | achieved and the convenience can be improved.

  The smart key 100 may not be a wearable device, and may be a device that can be grasped by a hand, such as a mobile phone. Or what added the function of this indication to the inside of the conventional vehicle key may be used.

  The vehicle 200 communicates with the smart key 100 to execute a predetermined process based on an instruction from the smart key 100. The vehicle 200 is, for example, an automobile. Specifically, the vehicle 200 is a four-wheeled vehicle or more, but may be a two-wheeled vehicle (motorcycle).

  The cloud server 300 is an example of a server device that can communicate with the vehicle 200 and the smart key 100. The cloud server 300 supports communication between the vehicle 200 and the smart key 100 by functioning as a relay device when the vehicle 200 and the smart key 100 cannot communicate directly.

  Also, the cloud server 300 notifies the registrant 400. Specifically, the cloud server 300 notifies the mobile phone 410 possessed by the registrant 400 of a message or the like.

  The registrant 400 is a person who has a legitimate authority to operate the vehicle 200. In other words, the registrant 400 is the original owner of the vehicle 200 and the smart key 100. The registrant 400 is associated with the smart key 100.

  The registrant 400 possesses a mobile terminal such as the mobile phone 410, for example. In addition, the registrant 400 may manage communication terminals, such as an equipped computer, instead of having a portable terminal.

  In a normal case, the operator who operates the smart key 100 is the registrant 400. When the smart key 100 is stolen, the operator who operates the smart key 100 is not the registrant 400.

[2. Detailed configuration of vehicle personal authentication system]
Next, a detailed configuration of the vehicle personal authentication system 10 according to the present embodiment will be described with reference to FIG. FIG. 3 is a functional block diagram showing the vehicle personal authentication system 10 according to the present embodiment.

[2-1. Smart key (electronic key)]
First, a detailed configuration of the smart key 100 will be described.

  As shown in FIG. 3, the smart key 100 includes a sensor unit 110, a storage unit 120, and a communication unit 130.

[2-1-1. Sensor unit]
The sensor unit 110 detects an action of an operator who operates the smart key 100. The sensor unit 110 includes a voice acquisition unit 111 and a fingerprint acquisition unit 112.

  The sound acquisition unit 111 is a microphone, for example, and acquires sound. Specifically, the voice acquisition unit 111 acquires a voice uttered by the operator of the smart key 100. The acquired voice may be not only a clear instruction to the vehicle 200 but also a part of a conversation or tweet made by the operator.

  Note that the operator of the smart key 100 is not limited to the person wearing the smart key 100. For example, when the person wearing the smart key 100 is sitting in the driver's seat, the operator may be a person sitting in the passenger seat. That is, the voice acquisition unit 111 may acquire a voice uttered by a person sitting in the passenger seat.

  The fingerprint acquisition unit 112 is a fingerprint sensor, for example, and acquires fingerprint data of the operator of the smart key 100.

  The voice and fingerprint data acquired by the sensor unit 110 are transmitted to the vehicle 200 or the cloud server 300 via the communication unit 130. The sensor unit 110 may include a photographing unit (image acquisition unit) such as a camera unit.

[2-1-2. Storage unit]
The storage unit 120 is a memory that stores the smart key authentication ID 121. For example, the storage unit 120 is a nonvolatile semiconductor memory.

  The smart key authentication ID 121 is a unique ID assigned to the smart key 100. The smart key authentication ID 121 is used for device authentication between the vehicle 200 and the smart key 100. The smart key authentication ID 121 preferably has high tamper resistance.

[2-1-3. Communication Department]
The communication unit 130 communicates with the vehicle 200 and the cloud server 300. The communication unit 130 includes a short-range communication module 131 and a cellular communication module 132.

  The communication unit 130 transmits the acquired voice and fingerprint data and the smart key authentication ID 121 to the vehicle 200 or the cloud server 300 using the short-range communication module 131 or the cellular communication module 132.

  The short-range communication module 131 is a wireless communication module used for communication with the vehicle 200. The short-range communication module 131 is used, for example, when the smart key 100 and the vehicle 200 are located within a predetermined distance. For example, the short-range communication module 131 is a Bluetooth (registered trademark) module, an NFC (Near Field Communication) module, an infrared communication module, or the like.

  The cellular communication module 132 is a wireless communication module used for communication with the vehicle 200 or the cloud server 300. The cellular communication module 132 is used, for example, when the smart key 100 and the vehicle 200 are located away from a predetermined distance, specifically, when short-range communication cannot be used.

  The cellular communication module 132 is a wireless communication module using a cellular system. The cellular communication module 132 performs communication based on a standard such as 3G or LTE (Long Term Evolution), for example.

  The communication unit 130 may include a wireless communication module using a wireless LAN (Local Area Network) such as WiFi.

[2-2. vehicle]
Next, a detailed configuration of the vehicle 200 will be described.

  As illustrated in FIG. 3, the vehicle 200 includes a voice analysis unit 210, an authentication unit 220, a storage unit 230, a sensor unit 240, a communication unit 250, and an execution unit 260.

[2-2-1. Speech analysis unit]
The voice analysis unit 210 generates a command by analyzing the voice acquired by the voice acquisition unit 111 of the smart key 100. The command is an instruction indicating contents to be executed by the vehicle 200. For example, the voice analysis unit 210 generates a command corresponding to the instruction by analyzing an explicit instruction included in the voice acquired by the voice acquisition unit 111. Specifically, the voice analysis unit 210 analyzes voices such as “start the engine”, “open the door”, and “tell me the remaining fuel”, so that “engine start”, “door” Commands for instructing "unlocking", "presenting the remaining amount of fuel", and the like.

  Note that the voice analysis unit 210 may be provided in the cloud server 300. In this form, the vehicle 200 transmits to the cloud server 300 a signal based on the voice acquired by the voice acquisition unit 111 or the voice acquired by the voice acquisition unit 111 via the communication unit 250. And the vehicle 200 receives the result from which the cloud server 300 analyzed the audio | voice from the cloud server 300. FIG.

  Note that the voice analysis unit 210 may generate a command not only when the voice includes an explicit instruction but also by analyzing the voice including an implicit instruction. For example, the voice analysis unit 210 may generate a command such as “in-vehicle air conditioning setting (lower temperature)” by analyzing tweets such as “hot” issued by the operator of the smart key 100.

  The voice analysis unit 210 may be realized by software such as a program, or may be realized by hardware such as an electronic circuit. For example, the voice analysis unit 210 can be realized by a microcomputer or the like.

[2-2-2. Authentication section]
The authentication unit 220 performs device authentication and personal authentication. The authentication unit 220 includes a device authentication unit 221 and a personal authentication unit 222.

  The device authentication unit 221 performs device authentication between the smart key 100 and the vehicle 200. The device authentication is to confirm that the smart key 100 is valid as an electronic key for controlling the vehicle 200.

  Specifically, the device authentication unit 221 determines whether the smart key authentication ID 121 acquired from the smart key 100 via the communication units 130 and 250 matches the smart key authentication ID 231 stored in the vehicle 200. . If the smart key authentication IDs 121 and 231 match, the device authentication is successful. If the smart key authentication IDs 121 and 231 do not match, the device authentication has failed.

