JP2021067152A - Authentication system for vehicle - Google Patents

Abstract

To enhance security in an authentication when using a vehicle while improving convenience in authorizing a general use of the vehicle.SOLUTION: A collation ECU comprises: a trigger detector for detecting a trigger regarding a use of an own vehicle; and a transmission processing part for allowing a hearable terminal 2 of a user authorizing the use of the vehicle to send an assignment password when the trigger is detected at the trigger detector. The hearable terminal 2 comprises: a sound output processing part 202 for allowing the assignment password sent from the collation ECU to be output as the sound from a speaker 22; a sound recognition part 203 for recognizing a speech password as the sound from the sound collected by a microphone 23 after the assignment password is output as the sound; and a transmission processing part 204 for allowing the speech password recognized as the sound to be sent. An authorization part of the collation ECU authorizes the use of the own vehicle when the assignment password sent from the transmission processing part and the speech password received from the hearable terminal 2 match.SELECTED DRAWING: Figure 2

Description

The present disclosure relates to a vehicle authentication system.

Conventionally, in an electronic key system that permits locking and unlocking of a vehicle by authentication via wireless communication between the vehicle and the electronic key, there is known a technique that enables a technology other than a dedicated master key to be used as an electronic key. For example, Patent Document 1 discloses a technique in which authentication information for unlocking a vehicle is received from a server by a mobile terminal via a network, and the mobile terminal can be used as an electronic key.

Japanese Unexamined Patent Publication No. 2006-118122

In a share car, in order to make one vehicle available to an unspecified number of users, there is a request that the permission to unlock the user is a temporary permission such as once. Further, even when trying to use the trunk room of a privately owned vehicle as a delivery box, there is a request that the permission for unlocking to a user such as a delivery company should be a temporary permission such as once.

On the other hand, it is conceivable that the one-time password is transmitted from the server or the like to the mobile terminal and displayed, and the mobile terminal accepts the operation input of the one-time password from the user to perform authentication. However, in this method, it takes time and effort for the user to take out the mobile terminal and operate and input the one-time password. In particular, when the user is a courier company, the time and effort is increased by the amount of operation input while carrying the parcel.

Furthermore, when the one-time pass is displayed on the mobile terminal, it is easy for anyone other than the user who wants to grant the unlocking authority to browse. Therefore, there is a risk that a third party who snoops on the display of the one-time pass may be allowed to unlock the vehicle. In addition, since it is necessary to lengthen the display time of the one-time pass in order to input the operation of the one-time pass while viewing the display of the one-time pass, the risk of browsing by a third party is further increased.

One purpose of this disclosure is to provide a vehicle authentication system that enables the temporary use of a vehicle to be made more secure and convenient when the vehicle is used. To provide.

The above object is achieved by a combination of the features described in the independent claims, and the sub-claims provide for further advantageous embodiments of the disclosure. The reference numerals in parentheses described in the claims indicate, as one embodiment, the correspondence with the specific means described in the embodiments described later, and do not limit the technical scope of the present disclosure. ..

In order to achieve the above object, the vehicle authentication system of the present disclosure is used in a vehicle with a hearable terminal (2,2a) which is worn on the user's ear and has a speaker (22) and a microphone (23). The in-vehicle device includes an in-vehicle device (30) including a permission unit (306) for permitting the use of the vehicle, and the in-vehicle device detects a trigger by a trigger detection unit (301) for detecting a trigger related to the use of the vehicle and a trigger detection unit. In this case, the hearable terminal is provided with a vehicle-side transmission processing unit (302) that causes the hearable terminal of the user who permits the use of the vehicle to transmit the given password, which is a temporary password, and the hearable terminal is given by the in-vehicle device. A voice that recognizes the spoken password, which is the spoken password, from the voice output processing unit (202) that outputs the password as voice from the speaker and the sound that is collected by the microphone after the assigned password is output as voice from the speaker. A recognition unit (203) and a terminal-side transmission processing unit (204) for transmitting a voice-recognized speech password by the voice recognition unit are provided, and an in-vehicle device permission unit includes an assigned password transmitted from the vehicle-side transmission processing unit. If the spoken password received from the hearable terminal matches, the vehicle is permitted to be used, but if it does not match, the vehicle is not permitted to be used.

According to this, when the given password sent from the vehicle-side transmission processing unit and the utterance password received from the hearable terminal match, the permission unit of the in-vehicle device permits the use of the vehicle, but does not match. In some cases, the use of the vehicle is not permitted, so it is possible to authenticate when using the vehicle with a password. Since the hearable terminal is attached to the user's ear, the assigned password output as voice can be recognized only by the users who are permitted to use the vehicle. Therefore, it is possible to make it difficult for the given password to be known to anyone other than the user who is permitted to use the vehicle. Further, since the utterance password, which is the utterance password, is recognized by the voice recognition unit, it is possible to input the utterance password without the trouble of inputting the operation of the user. Since the given password is a temporary password, it is possible to maintain higher security even if the password spoken by the user who hears the given password is stolen by a third party. As a result, when the temporary use of the vehicle is permitted, it is possible to improve the convenience while improving the security in the authentication at the time of using the vehicle.

