JP2007251557A - Authentication processing system and authentication processing method, communication device and communication method, as well as authentication device and authentication method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an authentication system capable of easily registering a communication device into an authentication device, while assuring security. <P>SOLUTION: A cellular phone 13 accesses a vehicle management server 14 and acquires an authentication data. A car-mounted ID management device 31 on a car 11 detects the cellular phone 13 entering into within the transmission range of short-range communication and receives the authentication data from the cellular phone 13, while it detects a user operation indicative of origination of registration processing to register the cellular phone 13 as an auxiliary key. The car-mounted ID management device 31 authenticates and registers the cellular phone 13 based on the authentication data. Thereby, the cellular phone 13 can operate as the auxiliary key of a smart key 12. The present invention is applicable to, for example, a keyless entry system. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to an authentication processing system and an authentication processing method, a communication device and a communication method, and an authentication device and an authentication method. In particular, the communication device can be easily registered in the authentication device while ensuring security. The present invention relates to an authentication processing system and an authentication processing method, a communication device and a communication method, and an authentication device and an authentication method.

  As one of the remote control systems installed in vehicles such as automobiles, the vehicle door is locked / unlocked with the remote control key, and the in-vehicle device receives the lock / unlock signal transmitted from the remote control key. A so-called keyless entry system for driving a door locking / unlocking mechanism has become widespread. According to this keyless entry system, a user who is a vehicle occupant can lock / unlock the door without inserting the vehicle key into the keyhole.

  Furthermore, in recent years, a so-called smart entry system has been adopted in which a door can be unlocked only by a user holding a remote control key approaching a certain range in the vehicle, that is, only by entering the remote control key within the communication range of the in-vehicle device. Has also been realized. This smart entry system is a kind of keyless entry system in that it does not require a key to be inserted into the keyhole as in the prior art, and it is a more advanced (smart) keyless in the sense that there is no need to operate the operation buttons. It is an entry system. Some keyless entry systems and smart entry systems can start the engine in addition to locking / unlocking the door. The keyless entry system and the smart entry system can also be used for unlocking and locking the entrance of the house.

  According to the smart entry system, it is not necessary to take out the remote control key from the pocket or back because there is no need to operate the remote control key operation button. It is easy to happen that the user who has left the vehicle and cannot reach the vehicle and cannot open the door or start the engine.

  On the other hand, a technique (for example, refer to Patent Document 1) that enables a door to be locked / unlocked using a portable communication device other than the remote control key, for example, a mobile phone, or a remote control key. And a technique (for example, refer to Patent Document 2) has been proposed in which the mobile phone can be switched according to the location from the vehicle to control the vehicle.

Remote control keys used in keyless entry systems such as automobiles and smart entry systems are usually registered in vehicles so that a given vehicle can be controlled at a vehicle manufacturer's production plant or dealer's maintenance plant. The Similarly, it has been necessary to bring a mobile phone as a substitute for the remote control key to a dealer or the like for registration.
JP 2001-241229 A JP 2005-299119 A

  However, since vehicles such as automobiles are expensive products, they are not frequently replaced, but mobile phones are cheaper than vehicles, and mobile phones incorporating new functions are also being commercialized one after another, so it is a short period of time. There is also a problem that it is inconvenient to bring a mobile phone to a dealer or the like and perform registration work every time a mobile phone is replaced.

  The present invention has been made in view of such a situation, and allows a communication device to be easily registered in an authentication device while ensuring security.

  An authentication processing system according to a first aspect of the present invention includes a first communication device that performs wireless short-range communication and long-distance communication via a network, and an authentication device that authenticates and registers the first communication device. An authentication processing system comprising: an information processing device that manages the first communication device and the authentication device, and enables the registered first communication device to control a control device on which the authentication device is mounted. Then, the first communication device transmits user data for identifying a user who is the owner of the first communication device to the information processing device by the long-distance communication, and returns authentication data as a reply. Receiving first long-distance communication means; identification data for identifying the first communication apparatus by the short-distance communication; and first short-distance communication means for transmitting the authentication data to the authentication apparatus. The information processing apparatus receives the user data from the first communication device by the first authentication means for authenticating the first communication device based on the user data and the long-distance communication, and performs authentication. And a second long-distance communication means for transmitting the authentication data to the first communication device, wherein the authentication device transmits the identification data and the authentication data by the short-range communication. Second short-range communication means received from the first communication apparatus; second authentication means for authenticating the first communication apparatus based on the authentication data; and the authenticated first communication apparatus First communication device information storage means for registering the identification data.

  The first communication device is, for example, a mobile phone, the information processing device is, for example, a vehicle management server configured by a computer, and the authentication device is, for example, an in-vehicle ID management device. The first and second short-range communication means perform, for example, infrared communication, RFID (Radio Frequency IDentification) communication, communication according to the Bluetooth (registered trademark) standard, communication according to the wireless LAN standard, and the like. It is a short-range communication unit configured by a communication circuit, and the first and second long-range communication units comply with, for example, a PDC (Personal Digital Cellular) system or a W-CDMA (WIDeband-Code Division Multiple Access) system A long-distance communication unit configured by a communication circuit that performs wireless communication or a NIC (Network Interface Card) that performs communication by connecting to a LAN. The first and second authentication means include, for example, necessary programs Is an authentication unit composed of a RAM (Random Access Memory) or ROM (Read Only Memory) in which data and data are appropriately stored, and a CPU (Central Processing Unit) that executes a program loaded from the RAM (first communication) The device information storage means is a storage unit configured by, for example, a nonvolatile memory such as a flash memory or a hard disk.

  An authentication processing method according to a second aspect of the present invention includes: a first communication device that performs wireless short-range communication and long-distance communication via a network; and an authentication device that authenticates and registers the first communication device. An authentication processing system comprising: an information processing device that manages the first communication device and the authentication device, and enables the registered first communication device to control a control device that includes the authentication device. In the authentication processing method, the first communication device transmits user data for identifying a user who is an owner of the first communication device to the information processing device by the long-distance communication and returns the user data. And receiving the identification data for identifying the first communication device and the authentication data to the authentication device by the short-range communication, and the information processing device transmits the user data And authenticating the first communication device, receiving the user data from the first communication device by the long-distance communication, and receiving the authentication data for the authenticated first communication device. The authentication device receives the identification data and the authentication data from the first communication device through the short-range communication, and authenticates the first communication device based on the authentication data. And registering the identification data of the authenticated first communication device.

  In the first and second aspects of the present invention, in the first communication device, user data for identifying a user who is the owner of the first communication device is transmitted to the information processing device by long-distance communication. Authentication data is received as a reply. In the first communication device, identification data for identifying the first communication device and authentication data are transmitted to the authentication device by short-range communication. In the information processing device, the first communication device is authenticated based on the user data, and the user data is received from the first communication device by long-distance communication. Data is sent. In the authentication device, identification data and authentication data are received from the first communication device by near field communication, and the first communication device is authenticated and authenticated based on the authentication data. The identification data is registered.

  Therefore, the first communication device can be easily registered in the authentication device while ensuring security.

  A second communication device that performs the short-range communication and is registered in the authentication device is further provided, and the second authentication unit of the authentication device further includes the second communication device that performs the short-range communication. When it is confirmed by the second short-range communication means that it exists within the communication range, the first communication device can be authenticated.

  The second communication device is constituted by, for example, a smart key having an RFID communication function. Thereby, since it can be confirmed that the user also possesses the second communication device, the first communication device can be easily registered in the authentication device while ensuring more security.