  The device authentication unit 221 starts device authentication at a predetermined timing. For example, the device authentication unit 221 starts device authentication when the sound acquisition unit 111 acquires sound. Specifically, the communication units 130 and 250 start communication triggered by the sound acquisition unit 111 acquiring sound, and the device authentication unit 221 starts device authentication when the communication starts. Alternatively, the device authentication unit 221 may start device authentication triggered by pressing of a physical button included in the smart key 100.

  The personal authentication unit 222 performs personal authentication of the operator of the smart key 100 when the device authentication is successful. The personal authentication is to confirm that the operator of the smart key 100 is the registrant 400 associated with the smart key 100.

  Specifically, the personal authentication unit 222 determines whether the voice and fingerprint data acquired from the sensor unit 110 or 240 matches the personal authentication data 232 stored in the vehicle 200. If the data acquired from the sensor unit 110 or 240 matches the personal authentication data 232, the personal authentication is successful. If the data acquired from the sensor unit 110 or 240 and the personal authentication data 232 do not match, personal authentication has failed.

  At this time, the personal authentication unit 222 selects one of at least two authentication modes having different authentication strengths based on the command generated by the voice analysis unit 210, and performs personal authentication based on the selected authentication mode. The command is assigned the strength of authentication strength required according to its type. Therefore, the personal authentication unit 222 selects one of at least two authentication modes based on the strength of authentication strength requested by the command.

  Details of personal authentication such as the authentication mode and authentication strength will be described later.

  The device authentication unit 221 and the personal authentication unit 222 may be realized by software such as a program, or may be realized by hardware such as an electronic circuit. For example, the device authentication unit 221 and the personal authentication unit 222 can be realized by a microcomputer or the like.

[2-2-3. Storage unit]
The storage unit 230 is a recording medium such as a memory or HDD (Hard Disk Drive) that stores the smart key authentication ID 231 and the personal authentication data 232. For example, the storage unit 230 is a nonvolatile semiconductor memory.

  The smart key authentication ID 231 is a unique ID assigned to the smart key 100. The smart key authentication ID 231 is used for device authentication between the vehicle 200 and the smart key 100.

  The personal authentication data 232 is data indicating personal information of the registrant 400, and is data indicating characteristics that are generally unique to the registrant. The personal authentication data 232 is used for personal authentication of the operator of the smart key 100.

  The smart key authentication ID 231 and the personal authentication data 232 preferably have high tamper resistance.

[2-2-4. Sensor unit]
The sensor unit 240 detects the behavior of the operator of the smart key 100. The sensor unit 240 includes an audio acquisition unit 241, a fingerprint acquisition unit 242, and an imaging unit 243.

  The sound acquisition unit 241 is, for example, a microphone and acquires sound. Specifically, the voice acquisition unit 111 acquires a voice uttered by an operator of the smart key 100, for example, a person existing in the vehicle 200. The acquired voice may be not only a clear instruction to the vehicle 200 but also a part of a conversation or tweet made by the operator.

  The fingerprint acquisition unit 242 is, for example, a fingerprint sensor, and acquires fingerprint data of the operator of the smart key 100. For example, the fingerprint sensor is provided on a door knob or a handle.

  The imaging unit 243 is, for example, a camera unit, and performs imaging for acquiring the face data and iris data of the operator of the smart key 100. For example, the camera unit is provided so as to photograph the inside of the vehicle 200. Since the operator of the smart key 100 is often a driver who drives the vehicle 200, the camera unit is preferably provided at a position where the driver's face can be photographed.

[2-2-5. Communication Department]
The communication unit 250 communicates with the smart key 100 and the cloud server 300. The communication unit 250 includes a short-range communication module 251 and a cellular communication module 252.

  The communication unit 250 receives the voice and fingerprint data and the smart key authentication ID 121 from the smart key 100 using the short-range communication module 251 or the cellular communication module 252. At this time, the communication unit 250 may receive voice or the like from the smart key 100 via the cloud server 300.

  The near field communication module 251 is a wireless communication module used for communication with the smart key 100. The near field communication module 251 performs communication according to the same standard as the near field communication module 131 of the smart key 100.

  The cellular communication module 252 is a wireless communication module used for communication with the smart key 100 or the cloud server 300. For example, the cellular communication module 252 performs communication according to the same standard as the cellular communication module 132 of the smart key 100.

  Note that the communication unit 250 may include a wireless communication module using a wireless LAN such as WiFi.

[2-2-6. Execution unit]
The execution unit 260 executes processing according to the command generated by the voice analysis unit 210 when the personal authentication is successful. Specifically, based on commands instructing “starting the engine”, “unlocking the door”, “presenting the remaining amount of fuel”, the execution unit 260 “starts the engine of the vehicle 200”, “ Processing such as “opening the door of the vehicle 200” and “presenting the remaining fuel amount of the vehicle 200” is executed.

  Note that the “engine start” process does not have to be the process that actually puts the engine into the idle state, but the engine itself is stopped, but when the accelerator is depressed, the engine is immediately shifted to the standby state. It may be processed. Further, the electric vehicle may be in a standby state in which the power is turned on and the vehicle 200 can move. In addition to the state where the engine is started, these states are defined as standby states.

  In the process of “presenting the remaining amount of fuel”, for example, the execution unit 260 may display information indicating the remaining amount of fuel on a display included in the vehicle 200. Alternatively, the execution unit 260 may cause the smart key 100 to output information indicating the remaining amount of fuel by voice. The command and the process to be performed are associated with each other in advance and managed in the storage unit 230 or the like.

[2-3. Cloud server (server device)]
Next, a detailed configuration of the cloud server 300 will be described.

  As illustrated in FIG. 3, the cloud server 300 includes a storage unit 310, a communication unit 320, and a control unit 330.

[2-3-1. Storage unit]
The storage unit 310 is a memory that stores personal authentication data 311. For example, the storage unit 310 is a recording medium such as a nonvolatile semiconductor memory or an HDD.

  The personal authentication data 311 is data indicating personal information of the registrant 400, and is data indicating characteristics that are generally unique to the registrant. The personal authentication data 311 is data including the personal authentication data 232 stored in the vehicle 200, for example, the same data as the personal authentication data 232. The personal authentication data 311 preferably has high tamper resistance.

[2-3-2. Communication Department]
The communication unit 320 communicates with the smart key 100, the vehicle 200, and the mobile phone 410 through the Internet or the like.

  The communication unit 320 receives the voice and fingerprint data and the smart key authentication ID 121 from the smart key 100 and transmits them to the vehicle 200. That is, the cloud server 300 functions as a relay device that relays communication between the smart key 100 and the vehicle 200.

  Further, the communication unit 320 communicates with the mobile phone 410 to notify the registrant 400 or receive a notification from the registrant 400. Communication unit 320 transmits notification received from mobile phone 410 of registrant 400 to vehicle 200 or smart key 100.