It is a figure which shows an example of the schematic structure of the vehicle authentication system 1. It is a figure which shows an example of the schematic structure of the hearable terminal 2. It is a figure which shows an example of the schematic structure of the vehicle side unit 3. It is a figure which shows an example of the schematic structure of the collation ECU 30. It is a flowchart which shows an example of the flow of the authentication-related processing in the vehicle authentication system 1. It is a figure which shows an example of the schematic structure of the vehicle authentication system 1a. It is a figure which shows an example of the schematic structure of the hearable terminal 2a. It is a figure which shows an example of the schematic structure of the vehicle side unit 3a.

A plurality of embodiments for disclosure will be described with reference to the drawings. For convenience of explanation, the parts having the same functions as the parts shown in the drawings used in the explanations up to that point may be designated by the same reference numerals and the description thereof may be omitted. is there. For the parts with the same reference numerals, the description in other embodiments can be referred to.

(Embodiment 1)
<Outline configuration of vehicle authentication system 1>
Hereinafter, the first embodiment of the present disclosure will be described with reference to the drawings. The vehicle authentication system 1 shown in FIG. 1 includes a hearable terminal 2 and a vehicle side unit 3. The vehicle authentication system 1 uses the cloud system 4 to exchange information between the hearable terminal 2 and the vehicle side unit 3.

The hearable terminal 2 is an earphone-type wearable terminal that is worn on the user's ear and used. The hearable terminal 2 shall have at least a function as an earphone, a function as a microphone, and a communication function. The hearable terminal 2 shall also include a headset or the like having a function as a microphone and a communication function. The details of the hearable terminal 2 will be described later.

The vehicle side unit 3 is used in a vehicle. The vehicle-side unit 3 can communicate with the hearable terminal 2, and authenticates the use of the vehicle by collation through this communication. The details of the vehicle side unit 3 will be described later.

The vehicle using the vehicle-side unit 3 may be a vehicle (hereinafter referred to as a service vehicle) used by a plurality of users other than the same household, such as a rental car or a shared car. The service vehicle may be a vehicle that is dispatched by automatic driving or that carries out passenger transportation by automatic driving. The share car is a share car used for ride sharing where unfamiliar users ride together, and a car share for renting a privately owned vehicle to another person during a time when the manager of this vehicle is not using it. Including share cars. In the following, the user who rents a car and the user who provides the shared car as a service are referred to as an administrator, and the user who rents a car and the user who uses the shared car as a service are referred to as a service user.

The cloud system 4 exchanges information between the hearable terminal 2 and the vehicle side unit 3 by a server arranged on the cloud. That is, the hearable terminal 2 and the vehicle side unit 3 communicate with each other via the cloud system 4. The cloud system 4 can be rephrased as a network, for example.

<Outline configuration of hearable terminal 2>
Subsequently, the schematic configuration of the hearable terminal 2 will be described with reference to FIG. As shown in FIG. 2, the hearable terminal 2 includes a control unit 20, a communication module 21, a speaker 22, and a microphone 23.

The communication module 21 is a communication module for performing communication via the cloud system 4. The communication module 21 may be configured to perform communication via the cloud system 4 through the mobile terminal by communicating with a mobile terminal such as a smartphone. In this case, the communication module 21 may be configured to communicate with the mobile terminal by short-range wireless communication in accordance with a short-range wireless communication standard such as Bluetooth (registered trademark). Further, the communication module 21 may be configured to perform communication via the cloud system 4 by connecting to the network without going through the mobile terminal.

The communication module 21 includes a memory, and for example, the identification information unique to each hearable terminal 2 (hereinafter, terminal side ID) may be stored in the memory in advance. Then, the communication module 21 may be configured to transmit, for example, the terminal side ID stored in the memory to the communication connection destination when making a communication connection.

The communication module 21 transmits information to the communication connection destination according to the instruction of the control unit 20. The information transmitted from the communication module 21 is transmitted to the vehicle side unit 3 previously associated with the hearable terminal 2 as the own terminal (hereinafter, simply the own terminal) via the cloud system 4. Further, the communication module 21 receives the information transmitted from the vehicle side unit 3 associated with the own terminal in advance via the cloud system 4.

As an example, the link between the hearable terminal 2 and the vehicle side unit 3 is performed by associating the terminal side ID with the identification information for identifying the vehicle using the vehicle side unit 3 (hereinafter referred to as the vehicle side ID). And it is sufficient. As the vehicle-side ID, the vehicle ID, the device ID of the communication module 31 described later included in the vehicle-side unit 3, and the like may be used. It can be said that the vehicle-side ID is identification information of the collation ECU 30 described later included in the vehicle-side unit 3. For example, the server on the cloud system 4 stores in advance the correspondence between the vehicle side ID and the terminal side ID of the hearable terminal 2 of the user who permits the use of the vehicle corresponding to the vehicle side ID. To do. Then, the cloud system 4 refers to the correspondence between the vehicle-side ID and the terminal-side ID, so that the vehicle-side unit 3 and the hearable terminal 2 of the user who permits the use of the vehicle in which the vehicle-side unit 3 is used are used. Information shall be sent and received to and from.

The speaker 22 is an audio output device that outputs audio. The speaker 22 outputs sound according to the instruction of the control unit 20. The speaker 22 is preferably provided at a portion of the hearable terminal 2 that is inserted into the ear canal when worn. This is to make it difficult for the voice output from the speaker 22 to be recognized by anyone other than the user who wears the hearable terminal 2 in his / her ear. The microphone 23 is a voice input device that collects sound. The microphone 23 converts the collected voice into an electrical voice signal and outputs it to the control unit 20.