  The second authentication unit of the authentication device further transmits the identification data and the authentication data to the second short distance within a predetermined time after the user operation indicating the start of registration processing is detected. When the communication means receives the information, the first communication device can be authenticated. Thereby, spoofing of a malicious third party can be prevented.

  A second communication device registered in the authentication device, in which information indicating that the short-range communication is performed and dedicated to the registration process is stored, is further provided, and the second authentication unit of the authentication device includes: Furthermore, the first communication device can be authenticated when the second short-range communication means confirms that the second communication device exists within the communication range of the short-range communication.

  For example, the second communication device includes a smart key having an RFID communication function or the like. Thereby, the registration process of a 1st communication apparatus can be started easily.

  The authentication apparatus further includes a third long-distance communication means for transmitting the identification data to the information processing apparatus by the long-distance communication when the first communication apparatus is authenticated, and the information processing apparatus Can further comprise second communication device information storage means for storing the identification data received from the authentication device by the long-distance communication.

  This third long-distance communication means is, for example, a communication circuit that performs wireless communication conforming to the PDC (Personal Digital Cellular) method or W-CDMA (WIDeband-Code Division Multiple Access) method, or a LAN connected to the communication. Is a long-distance communication unit configured by a NIC (Network Interface Card) or the like, and the second communication device information storage unit is a storage unit configured by, for example, a nonvolatile memory such as a flash memory or a hard disk . The first communication device registered in the authentication device can also be registered in the information processing device.

  The information processing apparatus further includes a theft information storage unit that stores theft information indicating whether the control device has been stolen, and the second authentication unit of the authentication device indicates that the control device is not stolen. After confirming with the information processing apparatus, the first communication apparatus can be authenticated.

  This theft information storage means is, for example, a storage unit composed of a non-volatile memory such as a flash memory or a hard disk, whereby after confirming with the information processing device that the control device has not been stolen, The first communication device can be registered.

  A second communication device registered in the authentication device, in which information indicating that the short-range communication is performed and dedicated to theft detection is stored, is further provided, and the authentication device includes the second communication device. Is authenticated by the first authentication means, the user can be informed that it has been authenticated.

  The second communication device is constituted by, for example, a smart key having an RFID communication function. Thereby, it is possible to easily confirm whether the stolen control device is owned by the user.

  The first communication device may be a mobile phone, and the user data may be biometric data of the user.

  The communication device according to the third aspect of the present invention is a communication device capable of controlling a control device equipped with the authentication device by being authenticated by the authentication device. Sending user data identifying the user who is the owner of the communication device to the information processing device that manages the communication device, and receiving the authentication data as a reply, and by short-range communication by wireless, Identification data for identifying the communication device and short-range communication means for transmitting the authentication data to the authentication device.

  A communication method according to a fourth aspect of the present invention is a communication method of a communication device that enables control of a control device equipped with the authentication device by being authenticated by the authentication device, and is a long distance via a network Through communication, user data for identifying a user who is the owner of the communication device is transmitted to an information processing device that manages the communication device, and authentication data is received as a reply. Identification data for identifying a communication device and the authentication data are transmitted to the authentication device.

  In the third and fourth aspects of the present invention, user data for identifying the user who is the owner of the communication device is transmitted to the information processing device that manages the communication device by long-distance communication via the network, Authentication data is received as the reply. Also, identification data for identifying the communication device and authentication data are transmitted to the authentication device by wireless short-range communication. Accordingly, the communication device can be easily registered in the authentication device while ensuring security.

  An authentication device according to a fifth aspect of the present invention is an authentication device that authenticates a communication device and allows the communication device to control a control device, and communicates with an information processing device that manages the communication device. Based on the short-range communication means for receiving the authentication data acquired by the communication device and the identification data for identifying the communication device from the communication device by short-range communication, and the communication device Authentication means for authenticating the communication device, and communication device information storage means for registering the identification data of the authenticated communication device.

  An authentication method according to a sixth aspect of the present invention is an authentication method for an authentication device that authenticates a communication device and allows the communication device to control a control device, and an information processing device that manages the communication device; Authentication data acquired by the communication device through communication and identification data for identifying the communication device are received from the communication device by near field communication, and the communication device is authenticated based on the authentication data. Then, the identification data of the authenticated communication device is registered.

  In the fifth and sixth aspects of the present invention, the authentication data acquired by the communication device by communicating with the information processing device that manages the communication device and the identification data for identifying the communication device are transmitted by short-range communication. Received from the communication device. Then, based on the authentication data, the communication device is authenticated, and identification data of the authenticated communication device is registered. Accordingly, the communication device can be easily registered in the authentication device while ensuring security.

  The authentication unit further authenticates the communication device when it is confirmed by the near field communication unit that another communication device registered in the authentication device exists within the communication range of the near field communication. Can be made. Accordingly, since it is further confirmed that other communication devices registered in the authentication device are within the communication range of the short-range communication, it is possible to easily register the communication device in the authentication device while ensuring more security. it can.

  The authentication unit further includes the communication device when the short-range communication unit receives the identification data and the authentication data within a predetermined time after a user operation indicating the start of registration processing is detected. Can be authenticated. Thereby, spoofing of a malicious third party can be prevented.

  The authentication means further stores information indicating that it is dedicated to registration processing, and that the other communication device registered in the authentication device exists within the near field communication range. When confirmed by the distance communication means, the communication device can be authenticated. Thereby, the registration process of a communication apparatus can be started easily.

  When the communication device is authenticated, it is possible to further provide a long-distance communication means for transmitting the identification data to the information processing device by the long-distance communication. Accordingly, the communication device registered in the authentication device can be registered in the information processing device.

  The information processing device stores theft information indicating whether the control device has been stolen, and the authentication unit confirms with the information processing device that the control device has not been stolen. The first communication device can be authenticated. Thereby, after confirming with the information processing apparatus that the control device is not stolen, the communication apparatus can be registered.

  In the authentication device, information indicating that the short-range communication is performed and dedicated to theft detection is stored, when another communication device registered in the authentication device is authenticated by the authentication unit, The user can be informed that authentication has been performed. Thereby, it is possible to easily confirm whether the stolen control device is owned by the user.

  According to the present invention, it is possible to easily register a communication device with an authentication device while ensuring security.

  FIG. 1 shows a configuration example of an embodiment (first embodiment) of a smart entry system to which the present invention is applied.

  A smart entry system 1 in FIG. 1 includes a smart key (second device) that performs wireless short-range communication such as a vehicle (control device) 11 held by a user 2, locking and unlocking a door of the vehicle 11, and starting an engine. Communication device) 12, mobile phone (first communication device) 13 owned by user 2, vehicle management server (information processing device) 15 that manages automobile 11, and in-vehicle ID management device (authentication device) installed in automobile 11 ) 31 and the vehicle management server 14 are connected to the network 15A, and the mobile phone 13 and the vehicle management server 14 are connected to the network 15B.

  In the smart entry system 1 of FIG. 1, the user 2 carries a smart key 12 corresponding to the key of the automobile 11 and unlocks the door of the automobile 11 only by approaching a predetermined range of the automobile 11. It is a system that can control.

  The user 2 carries the smart key 12 in a clothes pocket or the like, and approaches the automobile 11. The in-vehicle ID management device 31 mounted on the automobile 11 performs a predetermined operation such as unlocking a door, for example, when the smart key 12 is within the communication range of short-range communication.

  In FIG. 1, the smart key 12 is illustrated as having a key shape, but may be a card shape or the like.