[2-3-3. Control unit]
The control unit 330 controls the operation of the cloud server 300. For example, the control unit 330 notifies the registrant 400 via the communication unit 320 based on an instruction from the vehicle 200 or the smart key 100. For example, the control unit 330 notifies the registrant 400 that personal authentication has failed based on an instruction from the vehicle 200. Specifically, control unit 330 transmits an email indicating that personal authentication has failed to mobile phone 410 or places a call to mobile phone 410 indicating that personal authentication has failed.

  For example, the notification indicating that the personal authentication has failed includes information indicating the time and place where the personal authentication failed, a command that triggered the personal authentication, and the like. As a result, the registrant 400 that has received the notification can know when, where, and what process the personal authentication has failed to perform.

  Note that the control unit 330 may notify an installed computer managed by the registrant 400 instead of the mobile phone 410. The control unit 330 notifies a device managed by the registrant 400 other than the smart key 100.

  The control unit 330 is a processor such as a CPU (Central Processing Unit), for example.

[3. Personal authentication]
Next, personal authentication performed by the personal authentication unit 222 will be described with reference to FIGS.

[3-1. Personal authentication type]
First, personal authentication types will be described with reference to FIG. FIG. 4 is a diagram showing an example of the type of personal authentication according to the present embodiment.

  In this embodiment, biometric authentication is used as personal authentication. That is, the personal authentication unit 222 acquires the biometric information of the operator of the smart key 100 and determines whether the acquired biometric information matches the personal authentication data 232.

  Specifically, the personal authentication unit 222 can perform a plurality of biometric authentications. As shown in FIG. 4, the personal authentication unit 222 performs at least one of voice print authentication, fingerprint authentication, face authentication, and iris authentication as personal authentication. The plurality of biometric authentications are not limited to these, and may include, for example, vein authentication.

[3-2. Personal authentication data]
Next, personal authentication data will be described with reference to FIGS.

  FIG. 5 is a diagram showing an example of the personal authentication data 232 stored in the vehicle 200 according to the present embodiment. 6A and 6B are diagrams illustrating an example of the personal authentication data 311 stored in the cloud server 300 according to the present embodiment.

  In the present embodiment, as shown in FIG. 4, the personal authentication unit 222 performs voiceprint authentication, fingerprint authentication, face authentication, and iris authentication. Therefore, as shown in FIG. 5, the personal authentication data 232 includes voiceprint data, fingerprint data, face data, and iris data. Note that “user A” in FIG. 5 is a user ID for identifying the registrant 400.

  For example, when performing voiceprint authentication, the personal authentication unit 222 receives voice acquired by the voice acquisition unit 111 of the smart key 100 or the voice acquisition unit 241 of the vehicle 200, and generates voiceprint data from the received voice. Then, the personal authentication unit 222 determines whether the generated voice print data matches the voice print data included in the personal authentication data 232. If they match, the voiceprint authentication is successful, and if they do not match, the voiceprint authentication fails.

  Here, the matching of the voiceprint data may include not only the case where the two data completely match, but also the case where the ratio (matching rate) between the two data is equal to or greater than a predetermined threshold. For example, the personal authentication unit 222 may determine that the voice print authentication is successful when the generated voice print data and the voice print data included in the personal authentication data 232 match 80% or more. The same applies to fingerprint authentication, face authentication, and iris authentication.

  Note that the personal authentication unit 222 may request the operator for a predetermined phrase for voiceprint authentication in order to improve the accuracy of voiceprint authentication.

  When performing fingerprint authentication, the personal authentication unit 222 receives fingerprint data acquired by the fingerprint acquisition unit 112 of the smart key 100 or the fingerprint acquisition unit 242 of the vehicle 200. The personal authentication unit 222 determines whether or not the received fingerprint data matches the fingerprint data included in the personal authentication data 232. If they match, the fingerprint authentication is successful, and if they do not match, the fingerprint authentication fails.

  Further, when performing face authentication, the personal authentication unit 222 receives an image acquired by the imaging unit 243 of the vehicle 200 and generates face data from the received image. The face data is, for example, three-dimensional position data of feature parts of the face such as eyes or ears. The personal authentication unit 222 determines whether the generated face data matches the face data included in the personal authentication data 232. If they match, face authentication is successful, and if they do not match, face authentication fails.

  When performing iris authentication, the personal authentication unit 222 receives an image acquired by the imaging unit 243 of the vehicle 200 and generates iris data from the received image. The personal authentication unit 222 determines whether the generated iris data matches the iris data included in the personal authentication data 232. If they match, the iris authentication is successful, and if they do not match, the iris authentication fails.

  6A, the personal authentication data 311 stored in the cloud server 300 includes the same data as the personal authentication data 232 stored in the vehicle 200. Furthermore, the personal authentication data 311 includes contact information.

  The contact information is, for example, the e-mail address of the registrant 400 or the telephone number of the mobile phone 410. The contact information is used when notifying the registrant 400 that the personal authentication has failed.

  The personal authentication data 232 may include contact information.

  In addition, as shown in FIG. 6B, a plurality of users can be registered. In the example illustrated in FIG. 6B, “user A” and “user B” correspond to persons who have a legitimate authority to operate the vehicle 200.

[3-3. Personal authentication mode]
Next, an authentication mode for personal authentication will be described with reference to FIG. FIG. 7 is a diagram showing an example of an authentication mode for personal authentication according to the present embodiment.

  As described above, the personal authentication unit 222 selects one from at least two authentication modes. In the present embodiment, as shown in FIG. 7, at least two authentication modes include a first authentication mode, a second authentication mode, and a third authentication mode. The first authentication mode, the second authentication mode, and the third authentication mode have different authentication strengths.

  The authentication strength is a parameter indicating the severity of personal authentication. Specifically, the authentication strength is a parameter indicating the severity of conditions for successful personal authentication. For example, the stronger the authentication strength, the more difficult the condition for personal authentication succeeds, and the weaker the authentication strength, the milder the condition for successful personal authentication.

  For example, the authentication strength is represented by the number of successful biometric authentications. The authentication strength corresponds to the number of successful biometric authentications that serve as a threshold for determining success or failure of personal authentication when performing multiple biometric authentications. Specifically, the greater the number of successful biometric authentications among voiceprint authentication, fingerprint authentication, face authentication, and iris authentication, the higher the authentication strength, and the lower the number of successful biometric authentications, the lower the authentication strength.

  The first authentication mode is an authentication mode with relatively strong authentication strength. For example, the condition for successful personal authentication in the first authentication mode is that at least two of the plurality of biometric authentications succeed. Specifically, in the first authentication mode, personal authentication succeeds when at least two of voice print authentication, fingerprint authentication, face authentication, and iris authentication succeed.

  For example, in the first authentication mode, the personal authentication unit 222 performs all of voice print authentication, fingerprint authentication, face authentication, and iris authentication, and determines that the personal authentication is successful when at least two are successful. Alternatively, the personal authentication unit 222 may perform voice print authentication, fingerprint authentication, face authentication, and iris authentication in this order, and determine that the personal authentication is successful when the two biometric authentications are successful.