The control unit 20 includes, for example, a processor, a memory, an I / O, and a bus connecting these, and executes various processes related to the functions of the hearable terminal 2 by executing a control program stored in the memory. The memory referred to here is a non-transitory tangible storage medium for storing programs and data that can be read by a computer non-transitoryly. Further, the non-transitional substantive storage medium is realized by a semiconductor memory or the like. Details of the control unit 20 will be described below.

<Rough configuration of control unit 20>
Subsequently, the schematic configuration of the control unit 20 will be described with reference to FIG. As shown in FIG. 2, the control unit 20 includes a reception information acquisition unit 201, a voice output processing unit 202, a voice recognition unit 203, a transmission processing unit 204, and a biometric authentication unit 205 as functional blocks. A part or all of the functions executed by the control unit 20 may be configured in hardware by one or a plurality of ICs or the like. Further, a part or all of the functional blocks included in the control unit 20 may be realized by executing software by a processor and a combination of hardware members.

The reception information acquisition unit 201 acquires the information received by the communication module 21. Specifically, the assigned password transmitted from the collation ECU 30 described later included in the vehicle side unit 3 is acquired. The assigned password is a password transmitted to the hearable terminal 2 of the user who permits the use of the vehicle. The assigned password is, for example, a list of several-digit symbols. The symbol may be a number or a character, but the following description will be given by taking the case where the assigned password is a list of numbers as an example.

The voice output processing unit 202 causes the speaker 22 to output the assigned password acquired by the reception information acquisition unit 201 as voice. That is, the voice output processing unit 202 causes the speaker 22 to output the assigned password transmitted from the verification ECU 30 as voice. As an example, the voice output processing unit 202 outputs a synthetic voice indicating a list of numbers of the assigned password from the speaker 22.

When it is desired to obtain permission to use the vehicle using the vehicle side unit 3, the user wearing the hearable terminal 2 hears the given password output as voice from the speaker 22 and utters the given given password. When the password is spoken by the user, the microphone 23 collects the voice when the password is spoken. The password spoken by the user is hereinafter referred to as the spoken password.

The voice recognition unit 203 voice-recognizes the utterance password from the sound collected by the microphone 23 after outputting the assigned password as voice from the speaker 22. As an example, the voice recognition unit 203 converts the voice signal input from the microphone 23 into a symbol string such as a character or a number indicating the utterance content by using the recognition dictionary. The voice recognition unit 203 may convert the voice signal into a symbol string by using a method such as a Hidden Markov Model.

The transmission processing unit 204 causes the voice recognition unit 203 to transmit the utterance password recognized by the voice recognition unit 203. This transmission processing unit 204 corresponds to the terminal-side transmission processing unit. As an example, the transmission processing unit 204 causes the communication module 21 to transmit the utterance password recognized by the voice recognition unit 203 via the cloud system 4. The utterance password transmitted from the communication module 21 is transmitted to the vehicle side unit 3 linked in advance to the own terminal via the cloud system 4.

The biometric authentication unit 205 authenticates the user who uses the own terminal by biometric authentication. The biometric authentication unit 205 includes an otoacoustic authentication unit 251 and a voiceprint authentication unit 252. The biometric authentication unit 205 may have a configuration other than the otoacoustic authentication unit 251 and the voiceprint authentication unit 252.

The otoacoustic emission authentication unit 251 authenticates a legitimate user of the own terminal by otoacoustic emission authentication. In otoacoustic authentication, biometric authentication is performed using acoustic characteristics determined by the shape of the user's ear canal. As an example, the otoacoustic emission authentication unit 251 outputs a sound for otoacoustic emission authentication from the speaker 22 by the sound output processing unit 202, and performs otoacoustic emission authentication from the acoustic characteristics of the reverberant sound collected by the microphone 23 in the ear canal. ..

The microphone 23 is preferably provided at a portion inserted into the ear canal at the time of wearing in order to perform otoacoustic authentication, but is exposed to the outside of the ear canal at the time of wearing in order to collect the user's utterance. It is preferable that the portion is provided. Therefore, the microphone 23 may be provided in a portion exposed to the outside of the ear canal when worn, while a microphone for use in otoacoustic emission authentication, which is different from the microphone 23, may be provided in the portion inserted into the ear canal when worn. .. In this case, the control unit 20 has a period from the output of the sound for ear acoustic authentication to the collection of the echo sound in the ear canal and the period from the output of the voice of the assigned password to the voice recognition of the utterance password. It is preferable to shift the timing so that they do not overlap with each other.

The voiceprint authentication unit 252 authenticates a legitimate user of the own terminal by voiceprint authentication. In voiceprint authentication, biometric authentication is performed using the voiceprint, which is a characteristic of the user's voice. As an example, the voiceprint authentication unit 252 identifies the voiceprint from the user's voice collected by the microphone 23 when recognizing the speech password by voice, and performs voiceprint authentication.

<Outline configuration of vehicle side unit 3>
Subsequently, the schematic configuration of the vehicle side unit 3 will be described with reference to FIG. As shown in FIG. 3, the vehicle side unit 3 includes a collation ECU 30, a communication module 31, a vehicle state sensor 32, a start switch (hereinafter, start SW) 33, a lock / unlock switch (hereinafter, lock / unlock SW) 34, and a body ECU 35. And the power unit ECU 36 are included.