  The user 2 also has a mobile phone 13. In addition to the normal call function, the mobile phone 13 is installed remotely with a short-distance communication function that makes contact with a communication partner or performs direct communication within a short distance (communication range) within 1 m, for example. It has a long-distance communication function for communicating with the vehicle management server 14 via the network 15B.

  The cellular phone 13 acquires data for registering itself in the in-vehicle ID management device 31 (hereinafter referred to as authentication data) from the vehicle management server 14 via the network 15B by the long-distance communication function. Then, the cellular phone 13 transmits the authentication data to the in-vehicle ID management device 31 by the short-range communication function.

  The in-vehicle ID management device 31 first receives the authentication data transmitted from the mobile phone 13, authenticates the mobile phone 13 (user 2 who owns it), and stores (registers) the data inside. Then, after registration, when the in-vehicle ID management device 31 detects the mobile phone 13 without detecting the smart key 12 within the communication range of the short-range communication, it performs a predetermined operation such as unlocking the door. Thereby, even if the user 2 has forgotten to hold the smart key 12, the user 2 can perform a predetermined operation such as unlocking the door as long as the user 2 has the registered mobile phone 13. That is, the mobile phone 13 can be used as an auxiliary key when the smart key 12 is not provided.

  The in-vehicle ID management device 31 transmits information about the mobile phone 13 stored therein to the vehicle management server 14 via the network 15A.

  The vehicle management server 14 is configured by, for example, a computer and manages the automobile 11 and the mobile phone 13 registered by the user 2 in the in-vehicle ID management device 31 as an auxiliary key. The vehicle management server 14 is a server operated by, for example, an automobile sales company that sells the automobile 11.

  The network 15A or 15B includes, for example, wireless communication by wireless LAN compliant with IEEE (The Institute of Electrical and Electronic Engineers, Inc.) 802.11 standard, optical fiber network such as FDDI (Fiber Distributed Data Interface), satellite communication network, It is configured by one or a plurality of networks consisting of wired or wireless, represented by various dedicated or public line networks such as Ethernet (registered trademark), LAN (Local Area Network), or the Internet. The network 15A transmits data exchanged between the connected vehicle management server 14 and the in-vehicle ID management device 31. The network 15B transmits data exchanged between the connected mobile phone 13 and the vehicle management server 14. Note that the networks 15A and 15B are referred to as the network 15 when it is not necessary to distinguish between them.

  In the smart entry system 1 configured as described above, the mobile phone 13 owned by the user 2 is authenticated and registered in the in-vehicle ID management device 31, so that the user 2 forgets to have the smart key 12, Even when the smart key 12 is not in the vicinity of the automobile 11 (within the short-range communication range of the in-vehicle ID management device 31), the mobile phone 13 as an auxiliary key can perform a predetermined operation. .

  In the present embodiment, short-range communication is communication having a communication range of about 1 m, including communication performed by contact. For example, infrared communication, RFID (Radio Frequency IDentification) communication, Bluetooth There are communication according to the (registered trademark) standard, communication according to the wireless LAN standard, and the like. Further, long-distance communication is communication in which the distance between communication devices is not limited, and the communication method and transmission medium are not particularly limited as long as the communication means can communicate via the network 15. Good.

  FIG. 2 is a block diagram illustrating a functional configuration example of each unit constituting the smart entry system 1 when the mobile phone 13 owned by the user 2 is registered as an auxiliary key.

  The automobile 11 includes an in-vehicle ID management device 31, an operation unit 32, and a drive unit 33. Furthermore, the in-vehicle ID management device 31 includes a short-range communication unit 41, a long-distance communication unit 42, an authentication unit 43, a memory (storage unit) 44, and a control unit 45.

  The smart key 12 includes an operation unit 51, a short-range communication unit 52, a memory (storage unit) 53, and a control unit 54.

  The cellular phone 13 includes an operation unit 61, a display unit 62, a short-range communication unit 63, a long-range communication unit 64, a memory (storage unit) 65, and a control unit 66.

  The vehicle management server 14 includes a long-distance communication unit 71, an authentication unit 72, a storage unit 73, and a control unit 74. Furthermore, the storage unit 73 includes a customer data storage unit 81, a theft data storage unit 82, and a portable ID storage unit 83.

  The near field communication unit 41 of the in-vehicle ID management device 31 performs near field communication with the near field communication unit 52 of the smart key 12 and the near field communication unit 63 of the mobile phone 13. For example, the short-range communication unit 41 receives a mobile ID that identifies the mobile phone 13 from the mobile phone 13.

  The long-distance communication unit 42 of the in-vehicle ID management device 31 performs long-distance communication with the long-distance communication unit 71 of the vehicle management server 14 via the network 15A. For example, the long-distance communication unit 42 transmits the mobile phone ID of the mobile phone 13 authenticated by the authentication unit 43 described later to the vehicle management server 14.

  The authentication unit 43 of the in-vehicle ID management device 31 performs an authentication process for authenticating the smart key 12 and the mobile phone 13 (user 2) detected by short-range communication. The authenticating unit 43 enters the communication range depending on whether or not the key ID for identifying the smart key 12 or the portable ID for identifying the mobile phone 13 matches that stored in the memory 44. The smart key 12 or the mobile phone 13 detected by the communication unit 41 is authenticated.

  In the memory 44 of the in-vehicle ID management device 31, a vehicle ID for identifying itself (the in-vehicle ID management device 31) and a key ID for identifying the smart key 12 are stored in advance in an automobile production factory or an automobile sales store (dealer). ing. In addition, after registration of the mobile phone 13, the mobile ID of the mobile phone 13 is also stored in the memory 44.

  The control unit 45 of the in-vehicle ID management device 31 controls the operation unit 32, the drive unit 33, the short-range communication unit 41, the long-range communication unit 42, the authentication unit 43, and the memory 44. For example, the control unit 45 supplies data received by the short-range communication unit 41 or the long-distance communication unit 42 to the authentication unit 43, or when the smart key 12 or the mobile phone 13 is authenticated by the authentication unit 43, The drive unit 33 is commanded to perform a predetermined operation such as unlocking.

  The operation unit 32 of the automobile 11 includes, for example, an ignition switch, a light switch, a horn, and the like, receives an operation of the user 2, and outputs an operation signal corresponding to the operation. The drive unit 33 of the automobile 11 includes an engine that drives a tire, a door mechanism unit that controls locking / unlocking of a door, and the like, and an operation according to an operation signal from the operation unit 32 or a control signal from the control unit 45. I do.

  The operation unit 51 of the smart key 12 includes operation buttons and the like, and supplies an operation signal corresponding to the operation of the user 2 to the control unit 54.

  The near field communication unit 52 of the smart key 12 performs near field communication with the near field communication unit 41 of the in-vehicle ID management device 31. For example, the short-range communication unit 52 transmits its own key ID to the in-vehicle ID management device 31 within the communication range and receives the vehicle ID of the in-vehicle ID management device 31 under the control of the control unit 54. The short-range communication unit 52 can also transmit a control signal corresponding to the operation of the user 2 in the operation unit 51 under the control of the control unit 54.

  The memory 53 of the smart key 12 stores its own key ID and the vehicle ID of the in-vehicle ID management device 31, similarly to the memory 44 of the in-vehicle ID management device 31.

  The control unit 54 of the smart key 12 controls the operation unit 51, the near field communication unit 52, and the memory 53. For example, the control unit 54 generates a control signal corresponding to the operation signal from the operation unit 51, supplies the control signal to the short-range communication unit 52, and causes the in-vehicle ID management device 31 to transmit the control signal.