  The second authentication mode is an authentication mode with relatively weak authentication strength. For example, the condition for successful personal authentication in the second authentication mode is that at least one of a plurality of biometric authentications succeeds. Specifically, in the second authentication mode, personal authentication is successful when at least one of voiceprint authentication, fingerprint authentication, face authentication, and iris authentication is successful.

  For example, the personal authentication unit 222 performs voice print authentication, fingerprint authentication, face authentication, and iris authentication in this order, and determines that personal authentication is successful when one biometric authentication is successful. Alternatively, the personal authentication unit 222 may perform all of voice print authentication, fingerprint authentication, face authentication, and iris authentication in the second authentication mode, and may determine that the personal authentication is successful when at least one succeeds.

  The third authentication mode is an authentication mode whose authentication strength is “0”. In other words, the third authentication mode is an authentication mode with the weakest authentication strength. For example, the conditions for successful personal authentication in the third authentication mode are all cases. That is, in the third authentication mode, personal authentication is successful in all cases. In other words, the personal authentication unit 222 does not have to perform biometric authentication when the third authentication mode is selected.

  Although three authentication modes are shown as an example, four or more authentication modes may be used.

[3-4. Command and authentication strength]
Next, the correspondence between commands and authentication strength will be described with reference to FIG. FIG. 8 is a diagram illustrating an example of a correspondence relationship between commands and authentication strengths according to the present embodiment.

  In the present embodiment, as shown in FIG. 8, the authentication strength is shown in three stages of “strong”, “weak”, and “0”. For example, a command whose authentication strength is “strong” is a command that requires personal authentication. A command whose authentication strength is “weak” is a command for which personal authentication is desirable. A command with an authentication strength of “0” is a command that does not require personal authentication. In accordance with the type of command, authentication strength is associated with each command in advance. Specifically, each command is associated with an authentication strength of the required strength.

  Specifically, “strong” is assigned as the authentication strength to the commands “engine start”, “cancel personal authentication”, and “new user registration”. “Weak” is assigned as the authentication strength to the commands “door unlocking”, “in-vehicle air conditioning setting”, “lighting on / off”, and “opening / closing of the fuel filler opening”. “0” is assigned as the authentication strength to the commands “present fuel amount” and “car navigation system setting”.

  Therefore, according to the correspondence relationship shown in FIGS. 7 and 8, for example, the personal authentication unit 222 selects the first authentication mode when the command instructs to start the engine of the vehicle 200. Further, the personal authentication unit 222 selects the second authentication mode when the command instructs to unlock the door of the vehicle 200. Further, the personal authentication unit 222 selects the third authentication mode when the command instructs the presentation of the remaining amount of fuel of the vehicle 200. The same applies to other commands.

  Note that the type of command and the correspondence between the command and the authentication strength are merely examples, and are not limited thereto.

  For example, the authentication strength can be indicated by a numerical value. Specifically, as the authentication strength, one numerical value included in a predetermined range (for example, “0” to “100”) can be set for the command.

  At this time, it is only necessary to assign a section obtained by dividing a predetermined range by a predetermined threshold as the authentication strength to the plurality of authentication modes. For example, “0” to “20” as authentication strengths in the third authentication mode, “20” to “60” as authentication strengths in the second authentication mode, and “60” as authentication strengths in the first authentication mode. "To" 100 "are assigned respectively. In this case, for example, when the authentication strength set to “door unlocking” is “50”, the second authentication mode is selected.

  In this manner, by setting the authentication strength with a numerical value for the command, for example, an authentication mode can be easily added. For example, when the fourth authentication mode is added, the command and the authentication mode can be associated with each other only by changing the authentication strength section assigned to each authentication mode.

  Further, instead of associating the command with the authentication strength, the command may be associated with the authentication mode.

[4. Operation of vehicle personal authentication system]
Next, the operation of the vehicle personal authentication system 10 according to the present embodiment, that is, the vehicle personal authentication method will be described with reference to the drawings.

[4-1. Authentication]
FIG. 9 is a flowchart showing an example of the operation of the vehicle personal authentication system 10 according to the present embodiment.

  First, when the voice acquisition unit 111 of the smart key 100 acquires voice, the vehicle personal authentication method according to the present embodiment is started (S100). For example, when the operator of the smart key 100 inputs voice to the smart key 100, the vehicle personal authentication method is started. Specifically, the operator utters voices such as “start the engine” and “open the door” toward the smart key 100.

  Next, using the voice acquisition unit 111 as a trigger, the communication units 130 and 250 start communication, and the device authentication unit 221 performs device authentication between the smart key 100 and the vehicle 200 (S110). Specifically, the device authentication unit 221 acquires the smart key authentication ID 121 from the smart key 100 via the communication units 130 and 250, and the acquired smart key authentication ID 121 and the smart key authentication stored in the storage unit 230. It is determined whether or not the ID 231 matches.

  When the device authentication fails (No in S120), the vehicle personal authentication method according to the present embodiment ends.

  At this time, the device authentication unit 221 may notify the registrant 400 that the device authentication has failed via the cloud server 300. Thereby, it is possible to notify the registrant 400 that a person possessing an unauthorized electronic key is about to operate the vehicle 200.

  When the device authentication is successful (Yes in S120), the voice acquisition unit 111 transmits the input voice to the vehicle 200 via the communication unit 130 (S130). In addition, you may transmit the audio | voice to the vehicle 200 before apparatus authentication.

  Next, the voice analysis unit 210 generates a command by analyzing the voice received from the smart key 100 (S140). Then, the personal authentication unit 222 determines the type of command generated by the voice analysis unit 210 (S150). Specifically, the personal authentication unit 222 determines the authentication strength associated with the command, and selects an authentication mode corresponding to the determined authentication strength.

  When the authentication strength associated with the command is “strong” (“command requiring personal authentication” in S150), the personal authentication unit 222 selects the first authentication mode (S160). For example, as shown in FIG. 8, in the case of a command that instructs “engine start”, since the authentication strength set in the command is “strong”, the personal authentication unit 222 selects the first authentication mode. . The subsequent processing will be described later with reference to FIG.

  When the authentication strength associated with the command is “weak” (“command for which personal authentication is desirable” in S150), the personal authentication unit 222 selects the second authentication mode (S170). For example, as shown in FIG. 8, in the case of a command for instructing “unlock door”, the authentication strength set in the command is “weak”, so the personal authentication unit 222 selects the second authentication mode. To do. Subsequent processing will be described later with reference to FIG.

  If the authentication strength associated with the command is “0” (“command that does not require personal authentication” in S150), the personal authentication unit 222 selects the third authentication mode (S180). For example, as shown in FIG. 8, in the case of a command for instructing “presentation of remaining amount of fuel”, the authentication strength set in the command is “0”. select.

  In the third authentication mode, personal authentication is successful in all cases. That is, the personal authentication unit 222 can cause the execution unit 260 to execute processing without performing a plurality of biometric authentications. Accordingly, the execution unit 260 executes a process according to the command, for example, a process such as “presenting the remaining amount of fuel” (S190).