The communication module 31 is an in-vehicle communication module. By connecting to the network, the communication module 31 performs communication via the cloud system 4. As the communication module 31, for example, a DCM (Data Communication Module) may be used. The communication module 31 includes a memory, and for example, the vehicle-side ID described above may be stored in this memory in advance. Then, the communication module 31 may be configured to transmit, for example, the vehicle side ID stored in the memory to the communication connection destination when the communication is connected.

The vehicle state sensor 32 is a group of sensors for detecting information on the behavior of the vehicle such as the running state and the operating state of the own vehicle. Examples of the vehicle state sensor 32 include a vehicle speed sensor that detects the vehicle speed, a shift position sensor that detects the shift position, and the like.

The start SW33 is a switch for requesting the start of the traveling drive source of the own vehicle. The starting SW33 is provided, for example, in front of the driver's seat. As the starting SW33, for example, a mechanical button switch can be used.

The lock / unlock SW34 is a switch for requesting the lock / unlock of the vehicle door of the own vehicle such as the driver's seat door, the passenger's seat door, and the trunk room door. The locking / unlocking SW34 is provided on, for example, the outer door handle of the driver's seat and passenger's seat doors. The locking / unlocking SW34 is provided on the rear bumper, for example, for the trunk room door. As the locking / unlocking SW34, for example, a touch switch or a mechanical button switch can be used.

The body ECU 35 locks and unlocks each vehicle door by outputting a drive signal for controlling locking and unlocking of each vehicle door of the own vehicle to a door lock motor provided on each vehicle door. The body ECU 35 locks the door lock by outputting a lock signal to the door lock motor. The body ECU 35 outputs the unlocking signal to the door lock motor to unlock the door lock. Locking / unlocking SW34 for each vehicle door is connected to the body ECU 35. The body ECU 35 acquires the signal of the locking / unlocking SW34 and detects the operation of the locking / unlocking SW34.

The power unit ECU 36 is an electronic control device that controls a traveling drive source such as an internal combustion engine or a motor generator of the own vehicle. When the power unit ECU 36 acquires the start permission signal of the traveling drive source from the matching ECU 30, the power unit ECU 36 starts the traveling drive source of the own vehicle.

The collation ECU 30 includes, for example, a processor, a memory, an I / O, and a bus connecting these, and executes various processes related to authentication permitting the use of the own vehicle by executing a control program stored in the memory. The memory referred to here is a non-transitory tangible storage medium for storing programs and data that can be read by a computer non-transitoryly. Further, the non-transitional substantive storage medium is realized by a semiconductor memory, a magnetic disk, or the like. Details of the collation ECU 30 will be described below.

<Outline configuration of collation ECU 30>
Next, an example of a schematic configuration of the collation ECU 30 will be described with reference to FIG. As shown in FIG. 4, the collation ECU 30 includes a trigger detection unit 301, a transmission processing unit 302, a storage unit 303, a reception information acquisition unit 304, a collation unit 305, and a permission unit 306 as functional blocks. The collation ECU 30 corresponds to an in-vehicle device. In addition, a part or all of the functions executed by the collation ECU 30 may be configured in hardware by one or a plurality of ICs or the like. Further, a part or all of the functional blocks included in the collation ECU 30 may be realized by executing software by a processor and a combination of hardware members.

The trigger detection unit 301 detects a trigger related to the use of the own vehicle. Situations for using the own vehicle include opening the vehicle door for the user to board, starting the own vehicle, opening the trunk room door, and the like. The opening of the trunk room door also includes an opening for a delivery company to put luggage in the trunk room when the trunk room is used as a delivery box.

The trigger related to the opening of the vehicle door for the user's boarding (hereinafter referred to as the boarding trigger) may be detected as follows. The trigger detection unit 301 determines that the vehicle is parked based on the detection result of the vehicle state sensor 32, and detects that the lock / unlock SW34 for the driver's seat or passenger's seat door has been operated. Should be detected. Parking of the own vehicle may be determined, for example, because the shift position detected by the shift position sensor is the parking position. Further, it may be determined because the vehicle speed detected by the vehicle speed sensor is a value indicating a stop. The operation of the locking / unlocking SW34 may be detected from the signal of the locking / unlocking SW34.

The trigger related to the start of the own vehicle (hereinafter referred to as the start trigger) may be detected as follows. The trigger detection unit 301 may detect the start trigger when it detects that the start SW33 has been operated. The operation of the start SW33 may be detected from the signal of the start SW33.

The trigger related to the opening of the trunk room door (hereinafter referred to as the trunk opening trigger) may be detected as follows. If the trigger detection unit 301 detects the parking of the own vehicle from the detection result of the vehicle condition sensor 32 and detects that the lock / unlock SW34 for the trunk room door has been operated, the trigger detection unit 301 detects the trunk release trigger. Good.

When the trigger detection unit 301 detects the trigger, the transmission processing unit 302 causes the hearable terminal 2 of the user who permits the use of the own vehicle to transmit the assigned password. The transmission processing unit 302 corresponds to the vehicle-side transmission processing unit. The given password is a temporary password. The transmission processing unit 302 randomly generates a list of numbers and uses it as the assigned password each time the trigger detecting unit 301 detects the trigger and transmits the assigned password. The transmission processing unit 302 causes the communication module 31 to transmit the generated assigned password via the cloud system 4. The assigned password transmitted from the communication module 31 is transmitted to the hearable terminal 2 associated with the own device in advance via the cloud system 4.