  The operation unit 61 of the mobile phone 13 includes a power-on button, a power-off button, numeric buttons 0 to 9 and a menu button. The operation unit 61 accepts an operation of the user 2 and sends an operation signal corresponding to the operation to the mobile phone 13. It supplies to the control part 66.

  The display unit 62 of the mobile phone 13 is configured by a liquid crystal display or the like, and displays outgoing / incoming dial numbers, data transmitted / received by the short-range communication unit 63 and the long-range communication unit 64 of the mobile phone 13, and the like.

  The near field communication unit 63 of the mobile phone 13 performs near field communication with the near field communication unit 41 of the in-vehicle ID management device 31. For example, the short-range communication unit 63 transmits the portable ID to the in-vehicle ID management device 31 within the communication range and receives the vehicle ID of the in-vehicle ID management device 31 under the control of the control unit 66.

  The long-distance communication unit 64 of the mobile phone 13 performs long-distance communication with the long-distance communication unit 71 of the vehicle management server 14 via the network 15B. For example, the long-distance communication unit 64 transmits the data input from the operation unit 61 to the vehicle management server 14 via the network 15B under the control of the control unit 66, and receives authentication data from the vehicle management server 14 as a response. Receive. In this case, the data input from the operation unit 61 by the user 2 indicates that the user 2 is a legitimate user of the automobile 11, who is instructed by an automobile dealer when the user 2 purchases the automobile 11. Alphanumeric data to be represented (hereinafter referred to as user registration data). The received authentication data is supplied to the control unit 66.

  The memory 65 of the mobile phone 13 stores a mobile ID that is information for identifying itself (the mobile phone 13) in short-range communication. The memory 65 also stores various data transmitted and received in short-range communication or long-distance communication as necessary.

  The control unit 66 of the mobile phone 13 controls the operation unit 61, the display unit 62, the short-range communication unit 63, the long-range communication unit 64, and the memory 65. For example, the control unit 66 supplies the portable ID stored in the memory 65 to the short-range communication unit 63 when performing authentication processing with the in-vehicle ID management device 31 in short-range communication.

  The long-distance communication unit 71 of the vehicle management server 14 performs long-distance communication with the long-distance communication unit 42 of the in-vehicle ID management device 31 via the network 15A under the control of the control unit 74. For example, the long-distance communication unit 71 receives the mobile ID of the mobile phone 13 transmitted from the in-vehicle ID management device 31 and supplies it to the control unit 74. The long-distance communication unit 71 performs long-distance communication with the long-distance communication unit 64 of the mobile phone 13 via the network 15B. For example, the long-distance communication unit 71 receives user registration data transmitted from the mobile phone 13 and transmits authentication data supplied from the control unit 74 to the mobile phone 13.

  The authentication unit 72 of the vehicle management server 14 determines whether or not the user registration data of the mobile phone 13 received by the long-distance communication unit 71 matches the data stored in the customer data storage unit 81. Authentication processing for authenticating 13 (user 2) is performed.

  The customer data storage unit 81 in the storage unit 73 of the vehicle management server 14 stores customer data for each user 2 who has purchased the automobile 11. Here, the customer data includes the name, address, mail address, and user registration data of the user 2. This user registration data confirms that when the mobile phone 13 owned by the user 2 is registered as an auxiliary key of the smart key 12, the mobile phone 13 surely belongs to the user 2 who has purchased the automobile 11. Used for.

  The theft data storage unit 82 stores information (theft information) indicating whether or not the car 11 sold by the car dealership has been stolen. Thereby, the user 2 can access the vehicle management server 14 from the mobile phone 13 and confirm whether or not his / her automobile 11 has been stolen. The mobile ID storage unit 83 stores the mobile ID of the mobile phone 13 transmitted from the in-vehicle ID management device 31 of the automobile 11 and received by the long-distance communication unit 71.

  The near field communication unit 41 of the in-vehicle ID management device 31, the near field communication unit 52 of the smart key 12, and the near field communication unit 63 of the mobile phone 13 are configured by a communication circuit that performs RFID communication, for example.

  The long-distance communication unit 42 of the in-vehicle ID management device 31, the long-distance communication unit 64 of the mobile phone 13, and the long-distance communication unit 71 of the vehicle management server 14 are, for example, a PDC (Personal Digital Cellular) system or W-CDMA. It is composed of a communication circuit that performs wireless communication conforming to the (WIDeband-Code Division Multiple Access) system, or a NIC (Network Interface Card) that communicates by connecting to a LAN.

  Furthermore, the authentication unit 43 and the control unit 45 of the in-vehicle ID management device 31, the control unit 54 of the smart key 12, the control unit 65 of the mobile phone 13, and the authentication unit 72 and the control unit 74 of the vehicle management server 14 are necessary. It is composed of a RAM (Random Access Memory) or ROM (Read Only Memory) in which programs and data are appropriately stored, and a CPU (Central Processing Unit) that executes programs loaded therefrom.

  The memory 44 of the in-vehicle ID management device 31, the memory 53 of the smart key 12, the memory 65 of the mobile phone 13, and the storage unit 73 of the vehicle management server 14 are configured by, for example, a nonvolatile memory such as a flash memory or a hard disk. Is done.

  The vehicle management server 14 may be configured by one computer or a plurality of computers as long as the above-described processes can be executed. Similarly, the storage unit 73 having the customer data storage unit 81, the theft data storage unit 82, and the portable ID storage unit 83 may be physically configured by one storage device, or each may be a separate storage device. You may make it comprise.

  In the following description, when it is not necessary to particularly distinguish the vehicle ID of the in-vehicle ID management device 31, the key ID of the smart key 12, and the mobile ID of the mobile phone 13, these are referred to as identification IDs.

  Next, a registration process of the smart entry system 1 for registering the mobile phone 13 owned by the user 2 as an auxiliary key will be described with reference to the flowchart of FIG. In FIG. 3, solid arrows connecting the devices indicate that the communication is performed by long-distance communication, and dotted arrows connecting the devices indicate that the communication is performed by short-range communication. Represents.

  When the user 2 carrying the smart key 12 moves within the communication range of the near field communication unit 41 of the in-vehicle ID management device 31, the near field communication unit 52 of the smart key 12 authenticates with the in-vehicle ID management device 31 in step S1. After processing, a security unlock command (door unlock command) is transmitted. In step S21, the short-range communication unit 41 of the in-vehicle ID management device 31 detects the smart key 12 that has entered the communication range, performs authentication processing, and then receives the security lock release command transmitted from the smart key 12. Is supplied to the control unit 45. In the authentication process, the identification IDs are exchanged, and the authentication unit 43 of the in-vehicle ID management device 31 confirms that the received key ID matches the key ID stored in the memory 44 (the smart key 12 is in the car dealership). Confirm that it is a registered genuine smart key.

  In step S22, the control unit 45 instructs the drive unit 33 to release the security lock, and releases the security lock. In this embodiment, it is assumed that the security lock is released by unlocking the door of the automobile 11 (the unlocking of the security lock and the unlocking of the door are equal). In 51, a predetermined operation may be performed to transmit a security unlock command other than the door unlock command.

  The user 2 performs an operation predetermined as an operation for starting the registration process on the operation unit 32. The operation of the user 2 performed here is a series of operations such as, for example, changing the ignition switch from OFF to ACC, and immediately repeating the light switch OFF and small light ON operations 5 times, and then sounding the horn once. It is an operation.

  In step S <b> 23, the operation unit 32 of the automobile 11 supplies an operation signal corresponding to the operation of the user 2 to the control unit 45 of the in-vehicle ID management device 31, and the control unit 45 receives the operation signal supplied from the operation unit 32. Based on this, an operation for starting a registration process for registering the mobile phone 13 of the user 2 is detected.