  As a result, the third authentication mode is selected for processes that are not disadvantageous to the registrant 400 such as theft of a car, and personal authentication can be omitted. Even if the personal authentication is not performed, since the executed process is not disadvantageous for the registrant 400, the convenience of the vehicle can be improved while maintaining the security of the vehicle.

[4-1-1. First authentication mode]
Next, the operation when the first authentication mode is selected will be described with reference to FIG. FIG. 10 is a flowchart showing an example of an operation for performing personal authentication in the first authentication mode in the vehicle personal authentication system 10 according to the present embodiment.

  After the first authentication mode is selected in step S160 shown in FIG. 9, the personal authentication unit 222 performs personal authentication based on the selected first authentication mode (S200). For example, the personal authentication unit 222 performs four types of biometric authentication: voiceprint authentication, fingerprint authentication, face authentication, and iris authentication.

  When at least two of the four biometric authentications succeed (Yes in S210), the execution unit 260 executes a process according to the command, for example, a process such as “start the engine” (S220).

  If at least two of the four biometric authentications have not succeeded (No in S210), that is, if the personal authentication has failed, the personal authentication unit 222 indicates that the personal authentication has failed via the communication unit 250 in the cloud. The server 300 is notified (S230). Then, the cloud server 300 notifies the registrant 400 that the personal authentication has failed via the communication unit 320 (S240). For example, the control unit 330 refers to the contact information in the personal authentication data 311 and transmits a mail to the mail address or the like indicated by the contact information, thereby notifying the mobile phone 410 or the like possessed by the registrant 400. Do.

  In this manner, the personal authentication unit 222 notifies the registrant 400 associated with the smart key 100 via the cloud server 300 when the personal authentication fails. Thereby, the registrant 400 can know that the personal authentication has failed.

  Upon receiving the notification, the registrant 400 can select whether to permit or reject the execution of the process according to the command that triggered the failed personal authentication (S250). For example, the registrant 400 can permit the execution of the process when the failed personal authentication is memorized, such as when the failed personal authentication is performed by itself (Yes in S250). In response to the permission notice from the registrant 400, the personal authentication unit 222 causes the execution unit 260 to execute processing (S220).

  As described above, when the personal authentication unit 222 receives a permission notification that permits processing according to the command after the notification to the registrant 400 even when the personal authentication fails, the execution unit 260 causes the process to be executed. Thereby, even if the personal authentication fails, permission can be obtained from the registrant 400 via another route, so that convenience can be improved while maintaining security.

  In addition, the registrant 400 can refuse to execute the process when the smart key 100 is stolen or the like and does not remember the failed personal authentication (No in S250). When execution of the process is rejected by the registrant 400, the execution unit 260 does not execute the process according to the command. At this time, the execution unit 260 may perform processing such as sounding an alert sound or reporting to a security company.

  If there is no response from the registrant 400 even after a certain period of time has elapsed (“No response” in S250), the personal authentication unit 222 performs password authentication (S260). For example, the personal authentication unit 222 displays a password input screen on a display included in the vehicle 200. Alternatively, the personal authentication unit 222 may request the operator of the smart key 100 to input a password by voice. The password is an example of a predetermined authentication code.

  When the password authentication is successful (Yes in S270), the personal authentication unit 222 causes the execution unit 260 to execute processing (S220). When the password authentication fails (No in S270), the execution unit 260 does not execute a process corresponding to the command.

  As described above, when the personal authentication unit 222 does not receive the permission notification, the personal authentication unit 222 requests the operator to input the authentication code, and causes the execution unit 260 to execute the process when a predetermined authentication code is input. . Thereby, for example, even when the registrant 400 is out of service or cannot communicate, or even when the registrant 400 does not have the mobile phone 410, the operator who knows the authentication code, that is, the registrant 400. If it is (or a person who has obtained the permission of the registrant 400), the process according to the command can be executed.

  As described above, in the vehicular personal authentication system 10 according to the present embodiment, even if biometric authentication fails for some reason, a means for permitting execution of processing by another route is provided. Accordingly, it is possible to reduce the possibility that the user (registrant 400) who has a legitimate authority cannot operate the vehicle 200 even though the user 200 is attempting to operate the vehicle 200.

  In addition, although notified to the registrant 400 via the cloud server 300, the vehicle 200 may notify the registrant 400 directly.

[4-1-2. Second authentication mode]
Next, the operation when the second authentication mode is selected will be described with reference to FIG. FIG. 11 is a flowchart showing an example of an operation for performing personal authentication in the second authentication mode in the vehicle personal authentication system 10 according to the present embodiment.

  After the second authentication mode is selected in step S170 shown in FIG. 9, the personal authentication unit 222 performs personal authentication based on the selected second authentication mode (S300). For example, the personal authentication unit 222 first performs voiceprint authentication.

  When the voiceprint authentication is successful (Yes in S310), the execution unit 260 executes a process corresponding to the command, for example, a process such as “open the door” (S320).

  If the voiceprint authentication fails (No in S310), the personal authentication unit 222 performs another biometric authentication (S330). In the example shown in FIG. 11, the personal authentication unit 222 performs fingerprint authentication.

  When the fingerprint authentication is successful (Yes in S340), the execution unit 260 executes a process corresponding to the command, for example, a process such as “open the door” (S320).

  When the fingerprint authentication fails (No in S340), the personal authentication unit 222 notifies the cloud server 300 that the personal authentication has failed via the communication unit 250 (S350). The personal authentication unit 222 may perform another biometric authentication (face authentication or iris authentication). In the second authentication mode, if even one of a plurality of biometric authentications succeeds, it can be considered that the personal authentication is successful.

  The cloud server 300 requests the keyword from the operator by causing the smart key 100 or the vehicle 200 to output sound via the communication unit 320 (S360). For example, the storage unit 310 of the cloud server 300 stores a predetermined simple question and its answer (keyword). The control unit 330 of the cloud server 300 reads a simple question from the storage unit 310 and transmits the read simple question to the smart key 100 or the vehicle 200.

  The smart key 100 or the vehicle 200 requests the answer (keyword) by displaying the received simple question by voice or the like. The operator of the smart key 100 may receive a simple question and issue an answer (keyword) to the smart key 100. The keyword is an example of a predetermined authentication code.

  If the keyword is correct (Yes in S370), the personal authentication unit 222 causes the execution unit 260 to execute processing (S320). If the keyword is incorrect (No in S370), the execution unit 260 does not execute processing according to the command.

  As described above, in the vehicular personal authentication system 10 according to the present embodiment, even if biometric authentication fails for some reason, a means for permitting execution of processing by another route is provided. Accordingly, it is possible to reduce the possibility that the user (registrant 400) who has a legitimate authority cannot operate the vehicle 200 even though the user 200 is attempting to operate the vehicle 200.

[4-2. Security release]
Next, a method of canceling vehicle security, that is, canceling personal authentication will be described with reference to FIG. FIG. 12 is a flowchart showing an example of an operation for releasing security in the vehicle personal authentication system 10 according to the present embodiment.