Further, the transmission processing unit 302 temporarily stores the same password as the assigned password to be transmitted in the storage unit 303. As the storage unit 303, for example, a non-volatile memory may be used. The assigned password stored in the storage unit 303 may be deleted when the verification described later is established. Further, the assigned password stored in the storage unit 303 may be deleted when the preset deadline has elapsed, even if the verification described later is not established.

The reception information acquisition unit 304 acquires the utterance password received from the hearable terminal 2 via the cloud system 4 by the communication module 31 in response to the transmission processing unit 302 transmitting the assigned password.

When the reception information acquisition unit 304 acquires the utterance password, the collation unit 305 collates whether the acquired utterance password matches the assigned password stored in the storage unit 303.

The permission unit 306 outputs an unlocking signal to the door lock motors of all vehicle doors when the trigger detection unit 301 detects the boarding trigger and the collation unit 305 establishes the collation, and all vehicles. Unlock the door. When the trigger detection unit 301 detects the start trigger and the collation unit 305 establishes the collation, the permission unit 306 outputs the start permission signal of the travel drive source to the power unit ECU 36 to output the travel drive source. To start. The permission unit 306 outputs an unlocking signal to the door lock motor of the trunk room door when the trigger detection unit 301 detects the trunk release trigger and the collation unit 305 establishes the collation, and the trunk room door. Unlock. In this case, only the trunk room door may be configured to be unlocked.

Further, it is preferable that the permission unit 306 also makes it a condition for permitting the use of the vehicle that the time from the transmission of the assigned password by the transmission processing unit 302 until the verification is established is within the specified time. According to this, it is possible to improve the security as compared with the case where this configuration is not adopted. The specified time is a value that can be set arbitrarily. It is preferable to set the specified time short in order to improve security.

<Authentication-related processing in vehicle authentication system 1>
Subsequently, an example of the flow of the process related to the permission to use the vehicle in the vehicle authentication system 1 (hereinafter referred to as the authentication-related process) will be described with reference to the flowchart of FIG. The flowchart of FIG. 5 may be configured to start when a trigger is detected by the trigger detection unit 301.

First, in step S1, in the vehicle side unit 3, the transmission processing unit 302 causes the communication module 31 to transmit the assigned password. The assigned password transmitted from the communication module 31 is sent to the hearable terminal 2 of the user who permits the use of the vehicle using the vehicle side unit 3 via the cloud system 4. In the vehicle authentication system 1, information is exchanged between the communication module 31 and the hearable terminal 2 that are associated with each other based on the vehicle side ID of the communication module 31 and the terminal side ID of the hearable terminal 2. Will be.

In step S2, if the ear acoustic authentication is established by the ear acoustic authentication unit 251 in the hearable terminal 2 (YES in S2), the process proceeds to step S3. On the other hand, when the otoacoustic emission authentication unit 251 fails to establish the otoacoustic emission (NO in S2), the authentication-related processing is terminated. According to this, when the hearable terminal 2 is used by a user other than a legitimate user, the subsequent processing is not performed. Therefore, it is possible to prevent the use of the vehicle from being permitted by spoofing that the hearable terminal 2 is used by a person other than a legitimate user. The ear acoustic authentication here may be performed when the assigned password transmitted from the communication module 31 is received by the communication module 21 of the hearable terminal 2, or may be performed in advance before receiving the password. May be.

In step S3, in the hearable terminal 2, the reception information acquisition unit 201 acquires the assigned password received by the communication module 21. In step S4, in the hearable terminal 2, the voice output processing unit 202 causes the speaker 22 to output the assigned password acquired in S3 as voice. Here, the user wearing the hearable terminal 2 hears the given password output as voice from the speaker 22, and speaks the heard given password.

In step S5, in the hearable terminal 2, the microphone 23 collects the voice when the password is spoken by the user. Then, the voice recognition unit 203 voice-recognizes the utterance password from the sound collected by the microphone 23.

In step S6, in the hearable terminal 2, the voiceprint authentication unit 252 identifies the voiceprint from the user's voice collected in S5 and performs voiceprint authentication. Then, when the voiceprint authentication is established (YES in S6), the process proceeds to step S7. On the other hand, if the voiceprint authentication is unsuccessful (NO in S6), the authentication-related processing is terminated. According to this, when the hearable terminal 2 is used by a user other than a legitimate user, the subsequent processing is not performed. Therefore, it is possible to prevent the use of the vehicle from being permitted by spoofing that the hearable terminal 2 is used by a person other than a legitimate user. Further, since the voiceprint authentication is performed by using the voice when the password is spoken, it is possible to reduce the troublesomeness and waste of time that the user has to speak only for the voiceprint authentication. Furthermore, since different types of authentication are performed between otoacoustic emission authentication and voiceprint authentication, security is further improved.

In step S7, in the hearable terminal 2, the transmission processing unit 204 causes the communication module 21 to transmit the utterance password recognized by voice in S5. The utterance password transmitted from the communication module 21 is sent to the communication module 31 of the vehicle side unit 3 used in the vehicle for which the user requests permission to use the voice via the cloud system 4.

In step S8, in the vehicle side unit 3, the reception information acquisition unit 304 acquires the utterance password received by the communication module 31. In step S9, the collation unit 305 collates the given password transmitted in S1 with the utterance password acquired in S8. Then, if the elapsed time from the transmission of the assigned password in S1 is within the specified time and the passwords of the assigned password and the utterance password match (YES in S9), the process proceeds to step S10. On the other hand, if the passwords do not match within the specified time (NO in S9), the authentication-related processing is terminated.