  The registration process start operation may be performed not by the operation unit 32 of the automobile 11 but by the operation unit 51 of the smart key 12. In this case, an operation signal for starting the registration process is transmitted to the short-range communication unit 41 of the in-vehicle ID management device 31 by short-range communication and further supplied to the control unit 45. The operation for starting the registration process using the smart key 12 can be, for example, pressing the set switch for 5 times and then pressing the reset switch for a long time.

  After the process of step S23, in step S24, the control unit 45 of the in-vehicle ID management device 31 starts measuring the registration process time.

  In step S25, the short-range communication unit 41 of the in-vehicle ID management device 31 confirms that the smart key 12 exists within the communication range, and notifies the control unit 45 to that effect. Thereby, it is possible to prevent fraud from being performed after the security lock is released. Note that the presence detection of the smart key 12 in step S25 may be repeated regularly (or irregularly) during the registration process.

  On the other hand, independent of the processing described above, the user 2 operates the operation unit 61 of the mobile phone 13 to input user registration data. In step S51, the long-distance communication unit 64 of the mobile phone 13 transmits the input user registration data to the vehicle management server 14 via the network 15B.

  In step S71, the long-distance communication unit 71 of the vehicle management server 14 receives the transmitted user registration data (user data) via the network 15B and supplies it to the authentication unit 72 via the control unit 74.

  In step S 72, the authentication unit 72 of the vehicle management server 14 determines whether the user registration data supplied from the long-distance communication unit 71 matches the data stored in the customer data storage unit 81. Authenticate.

  If it is authenticated that the mobile phone 13 belongs to the regular user 2, in step S73, the authentication unit 72 displays an authentication result indicating that the mobile phone 13 belongs to the regular user 2 as a long-distance communication unit. 71 and the long-distance communication unit 71 transmits it to the mobile phone 13. The authentication result becomes data for the mobile phone 13 to perform authentication processing with the in-vehicle ID management device 31, that is, authentication data, and is stored in the customer data storage unit 81 as a set with the received user registration data.

  The long-distance communication unit 64 of the mobile phone 13 receives the authentication data transmitted from the vehicle management server 14 and supplies it to the control unit 66 in step S52.

  In the above-described processing, the user registration data that proves that the mobile phone 13 belongs to the legitimate user 2 is alphanumeric data that is taught by an automobile dealer (managed by the automobile dealer). When the mobile phone 13 has a built-in camera, the face image data of the user 2 for face authentication photographed by the built-in camera can be used as user registration data. Further, when an authentication function such as fingerprint authentication is added to the mobile phone 13, the fingerprint data of the user 2 acquired by the authentication function of the mobile phone 13 may be used as user registration data. That is, the user registration data can be biometric data such as face authentication, fingerprint authentication, palm print, vein pattern, or authentication using the retina or iris. However, in this case, the vehicle management server 14 needs to acquire the biometric data of the user 2 from the user 2 at the time of car sales and store it in the customer data storage unit 81.

  In step S <b> 53, the short-range communication unit 63 of the mobile phone 13 transmits the authentication data and the mobile ID to the in-vehicle ID management device 31 under the control of the control unit 66.

  In step S <b> 26, the short-range communication unit 41 of the in-vehicle ID management device 31 receives the authentication data and the mobile ID transmitted from the mobile phone 13. The received authentication data and portable ID are supplied to the authentication unit 43 via the control unit 45.

  In step S27, the authentication unit 43 of the in-vehicle ID management device 31 authenticates the mobile phone 13 based on the authentication data. In step S28, the authentication data and the mobile ID are received from the registration process start operation. It is determined whether or not the time is within a predetermined time set in advance. If it is determined in step S28 that the time from when the registration process is started until the authentication data and the portable ID are received is not within the predetermined time, the registration operation is performed by the authorized user 2 based on the authorized procedure. If not, the registration process ends.

  On the other hand, if it is determined in step S28 that the time from the registration start operation to the reception of the authentication data and the mobile ID is within the predetermined time, in step S29, the authentication unit 43 determines that the mobile phone in step S26. The mobile ID received from 13 is registered in the memory 44. That is, the authentication unit 43 notifies the control unit 45 that the mobile phone 13 has been authenticated, and the control unit 45 stores the mobile ID of the mobile phone 13 in the memory 44.

  In step S <b> 30, the authentication unit 43 transmits the vehicle ID of the in-vehicle ID management device 31 to the short-range communication unit 41. Thereby, the short-range communication unit 41 transmits the vehicle ID to the mobile phone 13.

  In step S <b> 54, the short-range communication unit 63 of the mobile phone 13 receives the vehicle ID of the in-vehicle ID management device 31 transmitted from the in-vehicle ID management device 31 and supplies it to the control unit 66.

  In step S <b> 55, the control unit 66 stores the vehicle ID received by the short-range communication unit 63 in the memory 65. In step S55, the control unit 66 causes the display unit 62 to display a display indicating that the authentication of the mobile phone 13 has ended (the mobile phone 13 has been registered in the in-vehicle ID management device 31).

  In step S31, the control unit 45 of the in-vehicle ID management device 31 controls the long-range communication unit 42 to transmit the mobile ID and authentication data to the vehicle management server 14 as registration information.

  In step S74, the long-distance communication unit 71 of the vehicle management server 14 receives the mobile ID and authentication data of the mobile phone 13 transmitted from the in-vehicle ID management device 31, and supplies them to the control unit 74.

  In step S75, the control unit 74 of the vehicle management server 14 registers the mobile phone 13 of the user 2 as an auxiliary key. Specifically, the control unit 74 stores the mobile ID of the mobile phone 13 in the mobile ID storage unit 83. Further, the control unit 74 searches the customer data storage unit 81 for user registration data paired with the authentication data, identifies the user 2 from the detected user registration data, and stores the user stored in the customer data storage unit 81. Send a registration completion email to email address 2. Thereby, when the registration of the mobile phone 13 is performed illegally, the unauthorized registration can be found by the user 2 receiving the mail.

  After the mobile ID of the mobile phone 13 is stored in the mobile ID storage unit 83, in step S76, the long-distance communication unit 71 transmits a response indicating the end of registration to the in-vehicle ID management device 31 under the control of the control unit 74. .

  In step S <b> 32, the long-distance communication unit 42 of the in-vehicle ID management device 31 receives a response indicating completion of registration and supplies the response to the control unit 45.

  In step S33, the control unit 45 of the in-vehicle ID management device 31 instructs the drive unit 33 to perform an operation such as ringing a horn or turning on a hazard lamp twice, and notifies the user 2 of the completion of registration. The process is terminated. The process of step S33 is a so-called answer back function.

  As described above, the mobile phone 13 of the user 2 can be registered in the in-vehicle ID management device 31 as an auxiliary key for the smart key 12.

  According to the registration process of FIG. 3, it is confirmed that the mobile phone 13 belongs to the authorized user 2 by the authentication data issued by the vehicle management server 14 and is registered in the in-vehicle ID management device 31. User registration can be prevented, and the mobile phone 13 of the authorized user 2 can be registered in the in-vehicle ID management device 31 as an auxiliary key of the smart key 12. Further, even when the user 2 replaces the mobile phone 13 by buying it or the like, there is no need to go to an automobile dealer and register the mobile phone 13. It can be done easily.

  That is, the mobile phone 13 can be easily registered in the in-vehicle ID management device 31 as an auxiliary key of the smart entry system (keyless entry system) while ensuring security.