  First, based on an explicit instruction from the operator of the smart key 100, the smart key 100 transmits a request for canceling personal authentication to the cloud server 300 (S400). The explicit instruction is, for example, a voice instruction such as pressing and holding a button provided on the smart key 100 or “release security”. Smart key 100 may transmit a request for canceling personal authentication to vehicle 200.

  Note that the voice instruction analysis is performed by the voice analysis unit 210 of the vehicle 200, for example. That is, the smart key 100 may transmit the voice acquired by the voice acquisition unit 111 to the vehicle 200 via the communication units 130 and 250. Alternatively, the control unit 330 of the cloud server 300 may include the voice analysis unit 210. In this case, the smart key 100 may transmit the acquired voice to the cloud server 300.

  Next, the device authentication unit 221 performs device authentication between the smart key 100 and the vehicle 200 (S110). At this time, when the smart key 100 and the vehicle 200 are located apart from each other by a predetermined distance, the smart key 100 transmits the smart key authentication ID 121 to the vehicle 200 via the cloud server 300. As described above, the device authentication unit 221 starts device authentication when receiving a request for canceling personal authentication.

  If the device authentication has failed (No in S120), the security release operation is terminated. At this time, the vehicle 200 or the cloud server 300 may notify the registrant 400 that the unauthorized security release request has been made.

  When the device authentication is successful (Yes in S120), the personal authentication unit 222 performs personal authentication. The security release request is one of the commands for which the strongest authentication strength is required in the vehicle personal authentication system 10 according to the present embodiment. Therefore, the personal authentication unit 222 performs personal authentication in the authentication mode with the strongest authentication strength, for example, the first authentication mode (S430).

  If the personal authentication fails (No in S440), the security release operation is terminated. At this time, the vehicle 200 or the cloud server 300 may notify the registrant 400 that the unauthorized security release request has been made.

  When the personal authentication is successful (Yes in S440), the personal authentication unit 222 accepts designation of a period for releasing the security (S450). For example, a voice instruction “Please specify the release period” is provided to the operator of the smart key 100 via the smart key 100. Thereby, the operator can designate the time, the number of days, the time limit, and the like such as “12 hours”, “3 days”, and “until February 15” by voice. The sound acquisition unit 111 acquires sound that designates a cancellation period from the operator and transmits the sound to the vehicle 200.

  Then, the personal authentication unit 222 cancels the personal authentication of the vehicle 200 (S460). Thereby, the personal authentication unit 222 causes the execution unit 260 to execute processing without performing personal authentication for a predetermined period. The personal authentication unit 222 can be rephrased as executing personal authentication in the third authentication mode for a predetermined period regardless of the type of command. That is, the release of security is to shift the authentication mode to the third authentication mode.

  As described above, since the personal authentication unit 222 can release the security, the vehicle 200 can be controlled only by device authentication without performing personal authentication. Therefore, for example, it is useful when the registrant 400 temporarily lends the vehicle 200 to an acquaintance, and convenience can be improved.

  Note that the control unit 330 of the cloud server 300 may perform personal authentication. As illustrated in FIG. 3, the storage unit 310 of the cloud server 300 stores personal authentication data 311. In other words, the control unit 330 of the cloud server 300 may include the personal authentication unit 222.

[4-3. sign up]
Next, a method for newly registering a user as the registrant 400 will be described with reference to FIG. FIG. 13 is a flowchart showing an example of an operation for adding a new user in the vehicle personal authentication system 10 according to the present embodiment.

  First, based on an explicit instruction from the operator of the smart key 100, the smart key 100 transmits a user registration request to the cloud server 300 (S500). The operator is an existing registrant 400. If the operator is not the registrant 400, it is rejected by personal authentication (S430).

  The explicit instruction is, for example, a voice instruction such as pressing and holding a button provided on the smart key 100 or “registering a new user”. When the long press of the button is assigned to cancel the security, another action such as pressing the button twice may be assigned to the new registration of the user. Also, the voice analysis unit 210 of the vehicle 200 performs analysis of voice instructions. And the apparatus authentication part 221 starts apparatus authentication, when the registration request of a new user is received.

  Hereinafter, device authentication and personal authentication are the same as the security release method shown in FIG.

  If the personal authentication is successful (Yes in S440), the personal authentication unit 222 registers the personal authentication data used for the personal authentication of the new user in association with the user ID for identifying the new user (S550). Specifically, the personal authentication unit 222 stores the personal authentication data of the new user in the storage unit 230 in association with the user ID.

  For example, by outputting a voice “Please say xxxx” from the smart key 100 or the vehicle 200, the new user is prompted to speak. Thereby, the voice acquisition unit 111 or 241 acquires the voice of the new user, and the personal authentication unit 222 generates voice print data used for voice print authentication from the acquired voice of the new user, and the generated voice print data and the new user Are registered in association with each other. Similarly, fingerprint data, face data, and iris data are acquired using the fingerprint acquisition unit 112 or 242 and the imaging unit 243.

  The personal authentication unit 222 transmits the personal authentication data and the user ID to the cloud server 300 (S560). The cloud server 300 stores the received personal authentication data and user ID in the storage unit 310 in association with each other.

  As in the case of the security cancellation request, the control unit 330 of the cloud server 300 may use the storage unit 310 to perform personal authentication and registration of a new user. In this case, the cloud server 300 may transmit the personal authentication data registered in the storage unit 310 and the user ID to the vehicle 200.

  As described above, since the personal authentication unit 222 can register a new user, a user other than the existing registrant 400 can control the vehicle 200. Therefore, for example, it is useful when the vehicle 200 is shared by two or more people, and convenience can be improved.

[5. Summary]
As described above, the vehicle personal authentication system 10 according to the present embodiment includes the vehicle 200 and the smart key 100 that controls the vehicle 200, and the vehicle personal authentication that authenticates the operator who operates the smart key 100. In the system 10, the smart key 100 includes a voice acquisition unit 111 that acquires voice, and the vehicle 200 has a device authentication unit 221 that performs device authentication between the smart key 100 and the vehicle 200, and the device authentication is successful. A personal authentication unit 222 that performs personal authentication of the operator, and an execution unit 260 that executes processing according to a command generated based on the voice acquired by the voice acquisition unit 111 when the personal authentication is successful. The personal authentication unit 222 includes at least two authentications having different authentication strengths based on a command generated based on the voice acquired by the voice acquisition unit 111. Select one of the modes, it performs personal authentication based on the authentication mode selected.

  Thereby, for example, the personal authentication unit 222 selects an authentication mode with a strong authentication strength when the command requires personal authentication, and selects an authentication mode with a low authentication strength when the command requires personal authentication. Can do. Therefore, since the authentication mode corresponding to the command can be selected, it is possible to improve convenience while maintaining security.

  In the present embodiment, the personal authentication unit 222 notifies the registrant 400 associated with the smart key 100 when the personal authentication fails.

  Thereby, the registrant 400 can know that the personal authentication has failed. Since the registrant 400 knows that the personal authentication has failed, the registrant 400 can perform the necessary processing according to the cause of the failure of the personal authentication, so that the convenience of the registrant 400 can be improved.