In step S10, the permission unit 306 permits the use of the vehicle according to the trigger detected by the trigger detection unit 301. For example, in the case of a boarding trigger, the permission unit 306 unlocks all vehicle doors. For example, in the case of a start trigger, the permit unit 306 starts the traveling drive source. For example, in the case of a trunk opening trigger, the permission unit 306 unlocks the trunk room door.

It is preferable that the authority to which the permission unit 306 permits the use of the vehicle (hereinafter referred to as the use authority) is changed according to the type of the user. For example, the service user of the service vehicle and the owner's family of the private vehicle may be allowed to unlock all the vehicle doors, start the traveling drive source, and unlock the trunk room door as described above. On the other hand, the courier company need only be allowed to unlock the trunk room door among the above-mentioned unlocking of all vehicle doors, starting of the traveling drive source, and unlocking the trunk room door. According to this, it is possible to limit the usage authority according to the type of user. For example, a courier can use it to allow only the unlocking of the trunk room door.

When changing the usage authority according to the type of user, for example, in the server on the cloud system 4, the information about the range of the usage authority is linked in advance to the link between the vehicle side ID and the terminal side ID. Keep it. Then, the collation ECU 30 may change the usage authority according to the type of the user of the hearable terminal 2 based on this association.

Further, for example, in the server on the cloud system 4, the number of times of permission for use is also linked to the link between the vehicle side ID and the terminal side ID, and the matching ECU 30 is based on this linking of the user of the hearable terminal 2. The number of times of permission to use may be changed according to the type. According to this, it is possible to limit the number of times of use permission according to the type of user. For example, a courier can be used to allow the trunk room door to be unlocked only once.

<Summary of Embodiment 1>
According to the configuration of the first embodiment, it is possible to authenticate when using the vehicle by the password spoken by the user. Since the hearable terminal 2 is worn on the user's ear, it is possible to narrow down the assigned password output as voice to the user who is permitted to use the vehicle and recognize it. Therefore, it is possible to make the given password difficult to be known to anyone other than the user who is permitted to use the vehicle. Further, since the utterance password, which is the utterance password, is voice-recognized by the voice recognition unit 203, it is possible to input the utterance password without the trouble of inputting the operation of the user. Since the given password is a temporary password, it is possible to maintain higher security even if the password spoken by the user who hears the given password is stolen by a third party. As a result, when the temporary use of the vehicle is permitted, it is possible to improve the convenience while improving the security in the authentication at the time of using the vehicle.

Further, according to the configuration of the first embodiment, the user can input by listening to the password output as voice and speaking the password. Therefore, it is possible to shorten the time required for the work as compared with the case where the displayed password is read and the user manually inputs the password. Therefore, the validity period of the password can be shortened as compared with the case of displaying the password. As a result, the security can be improved by the amount that the password validity period can be shortened.

(Embodiment 2)
In the first embodiment, the configuration in which the otoacoustic emission authentication and the voiceprint authentication are performed in duplicate as the biometric authentication is shown, but the present invention is not necessarily limited to this. For example, it may be configured to perform only one type of biometric authentication as biometric authentication. As an example, the otoacoustic authentication may be performed a plurality of times as biometric authentication. In this case, the flowchart of FIG. 5 may be configured such that the otoacoustic emission authentication unit 251 performs the otoacoustic emission authentication instead of the voiceprint authentication unit 252 performing the voiceprint authentication in the step S6.

(Embodiment 3)
In the above-described embodiment, a configuration for performing biometric authentication as to whether or not the user is a legitimate user of the hearable terminal 2 is shown, but the present invention is not necessarily limited to this. For example, the hearable terminal 2 may not be provided with the biometric authentication unit 205 and may be configured not to perform biometric authentication as to whether or not the user is a legitimate user. In this case, the flowchart of FIG. 5 may be configured to omit the steps S2 and S6.

(Embodiment 4)
In the above-described embodiment, the hearable terminal 2 and the vehicle-side unit 3 communicate with each other via the cloud system 4, but the present invention is not necessarily limited to this. For example, the hearable terminal 2 and the vehicle-side unit 3 may be configured to directly communicate with each other by short-range wireless communication. As an example, the hearable terminal 2 and the vehicle-side unit 3 may transmit and receive information by short-range wireless communication according to a short-range wireless communication standard such as Bluetooth. In this case, as the communication module 21 of the hearable terminal 2, a communication module that performs short-range wireless communication may be used. The communication module 31 of the vehicle-side unit 3 may also be configured to use a communication module that performs short-range wireless communication. Further, the information on the association between the vehicle side ID and the terminal side ID described above may be stored in advance in, for example, the non-volatile memory of the collation ECU 30.

(Embodiment 5)
In the above-described embodiment, an example is shown in which the communication path used for communication between the hearable terminal 2 and the vehicle-side unit 3 is one type, but the present invention is not necessarily limited to this. For example, a configuration using two types of communication paths (hereinafter, embodiment 5) may be used. Here, an example of the fifth embodiment will be described with reference to the drawings.

The vehicle authentication system 1a shown in FIG. 6 includes a hearable terminal 2a and a vehicle side unit 3a. The vehicle authentication system 1a uses a communication path using the cloud system 4 and a communication path by short-range wireless communication as a communication path for exchanging information between the hearable terminal 2a and the vehicle side unit 3a.