  If the mobile phone 13 can only be used as an auxiliary key, the process of registering the mobile phone 13 in the vehicle management server 14 (steps S31 to S33 and steps S74 to S76) can be omitted. However, as described above, since it is possible to detect unauthorized registration of a mobile phone other than the authorized user 2, it is desirable to perform processing.

  Next, with reference to FIG. 4, the keyless operation process of the in-vehicle ID management device 31 in which the driving unit 33 of the automobile is operated by the mobile phone 13 registered as the smart key 12 or the auxiliary key will be described.

  First, in step S101, the control unit 45 of the in-vehicle ID management device 31 determines whether or not the short-range communication unit 41 has detected the smart key 12.

  When it is determined in step S101 that the near field communication unit 41 has detected the smart key 12, in step S102, the authentication unit 43 performs smart processing based on the key ID of the smart key 12 received by the near field communication unit 41. An authentication process for authenticating the key 12 is executed.

  On the other hand, if it is determined in step S101 that the short-range communication unit 41 has not detected the smart key 12, the control unit 45 detects that the short-range communication unit 41 has registered the mobile phone 13 in step S103. It is determined whether or not.

  If it is determined in step S103 that the short-range communication unit 41 has not detected the registered mobile phone 13, that is, if neither the smart key 12 nor the registered mobile phone 13 is detected, the control unit 45 skips steps S104 and S105 and ends the process.

  On the other hand, if it is determined in step S103 that the short-range communication unit 41 has detected the registered mobile phone 13, the authentication unit 43 receives the mobile ID of the mobile phone 13 received by the short-range communication unit 41 in step S104. Based on the above, an authentication process for authenticating the mobile phone 13 is executed.

  After the authentication process in step S102 or S104, in step S105, the control unit 45 instructs the drive unit 33 to execute a predetermined operation such as unlocking the door, and ends the process.

  As described above, according to the keyless operation process, when the smart key 12 or the registered mobile phone 13 is detected within the communication range of the short-range communication unit 41, a predetermined operation is executed.

  In the keyless operation process, as described above, the smart key 12 is preferentially detected among the smart key 12 and the registered mobile phone 13, and if the smart key 12 is detected, the mobile phone The detection process 13 is not executed.

  In the keyless operation process described above, the predetermined operation performed in step S105, that is, the operation that the control unit 45 instructs the drive unit 33 when the smart key 12 is detected, and the registered mobile phone 13 are detected. If the smart key 12 is detected, for example, the door is unlocked and the engine is started to start the registered mobile phone. When the smart key 12 is detected, for example, the control unit 45 instructs the drive unit 33 when the smart key 12 is detected, and the registered mobile phone 13 is detected. In this case, the operation commanded by the control unit 45 to the drive unit 33 can be different.

  Next, another registration process of the smart entry system 1 of FIG. 1 will be described with reference to the flowchart of FIG.

  In the registration process of FIG. 5, before the vehicle-mounted ID management device 31 transmits the vehicle ID of the vehicle-mounted ID management device 31 to the mobile phone 13, a process of accessing the vehicle management server 14 and inquiring about the theft situation of the automobile 11 is performed. These are newly added to the registration process shown in FIG.

  That is, the process in step S201 in FIG. 5 corresponds to the process in step S1 in FIG. 3, the processes in steps S221 to S229 in FIG. 5 correspond to the processes in steps S21 to S29 in FIG. The processing of S233 to S236 corresponds to the processing of steps S30 to S33 in FIG. 3, the processing of steps S251 to S255 of FIG. 5 corresponds to steps S51 to S55 of FIG. 3, and steps S271 to S273 of FIG. The processes of S276 to S278 correspond to the processes of steps S71 to S73 and S74 to S76 in FIG. 3, respectively, and description of the processes corresponding to FIG. 3 is omitted.

  In the registration process of FIG. 5, a theft inquiry process including the processes of steps S230 to S232 and the processes of steps S274 and S275 is newly added to the process of FIG.

  That is, after the process of step S229, in step S230, the long-distance communication unit 42 of the in-vehicle ID management device 31 transmits a command for inquiring the theft situation of the automobile 11 under the control of the control unit 45.

  In step S274, the long-distance communication unit 71 of the vehicle management server 14 receives the theft status inquiry command of the vehicle 11 transmitted from the in-vehicle ID management device 31, and supplies the received command to the control unit 74.

  In step S275, the control unit 74 of the vehicle management server 14 refers to the theft information stored in the theft data storage unit 82 and confirms whether the automobile 11 has been stolen. And the control part 74 transmits the confirmation result to the long-distance communication part 71 (the long-distance communication part 71 transmits the response with respect to a theft condition inquiry command to the vehicle-mounted ID management apparatus 31).

  In step S <b> 231, the long-distance communication unit 42 of the in-vehicle ID management device 31 receives a response from the vehicle management server 14 and supplies the response to the control unit 45.

  In step S232, the control unit 45 of the in-vehicle ID management device 31 determines whether or not the automobile 11 has been stolen based on a response to the theft status inquiry command. If it is determined in step S232 that the automobile 11 has been stolen, steps S233 to S236 are skipped, and the process ends.

  On the other hand, when it is determined in step S232 that the automobile 11 is not stolen, the short-range communication unit 41 transmits the vehicle ID to the mobile phone 13 in step S233.

  As described above, according to the registration process of FIG. 5, the in-vehicle ID management device 31 confirms whether or not the automobile 11 has been stolen and then requires the mobile phone 13 to be used as an auxiliary key. The vehicle ID of the ID management device 31 can be transmitted to the mobile phone 13.

  When the automobile 11 is stolen, the user 2 accesses the web page of the vehicle management server 14 from the personal computer at home or the mobile phone 13 and changes the data in the theft data storage unit 82 of the vehicle management server 14. It is also possible to call the service center of a car dealer or the like and have the operator change the data in the theft data storage unit 82 of the vehicle management server 14. In addition, the in-vehicle ID management device 31 itself detects that the car 11 has been stolen by detecting a theft detection sensor provided in the car 11 or an operation that only the user 2 knows about the position of the car 11, and the vehicle by long-distance communication. The fact may be transmitted to the management server 14 so that the data in the theft data storage unit 82 is changed.

  FIG. 6 shows a second embodiment of the smart entry system 1. In FIG. 6, parts corresponding to those in FIG. 1 are denoted by the same reference numerals, and description thereof is omitted as appropriate.

  The smart entry system 1 of FIG. 6 is common to the smart entry system 1 of FIG. 1 and has the same function as the smart key in that it includes an automobile 11, a smart key 12, a mobile phone 13, a vehicle management server 14, and a network 15. The difference is that a registration card 101 is newly provided.

  In the smart entry system 1 (first embodiment) shown in FIG. 1 described above, the user 2 performs a predetermined operation with the operation unit 32 of the automobile 11 or the operation unit 51 of the smart key 12, thereby providing an auxiliary key. In the smart entry system 1 of FIG. 6, the user 2 starts registration using the dedicated registration card 101 for starting registration.

  After the registration card 101 is registered in advance in the in-vehicle ID management device 31, when the user 2 purchases the automobile 11, the registration card 101 is given to the user 2 together with the smart key 12. Therefore, the vehicle ID of the in-vehicle ID management device 31 is stored in the registration card 101, and the key ID of the registration card 101 is stored in the in-vehicle ID management device 31. Since the registration card 101 has the same configuration and functions as the smart key 12, the operation unit 51, the near field communication unit 52, and the memory 53 of the smart key 12 shown in FIG. , And the control unit 54 will be described. However, the registration card 101 is different from the smart key 12 in that the memory 53 further stores information indicating that only the auxiliary key is registered (hereinafter referred to as registration-only information).