  Further, in the present embodiment, when the personal authentication unit 222 fails, when the personal authentication fails, the personal authentication unit 222 receives the permission notification permitting the processing corresponding to the command to be performed after the notification to the registrant 400. 260 causes the process to be executed.

  Thereby, even if personal authentication fails, the registrant 400 can permit the execution of the process. As described above, there is provided means for permitting the execution of processing by another route even when the registrant 400 performs personal authentication but fails for some reason. Therefore, the convenience of the registrant 400 can be improved.

  Further, in the present embodiment, the personal authentication unit 222 requests the operator to input the authentication code when the permission notification is not received, and when the predetermined authentication code is input, the personal authentication unit 222 Execute the process.

  Thereby, for example, even when the registrant 400 cannot transmit the permission notification, such as when the communication environment is bad, the registrant 400 can execute the process by inputting the authentication code. Thus, even if the personal authentication fails and the registrant 400 cannot permit, the original registrant 400 can execute the process. Therefore, the convenience of the registrant 400 can be improved.

  In the present embodiment, the vehicle personal authentication system 10 further includes a cloud server 300 that can communicate with the vehicle 200 and the smart key 100, and the personal authentication unit 222 receives the registrant 400 via the cloud server 300. Notify

  Thereby, even if the registrant 400 is at a long distance by way of the cloud server 300, a necessary notification can be performed.

  In the present embodiment, personal authentication unit 222 selects one of at least two authentication modes based on the strength of the authentication strength requested by the command.

  As a result, the personal authentication unit 222 selects an authentication mode corresponding to the authentication strength of the strength required by the command. It is possible to prevent the personal authentication from being performed.

  In the present embodiment, at least two authentication modes include a first authentication mode, a second authentication mode, and a third authentication mode. In the first authentication mode, voice print authentication, fingerprint authentication, face authentication, and iris authentication are performed. Personal authentication succeeds when at least two succeed, and in the second authentication mode, personal authentication succeeds when at least one of voiceprint authentication, fingerprint authentication, face authentication and iris authentication succeeds, and the third authentication mode Then, personal authentication succeeds in all cases.

  Thereby, for example, for the processing that does not disadvantage the registrant 400, the personal authentication can be omitted by selecting the third authentication mode. Even if the personal authentication is not performed, since the executed process is not disadvantageous for the registrant 400, the convenience of the vehicle can be improved while maintaining the security of the vehicle.

  For example, the personal authentication unit 222 selects the first authentication mode when the command indicates the standby state of the vehicle. The personal authentication unit 222 selects the second authentication mode when the command instructs unlocking of the vehicle door. Further, the personal authentication unit 222 selects the third authentication mode when the command instructs the presentation of the remaining amount of fuel in the vehicle.

  In the present embodiment, the device authentication unit 221 starts device authentication when the sound acquisition unit 111 acquires sound.

  Thereby, since device authentication can be started by using voice input as a trigger, device authentication and personal authentication can be performed smoothly. For example, when the smart key 100 is a wearable device, device authentication and personal authentication can be performed in a hands-free manner, so that the convenience of the registrant 400 can be improved.

  In the present embodiment, the device authentication unit 221 starts device authentication when receiving a request for canceling personal authentication, and the personal authentication unit 222 performs a predetermined period after device authentication and personal authentication are successful. The execution unit 260 executes the process without performing personal authentication.

  This is useful, for example, when the registrant 400 temporarily lends the vehicle 200 to an acquaintance, and can improve convenience.

  Also, in this embodiment, the device authentication unit 221 starts device authentication when receiving a new user registration request, and the personal authentication unit 222 performs the authentication of the new user after device authentication and personal authentication are successful. Authentication data used for personal authentication and a user ID for identifying a new user are registered in association with each other.

  This is useful, for example, when two or more people share the vehicle 200, and can improve convenience.

  In the present embodiment, the voice may be part of a conversation or tweet made by the operator.

  Thereby, the operator can perform processing according to the operator's intention without giving an explicit instruction.

  The vehicle personal authentication method according to the present embodiment is a vehicle personal authentication method for authenticating an operator who operates the smart key 100 using the smart key 100 for controlling the vehicle 200, and the smart key 100 In the vehicle personal authentication method, the device authentication between the smart key 100 and the vehicle 200 is performed, and when the device authentication is successful, the operator is personally authenticated and the personal authentication is successful. , Execute processing according to the command generated based on the acquired voice, and in personal authentication, select one of at least two authentication modes having different authentication strengths based on the generated command, and select the selected authentication. Perform personal authentication based on the mode.

  Note that these comprehensive or specific modes may be realized by a system, an apparatus, an integrated circuit, a computer program, or a recording medium such as a computer-readable CD-ROM, and the system, apparatus, integrated circuit, and computer program. Also, any combination of recording media may be realized.

(Other embodiments)
As described above, the embodiments have been described as examples of the technology disclosed in the present application. However, the technology in the present disclosure is not limited to this, and can also be applied to an embodiment in which changes, replacements, additions, omissions, and the like are appropriately performed.

  Thus, other embodiments will be exemplified below.

  For example, in the above-described embodiment, the personal authentication unit 222 performs personal authentication once and determines success and failure. However, the present invention is not limited to this. The personal authentication unit 222 may repeat a predetermined number of times (for example, three times) as a limit until the personal authentication is successful.

  FIG. 14 is a flowchart showing an example of the operation of repeating personal authentication in the vehicle personal authentication system 10 according to the present embodiment.

  As shown in FIG. 14, the personal authentication unit 222 performs personal authentication (S600). The personal authentication may be one of a plurality of biometric authentications (for example, S300 or S330 in FIG. 11), or a combination of a plurality of biometric authentications (for example, S200 in FIG. 10).

  When the personal authentication is successful (Yes in S610), the execution unit 260 performs a process according to the command, for example, a process of “starting the engine” (S620).

  When the personal authentication fails (No in S610), the personal authentication unit 222 determines whether or not the number of times of performing the personal authentication has reached a predetermined number of times (S630). If the personal authentication has already been performed a predetermined number of times (Yes in S630), the personal authentication unit 222 notifies the cloud server 300 that the personal authentication has failed. The subsequent processing is the same as, for example, step S240 shown in FIG.

  If the number of times of personal authentication has not reached the predetermined number (No in S630), the personal authentication unit 222 repeats the personal authentication again (returns to S600).

  For example, when the personal authentication unit 222 performs voice print authentication and fails, the personal authentication unit 222 can perform voice print authentication again. For example, when performing personal authentication in the second authentication mode, the personal authentication unit 222 performs another biometric authentication (for example, fingerprint authentication) when voice print authentication fails a predetermined number of times. At this time, the personal authentication unit 222 can also repeat fingerprint authentication until a predetermined number of times is successful. Note that the number of times that the voiceprint authentication is limited and the number of times that the fingerprint authentication is limited may be the same or different.

  As described above, the personal authentication unit 222 may repeat the personal authentication up to a predetermined number of times until the personal authentication is successful.