As shown in FIG. 7, the hearable terminal 2a includes a control unit 20, a communication module 21a, a speaker 22, and a microphone 23. The hearable terminal 2a is the same as the hearable terminal 2 of the first embodiment except that the communication module 21a is provided instead of the communication module 21.

As shown in FIG. 8, the vehicle side unit 3a includes a collation ECU 30, a communication module 31a, a vehicle state sensor 32, a start SW33, a locking / unlocking SW34, a body ECU 35, and a power unit ECU 36. The vehicle-side unit 3a is the same as the vehicle-side unit 3 of the first embodiment except that the communication module 31a is included instead of the communication module 31.

The communication module 21a and the communication module 31a have a function of communicating via the cloud system 4 (hereinafter, network communication function) and a function of communicating by short-range wireless communication according to the short-range wireless communication standard (hereinafter, short-range). It has a wireless communication function). As an example, the communication module 21a and the communication module 31a are the same as the communication module 21 and the communication module 31 of the first embodiment except that they have a short-range wireless communication function. The communication module 21a may have a configuration in which each function is realized by an integrated module, or a configuration in which each function is realized by a separate module. The communication module 31a may also have a configuration in which each function is realized by an integrated module, or a configuration in which each function is realized by a separate module.

The communication module 21a stores in advance different terminal-side IDs for its own terminal in the memory for each communication path to be used. Then, the communication module 21a may be configured to transmit, for example, the terminal side ID stored in the memory to the communication connection destination for each communication path to be used when making a communication connection.

The communication module 31a also stores in advance different vehicle-side IDs for its own device in the memory for each communication path to be used. Then, the communication module 31a may be configured to transmit, for example, the vehicle side ID stored in the memory to the communication connection destination for each communication path to be used when making a communication connection.

Further, the correspondence between the vehicle side ID and the terminal side ID is that the identification information is different even for the combination of the same collation ECU 30 and the hearable terminal 2 of the user who permits the use of the vehicle for each communication path. To do. The correspondence relationship between the vehicle side ID and the terminal side ID when communicating via the cloud system 4 is a configuration in which the correspondence relationship between the vehicle side ID and the terminal side ID is stored in advance in the server on the cloud system 4 as described in the first embodiment. do it. The correspondence between the vehicle-side ID and the terminal-side ID when communicating by short-range wireless communication may be stored in advance in, for example, the non-volatile memory of the collation ECU 30.

The communication module 21a and the communication module 31a have different communication paths for receiving the assigned password and transmitting the utterance password. For example, the transmission processing unit 302 of the vehicle-side unit 3a has a vehicle-side ID and a terminal-side ID for this communication path stored in advance in the server on the cloud system 4 via the communication path using the cloud system 4. The assigned password may be transmitted to the hearable terminal 2a associated with the correspondence of. On the other hand, the transmission processing unit 204 of the hearable terminal 2 has a vehicle-side ID and a terminal-side ID for this communication path stored in advance in the non-volatile memory of the collation ECU 30 via a communication path for communication by short-range wireless communication. The utterance password may be transmitted to the collation ECU 30 associated with the above. Here, the communication path using the cloud system 4 corresponds to the first communication path, and the communication path for communicating by short-range wireless communication corresponds to the second communication path.

Further, the transmission processing unit 302 of the vehicle side unit 3a passes through a communication path for communication by short-range wireless communication, and the vehicle side ID and the terminal side for this communication path stored in advance in the non-volatile memory of the collation ECU 30. The assigned password may be transmitted to the hearable terminal 2a associated with the ID in correspondence with the ID. In this case, the transmission processing unit 204 of the hearable terminal 2a has a vehicle-side ID and a terminal-side ID for this communication path stored in advance in the server on the cloud system 4 via the communication path using the cloud system 4. The utterance password may be transmitted to the collation ECU 30 associated with the correspondence of the above. Here, the communication path for short-range wireless communication corresponds to the first communication path, and the communication path using the cloud system 4 corresponds to the second communication path.

According to the configuration of the fifth embodiment, the communication path for exchanging the assigned password and the communication path for exchanging the utterance password between the verification ECU 30 and the hearable terminal 2a are different. Therefore, even if the terminal side ID of the hearable terminal 2a used in one of the communication paths is known to a third party, the terminal side ID of the hearable terminal 2a used in the other communication path is known. Otherwise, you will not be able to impersonate a legitimate user. Therefore, it is possible to further improve the security.

(Embodiment 6)
In the above-described embodiment, the collation ECU 30 and the body ECU 35 are shown as separate bodies, but the present invention is not necessarily limited to this. For example, an electronic control device that has both the function of the collation ECU 30 and the function of the body ECU 35 may be used.

The present disclosure is not limited to the above-described embodiment, and various modifications can be made within the scope of the claims, and can be obtained by appropriately combining the technical means disclosed in the different embodiments. Embodiments are also included in the technical scope of the present disclosure. Further, the control unit and the method thereof described in the present disclosure may be realized by a dedicated computer constituting a processor programmed to execute one or a plurality of functions embodied by a computer program. Alternatively, the apparatus and method thereof described in the present disclosure may be realized by a dedicated hardware logic circuit. Alternatively, the apparatus and method thereof described in the present disclosure may be realized by one or more dedicated computers configured by a combination of a processor that executes a computer program and one or more hardware logic circuits. Further, the computer program may be stored in a computer-readable non-transitional tangible recording medium as an instruction executed by the computer.