  The registration process by the smart entry system 1 of FIG. 6 will be described with reference to the flowchart of FIG.

  When the user 2 carrying the registration card 101 moves within the communication range of the short-range communication unit 41 of the in-vehicle ID management device 31, the short-range communication unit 52 of the registration card 101 authenticates with the in-vehicle ID management device 31 in step S301. After performing the processing, registration-only information is transmitted as a registration processing start command. In step S321, the short-range communication unit 41 of the in-vehicle ID management device 31 detects the registration card 101 that has entered the communication range, performs an authentication process, and then performs a registration process start command transmitted from the registration card 101. Is supplied to the control unit 45. In the authentication process, the identification IDs of each other are exchanged, and the authentication unit 43 of the in-vehicle ID management device 31 confirms that the key ID of the registration card 101 matches the key ID stored in the memory 44 (the registration card 101 is sold by an automobile). Confirm that it is a legitimate registration card registered at the store).

  The processes of steps S322 to S331 performed by the in-vehicle ID management device 31 are the same as those of steps S24 to S33 of FIG. 3, respectively, and when the authentication data and the mobile ID are received within a predetermined time, the mobile phone 13 receives the vehicle ID. And the mobile management server 14 registers the mobile phone ID of the mobile phone 13.

  Further, the processes of steps S351 to S355 performed by the mobile phone 13 are the same as the processes of steps S51 to S55 of FIG. 3, respectively, while transmitting user registration data to the vehicle management server 14 and receiving authentication data, The authentication data is transmitted to the in-vehicle ID management device 31, and the vehicle ID returned as a result is stored in the memory 65.

  Further, the processes of steps S371 to S376 performed by the vehicle management server 14 are the same as the processes of steps S71 to S76 of FIG. 3, respectively, and the mobile phone 13 is authenticated based on the user registration data, and the in-vehicle ID management device 31. Is registered as an auxiliary key of the smart key 12.

  That is, in the registration process of FIG. 7, the user 2 simply puts the registration card 101 within the communication range, and a registration process start command is transmitted from the registration card 101 to the in-vehicle ID management device 31 to start the registration process. Therefore, the user 2 can start the registration process without performing a complicated operation representing the start of the registration process. In addition, registration is not erroneously started while the operation unit 32 of the automobile 11 is being operated.

  Further, when the auxiliary key is not registered, the registration card 101 is not carried around, but can be stored at, for example, a home, so that the registration of the auxiliary key by a malicious third party can be prevented. .

  FIG. 8 shows a third embodiment of the smart entry system 1. In FIG. 8, parts corresponding to those in FIG. 1 are denoted by the same reference numerals, and description thereof is omitted as appropriate.

  The smart entry system 1 of FIG. 8 is common to the smart entry system 1 of FIG. 1 and has the same function as the smart key in that it has an automobile 11, a smart key 12, a mobile phone 13, a vehicle management server 14, and a network 15. 1 is different from the smart entry system 1 of FIG. 1 in that a theft card 121 is newly provided.

  After the theft card 121 is registered in the in-vehicle ID management device 31 in advance, when the user 2 purchases the automobile 11, it is given to the user 2 together with the smart key 12. Accordingly, the vehicle ID of the in-vehicle ID management device 31 is stored in the theft card 121, and the key ID of the theft card 121 is stored in the in-vehicle ID management device 31. Since the theft card 121 has the same configuration and functions as the smart key 12, the operation unit 51, the short-range communication unit 52, the smart key 12 shown in FIG. Description will be made with reference to the memory 53 and the control unit 54. However, the theft card 121 is different from the smart key 12 in that information indicating that the theft is dedicated to theft detection (hereinafter referred to as theft-only information) is further stored in the memory 53.

  The operation of the smart entry system 1 in FIG. 8 will be described.

  When the user 2 carrying the theft card 121 moves into the communication range of the near field communication unit 41 of the in-vehicle ID management device 31, the near field communication unit 52 of the theft card 121 performs an authentication process with the in-vehicle ID management device 31. After that, send theft-only information. The short-range communication unit 41 of the in-vehicle ID management device 31 detects the theft card 121 that has entered the communication range, performs authentication processing, and then receives theft-only information transmitted from the theft card 121. To the control unit 45. In the authentication process, the identification IDs of each other are exchanged, and the authentication unit 43 of the in-vehicle ID management device 31 confirms that the key ID of the theft card 121 matches the key ID stored in the memory 44 (the theft card 121 is Confirm that it is a legitimate registration card registered at the car dealership).

  And if the control part 45 of the vehicle-mounted ID management apparatus 31 confirms that it is the theft card | curd 121 which entered the communication range, a control signal will be supplied to the drive part 33, and a horn will be sounded with a specific pattern. The user 2 is notified that the theft card 121 has been authenticated by the in-vehicle ID management device 31 by blinking the light, transmitting a specific radio signal, or the like.

  Thereby, for example, even if the automobile 11 is stolen and its license plate is replaced, or the car body number of the automobile 11 is scraped and cannot be read, the automobile 11 is owned by the user 2. It is possible to easily confirm that the car is matched with the theft card 121 to be played, that is, the car 11 is a car owned by the user 2.

  The theft card 121 may have a higher reception sensitivity and transmission power than the smart key 12 so that the in-vehicle ID management device 31 can recognize the theft card 121 in a wider range. .

  Further, the theft dedicated information may be transmitted from the vehicle management server 14 to the mobile phone 13. In this case, when the automobile 11 is found to be stolen, the vehicle management server 14 is accessed. By acquiring the theft dedicated information, the mobile phone 13 can be used as the theft card 121.

  In the above-described embodiment, the registration of the auxiliary key is started by using the security lock release command or the registration processing start command from the smart key 12 as a trigger, but the vehicle management server 14 is accessed from the mobile phone 13 of the user 2. Then, a registration process start command may be transmitted from the vehicle management server 14 to the in-vehicle ID management device 31, and the registration of the auxiliary key may be started with the reception of the in-vehicle ID management device 31 as a trigger.

  In the above-described embodiment, an example of an automobile has been described. However, in the case of registering an auxiliary key in a house (having a door) having a key mechanism as well as vehicles such as trucks and buses other than automobiles, The present invention can be applied.

  In the embodiment described above, the short-range communication performed by the smart key 12 and the vehicle-mounted ID management device 31 and the short-range communication performed by the mobile phone 13 and the vehicle-mounted ID management device 31 are the same type of short-range communication. However, each may be a different type of short-range communication, or may be a short-range communication of the same type but with a different communication range. For example, the communication range of near field communication performed between the smart key 12 and the in-vehicle ID management device 31 is about 1 m as described above, but the near field communication performed between the mobile phone 13 and the in-vehicle ID management device 31 is about 1 m. The communication range can be several tens of centimeters. Further, the automobile 11 can be provided with a plurality of access units for holding the mobile phone 13 as needed, such as for outside the vehicle and for in-house use.

  When the car 11 has a car navigation device (GPS (Global Positioning System)) and the mobile phone 13 has a GPS function, the vehicle 11 recognizes the current positions of the in-vehicle ID management device 31 and the mobile phone 13, and You may make it confirm that it is a short distance at time.

  In this specification, the steps described in the flowcharts include processes that are executed in parallel or individually even if they are not necessarily processed in time series, as well as processes that are executed in time series in the described order. Is also included.

  Further, in this specification, the system represents the entire apparatus constituted by a plurality of apparatuses.

  The embodiment of the present invention is not limited to the above-described embodiment, and various modifications can be made without departing from the gist of the present invention.