  As a result, for example, voiceprint authentication may fail depending on the operator or the surrounding situation, even if it is the person himself / herself. Therefore, it is possible to improve convenience by repeating biometric authentication a plurality of times.

  Moreover, although the said embodiment demonstrated the case where the number of several biometric authentication succeeded as an example from which the authentication strength of several authentication modes differs, it is not restricted to this. For example, the authentication strength may indicate a threshold value of data matching rate in one biometric authentication. In other words, the threshold value for determining that one biometric authentication is successful may be different between a plurality of authentication modes. Specifically, in the authentication mode with weak authentication strength, voiceprint authentication that is regarded as successful with 50% matching rate is used, and in authentication mode with strong authentication strength, voiceprint authentication that is considered as successful with 90% matching rate is used. Good.

  In the above-described embodiment, an example in which the vehicle 200 includes the voice analysis unit 210 has been described. For example, not only the vehicle 200 but also the smart key 100 or the cloud server 300 may include the voice analysis unit 210. Similarly, the smart key 100 or the cloud server 300 may include the authentication unit 220.

  For example, when the smart key 100 includes the voice analysis unit 210, device authentication between the smart key 100 and the vehicle 200 may be started after the voice analysis unit 210 generates a command.

  In the above-described embodiment, an example in which device authentication is started using a voice acquisition as a trigger has been described. However, the present invention is not limited thereto. At this time, if the device authentication is to be started without using the voice, the vehicle 200 may notify the cloud server 300. Specifically, the vehicle 200 may notify the cloud server 300 when the smart key 100 is inserted into the keyhole of the vehicle 200 without using voice.

  As described above, the embodiments have been described as examples of the technology in the present disclosure. For this purpose, the accompanying drawings and detailed description are provided.

  Accordingly, among the components described in the attached drawings and detailed description, not only the components essential for solving the problem, but also the components not essential for solving the problem in order to exemplify the above technique. May also be included. Therefore, it should not be immediately recognized that these non-essential components are essential as those non-essential components are described in the accompanying drawings and detailed description.

  Moreover, since the above-mentioned embodiment is for demonstrating the technique in this indication, a various change, substitution, addition, abbreviation, etc. can be performed in a claim or its equivalent range.

  The vehicle personal authentication system and the vehicle personal authentication method according to the present disclosure can be used in, for example, a system that prevents theft of a vehicle such as an immobilizer.

10 Vehicle personal authentication system 100 Smart key (electronic key)
110, 240 Sensor unit 111, 241 Audio acquisition unit 112, 242 Fingerprint acquisition unit 120, 230, 310 Storage unit 121, 231 Smart key authentication ID
130, 250, 320 Communication unit 131, 251 Short-range communication module 132, 252 Cellular communication module 200 Vehicle 210 Voice analysis unit 220 Authentication unit 221 Device authentication unit 222 Personal authentication unit 232, 311 Personal authentication data 243 Imaging unit 260 Execution unit 300 Cloud server (server device)
330 Control Unit 400 Registrant 410 Mobile Phone

Claims (16)

A vehicle personal authentication system comprising a vehicle and an electronic key for controlling the vehicle, and authenticating an operator who operates the electronic key,
The electronic key is
It has a voice acquisition unit that acquires voice,
The vehicle is
A device authentication unit for performing device authentication between the electronic key and the vehicle;
A personal authentication unit for performing personal authentication of the operator when the device authentication is successful;
An execution unit that executes processing according to a command generated based on the voice acquired by the voice acquisition unit when the personal authentication is successful;
The personal authentication unit
Based on the command generated based on the voice acquired by the voice acquisition unit, one of at least two authentication modes having different authentication strengths is selected, and the personal authentication is performed based on the selected authentication mode. Authentication system. The vehicle personal authentication system according to claim 1, wherein the personal authentication unit notifies a registrant associated with the electronic key when the personal authentication fails. When the personal authentication unit fails, the personal authentication unit executes the process to the execution unit when receiving a permission notification permitting the processing corresponding to the command to be performed after the notification to the registrant. The vehicle personal authentication system according to claim 2. If the personal authentication unit does not receive the permission notification, the personal authentication unit requests the operator to input an authentication code, and causes the execution unit to execute the process when a predetermined authentication code is input. Item 4. The vehicle personal authentication system according to Item 3. The vehicle personal authentication system further includes a server device capable of communicating with the vehicle and the electronic key,
The vehicle personal authentication system according to any one of claims 2 to 4, wherein the personal authentication unit notifies the registrant via the server device. The vehicle personal authentication system according to any one of claims 1 to 5, wherein the personal authentication unit selects one of the at least two authentication modes based on the strength of authentication strength requested by the command. . The at least two authentication modes include a first authentication mode, a second authentication mode, and a third authentication mode,
In the first authentication mode, when at least two of voice print authentication, fingerprint authentication, face authentication and iris authentication succeed, the personal authentication succeeds,
In the second authentication mode, when at least one of voiceprint authentication, fingerprint authentication, face authentication, and iris authentication is successful, the personal authentication is successful,
The vehicle personal authentication system according to claim 1, wherein in the third authentication mode, the personal authentication is successful in all cases. The vehicle personal authentication system according to claim 7, wherein the personal authentication unit selects the first authentication mode when the command indicates a standby state of the vehicle. The vehicle personal authentication system according to claim 7, wherein the personal authentication unit selects the second authentication mode when the command instructs to unlock the door of the vehicle. The vehicle personal authentication system according to claim 7, wherein the personal authentication unit selects the third authentication mode when the command instructs the presentation of the fuel remaining amount of the vehicle. The vehicle personal authentication system according to any one of claims 1 to 10, wherein the personal authentication unit repeats the personal authentication with a predetermined number of times as a limit until the personal authentication is successful. The personal authentication system for a vehicle according to any one of claims 1 to 11, wherein the device authentication unit starts the device authentication when the sound acquisition unit acquires the sound. The device authentication unit starts the device authentication when receiving a request for canceling the personal authentication,
The personal authentication unit causes the execution unit to execute the process without performing the personal authentication for a predetermined period after the device authentication and the personal authentication are successful. The vehicle personal authentication system described. The device authentication unit starts the device authentication when receiving a registration request for a new user,
The personal authentication unit registers authentication data used for personal authentication of the new user and a user ID for identifying the new user in association with each other after the device authentication and the personal authentication are successful. The vehicle personal authentication system according to claim 1. The vehicle personal authentication system according to any one of claims 1 to 14, wherein the voice is a part of a conversation or tweet made by the operator. A vehicle personal authentication method for authenticating an operator who operates the electronic key using an electronic key for controlling the vehicle,
In the electronic key,
Get audio,
The vehicle personal authentication method includes:
Perform device authentication between the electronic key and the vehicle,
If the device authentication is successful, perform personal authentication of the operator,
When the personal authentication is successful, execute processing according to the command generated based on the acquired voice,
In the personal authentication,
A vehicle personal authentication method for selecting one of at least two authentication modes having different authentication strengths based on the generated command and performing the personal authentication based on the selected authentication mode.

Images