1,1a Vehicle authentication system, 2,2a hearable terminal, 3,3a vehicle side unit, 4 cloud system, 20 control unit, 21,21a communication module, 22 speakers, 23 microphones, 30 verification ECU (vehicle-mounted device), 31 , 31a Communication module, 202 voice output processing unit, 203 voice recognition unit, 204 transmission processing unit (terminal side transmission processing unit), 205 biometric authentication unit, 251 ear acoustic authentication unit (biometric authentication unit), 252 voice print authentication unit (biological body) Authentication unit), 301 trigger detection unit, 302 transmission processing unit (vehicle-side transmission processing unit), 306 permission unit

Claims (7)

A hearable terminal (2,2a) that is attached to the user's ear and has a speaker (22) and a microphone (23).
Including an in-vehicle device (30) which is used in a vehicle and includes a permission unit (306) for permitting the use of the vehicle.
The in-vehicle device is
A trigger detection unit (301) that detects a trigger related to the use of the vehicle, and
When the trigger detection unit detects the trigger, it includes a vehicle-side transmission processing unit (302) that causes the hearable terminal of a user who permits the use of the vehicle to transmit an assigned password which is a temporary password.
The hearable terminal is
A voice output processing unit (202) that outputs the given password transmitted from the vehicle-mounted device as voice from the speaker, and
A voice recognition unit (203) that recognizes the spoken password, which is the spoken password, from the sound collected by the microphone after the assigned password is output as voice from the speaker.
A terminal-side transmission processing unit (204) for transmitting the utterance password recognized by the voice recognition unit is provided.
The permission unit of the vehicle-mounted device permits the use of the vehicle when the given password transmitted from the vehicle-side transmission processing unit and the speech password received from the hearable terminal match. A vehicle authentication system that does not permit the use of the vehicle if they do not match. The hearable terminal is
It is equipped with a biometric authentication unit (205,251,252) that authenticates the user who uses the own terminal by biometric authentication.
The vehicle authentication according to claim 1, wherein the voice output processing unit outputs the given password transmitted from the in-vehicle device as voice from the speaker on condition that the authentication by the biometric authentication unit is established. system. The terminal-side transmission processing unit also performs the authentication by the biometric authentication unit when transmitting the speech password that has been voice-recognized by the voice recognition unit, provided that the authentication by the biometric authentication unit is established. The vehicle authentication system according to claim 2, wherein the speech recognition password recognized by the voice recognition unit is transmitted. The biometric authentication unit (251) can perform the authentication by otoacoustic authentication, which performs biometric authentication using at least acoustic characteristics determined by the shape of the ear canal.
The voice output processing unit outputs the given password transmitted from the in-vehicle device as voice from the speaker on condition that the authentication by the ear acoustic authentication by the biometric authentication unit is established.
The third aspect of claim 3, wherein the terminal-side transmission processing unit transmits the utterance password voice-recognized by the voice recognition unit, provided that the second authentication by the ear-acoustic authentication by the biometric authentication unit is established. Vehicle authentication system. The biometric authentication unit (251,252) can perform the authentication by both otoacoustic authentication, which performs biometric authentication using at least acoustic characteristics determined by the shape of the ear canal, and voiceprint authentication. hand,
The voice output processing unit outputs the given password transmitted from the in-vehicle device as voice from the speaker on condition that the authentication by the ear acoustic authentication by the biometric authentication unit is established.
The terminal-side transmission processing unit performs voice recognition by the voice recognition unit on condition that the authentication by the voiceprint authentication by the biometric authentication unit is established when the voice recognition unit recognizes the speech password by voice. The vehicle authentication system according to claim 3, wherein the speech password is transmitted. The in-vehicle device and the hearable terminal can communicate with each other via the cloud system (4).
The cloud system is a user who permits the use of the in-vehicle device and the vehicle based on a correspondence relationship between the in-vehicle device and the hearable terminal of the user who permits the use of the vehicle, which is stored in advance. Information is sent and received to and from the above-mentioned hearable terminal.
The vehicle-side transmission processing unit causes the hearable terminal of the user who permits the use of the vehicle to transmit the given password by passing through the cloud system.
The vehicle use according to any one of claims 1 to 5, wherein the terminal-side transmission processing unit transmits the utterance password voice-recognized by the voice recognition unit to the in-vehicle device via the cloud system. Authentication system. The in-vehicle device and the hearable terminal can communicate with each other through a plurality of types of communication paths, and the identification information used differs depending on the communication path.
The correspondence relationship of the identification information between the in-vehicle device and the hearable terminal of the user who permits the use of the vehicle, which is stored in advance, is the same as that of the user who permits the use of the in-vehicle device and the vehicle for each communication path. The identification information is also different for the combination with the hearable terminal,
The first communication path, which is a communication path in which the vehicle-side transmission processing unit transmits the given password to the hearable terminal of the user who permits the use of the vehicle, and the terminal-side transmission processing unit perform voice recognition by the voice recognition unit. It is different from the second communication path, which is the communication path for transmitting the spoken password to the in-vehicle device.
The vehicle-side transmission processing unit transmits the given password to the hearable terminal associated with the correspondence relationship stored in advance for the first communication path via the first communication path.
The terminal-side transmission processing unit voice-recognizes the in-vehicle device associated with the corresponding relationship stored in advance for the second communication path via the second communication path by the voice recognition unit. The vehicle authentication system according to any one of claims 1 to 5, wherein a speech password is transmitted.

Images