It is a figure which shows the structural example of 1st Embodiment of the smart entry system to which this invention is applied. It is a block diagram showing the functional structural example of the smart entry system of FIG. It is a flowchart explaining the registration process of a smart entry system. It is a flowchart explaining the keyless operation | movement process of a vehicle-mounted ID management apparatus. It is a flowchart explaining the other registration processing of a smart entry system. It is a figure which shows the structural example of 2nd Embodiment of a smart entry system. It is a flowchart explaining the further other registration processing of a smart entry system. It is a figure which shows the structural example of 3rd Embodiment of a smart entry system.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 Smart entry system 11 Car 12 Smart key 13 Mobile phone 14 Vehicle management server 15A, 15B Network 31 In-vehicle ID management apparatus 32 Operation part 33 Drive part 41 Short-distance communication part 42 Long-distance communication part 43 Authentication part 44 Memory 45 Control part 51 Operation unit 52 Short range communication unit 53 Memory 54 Control unit 61 Operation unit 63 Short range communication unit 64 Long range communication unit 65 Memory 66 Control unit 71 Long range communication unit 72 Authentication unit 73 Storage unit 74 Control unit 81 Customer data storage unit 82 Theft data storage unit 83 Mobile ID storage unit 101 Registration card 121 Theft card

Claims (19)

A first communication device that performs wireless short-range communication and long-distance communication via a network, an authentication device that authenticates and registers the first communication device, and manages the first communication device and the authentication device An authentication processing system that enables the registered first communication device to control a control device on which the authentication device is mounted.
The first communication device is:
A first long-distance communication means for transmitting user data for identifying a user who is an owner of the first communication device to the information processing device by the long-distance communication, and receiving authentication data as a reply;
Identification data for identifying the first communication device by the short-range communication, and first short-range communication means for transmitting the authentication data to the authentication device,
The information processing apparatus includes:
First authentication means for authenticating the first communication device based on the user data;
A second long-distance communication means for receiving the user data from the first communication device by the long-distance communication and transmitting the authentication data to the authenticated first communication device;
The authentication device
A second short-range communication means for receiving the identification data and the authentication data from the first communication device by the short-range communication;
Second authentication means for authenticating the first communication device based on the authentication data;
An authentication processing system comprising: a first communication device information storage unit that registers the identification data of the authenticated first communication device. A second communication device that performs the near field communication and is registered in the authentication device;
The second authentication unit of the authentication device further includes the second authentication unit when the second short-range communication unit confirms that the second communication device exists within the communication range of the short-range communication. The authentication processing system according to claim 1, wherein the first communication device is authenticated. The second authentication unit of the authentication device further transmits the identification data and the authentication data to the second short-range communication within a predetermined time after the user operation indicating the start of registration processing is detected. The authentication processing system according to claim 2, wherein the first communication device is authenticated when the means receives the information. A second communication device registered in the authentication device, in which information indicating that the short-range communication is performed and dedicated to the registration process is stored;
The second authentication unit of the authentication device further includes the second authentication unit when the second short-range communication unit confirms that the second communication device exists within the communication range of the short-range communication. The authentication processing system according to claim 1, wherein the first communication device is authenticated. The authentication device
When the first communication device is authenticated, the communication device further comprises third telecommunications means for transmitting the identification data to the information processing device by the telecommunications.
The information processing apparatus includes:
The authentication processing system according to claim 1, further comprising a second communication device information storage unit that stores the identification data received from the authentication device through the long-distance communication. The information processing apparatus includes:
Theft information storage means for storing theft information indicating whether the control device has been stolen;
The authentication processing system according to claim 5, wherein the second authentication unit of the authentication device authenticates the first communication device after confirming with the information processing device that the control device has not been stolen. . A second communication device registered in the authentication device, in which information indicating that the short-range communication is performed and dedicated to theft detection is stored;
The authentication device
The authentication processing system according to claim 1, wherein when the second communication device is authenticated by the first authentication unit, the user is notified that the second communication device has been authenticated. The authentication processing system according to claim 1, wherein the first communication device is a mobile phone, and the user data is biometric data of the user. A first communication device that performs wireless short-range communication and long-distance communication via a network, an authentication device that authenticates and registers the first communication device, and manages the first communication device and the authentication device An authentication processing method of an authentication processing system that enables control of a control device equipped with the authentication device in the registered first communication device.
The first communication device is
With the long-distance communication, user data for identifying a user who is the owner of the first communication device is transmitted to the information processing device, and authentication data is received as a reply.
The identification data for identifying the first communication device and the authentication data are transmitted to the authentication device by the short-range communication,
The information processing apparatus is
Authenticating the first communication device based on the user data;
The user data is received from the first communication device by the long-distance communication, and the authentication data is transmitted to the authenticated first communication device.
The authentication device is
The identification data and the authentication data are received from the first communication device by the short-range communication,
Authenticating the first communication device based on the authentication data;
An authentication processing method comprising: registering the identification data of the authenticated first communication device. By being authenticated by the authentication device, it is a communication device capable of controlling a control device equipped with the authentication device,
A long-distance communication means for transmitting user data for identifying a user who is an owner of the communication device to an information processing device that manages the communication device and receiving authentication data as a reply through long-distance communication via a network When,
A communication device comprising: identification data for identifying the communication device and short-range communication means for transmitting the authentication data to the authentication device by wireless short-range communication. By being authenticated by the authentication device, a communication method for a communication device that enables control of a control device equipped with the authentication device,
Through long-distance communication via a network, user data for identifying a user who is the owner of the communication device is transmitted to an information processing device that manages the communication device, and authentication data is received as a reply.
A communication method for transmitting identification data for identifying the communication device and the authentication data to the authentication device by wireless short-range communication. An authentication device that authenticates a communication device and allows the communication device to control a control device,
Short-range communication means for receiving authentication data acquired by the communication device by communicating with an information processing device that manages the communication device and identification data for identifying the communication device from the communication device by short-range communication When,
Authentication means for authenticating the communication device based on the authentication data;
A communication device information storage unit that registers the identification data of the authenticated communication device. The authentication unit further authenticates the communication device when it is confirmed by the short-range communication unit that another communication device registered in the authentication device exists within the communication range of the short-range communication. The authentication device according to claim 12. The authentication unit further includes the communication device when the short-range communication unit receives the identification data and the authentication data within a predetermined time after the user operation indicating the start of the registration process is detected. The authentication device according to claim 13 that performs authentication. The authentication means further stores information indicating that it is dedicated to registration processing, and that the other communication device registered in the authentication device exists within the communication range of the near field communication. The authentication device according to claim 12, wherein the communication device is authenticated when confirmed by communication means. The authentication apparatus according to claim 12, further comprising a long-distance communication unit that transmits the identification data to the information processing apparatus through the long-distance communication when the communication apparatus is authenticated. The information processing apparatus stores theft information indicating whether the control device has been stolen,
The authentication device according to claim 16, wherein the authentication unit authenticates the first communication device after confirming with the information processing device that the control device has not been stolen. Information indicating that the short-range communication is performed and information indicating that the dedicated device is used for theft detection is stored, and the other authentication device registered in the authentication device is authenticated by the authentication means. The authentication device according to claim 12. An authentication method for an authentication device for authenticating a communication device and allowing the communication device to control a control device,
Authentication data acquired by the communication device by communicating with an information processing device that manages the communication device, and identification data for identifying the communication device are received from the communication device by short-range communication,
Authenticate the communication device based on the authentication data,
An authentication method for registering the identification data of the authenticated communication device.

Images