WO2022028246A1 - Vehicle start control method and vehicle-mounted authentication device - Google Patents

Vehicle start control method and vehicle-mounted authentication device Download PDF

Info

Publication number
WO2022028246A1
WO2022028246A1 PCT/CN2021/107483 CN2021107483W WO2022028246A1 WO 2022028246 A1 WO2022028246 A1 WO 2022028246A1 CN 2021107483 W CN2021107483 W CN 2021107483W WO 2022028246 A1 WO2022028246 A1 WO 2022028246A1
Authority
WO
WIPO (PCT)
Prior art keywords
vehicle
authentication device
mobile device
biometric information
seat
Prior art date
Application number
PCT/CN2021/107483
Other languages
French (fr)
Chinese (zh)
Inventor
王思善
王梓
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2022028246A1 publication Critical patent/WO2022028246A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60RVEHICLES, VEHICLE FITTINGS, OR VEHICLE PARTS, NOT OTHERWISE PROVIDED FOR
    • B60R25/00Fittings or systems for preventing or indicating unauthorised use or theft of vehicles
    • B60R25/20Means to switch the anti-theft system on or off
    • B60R25/25Means to switch the anti-theft system on or off using biometry
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V40/00Recognition of biometric, human-related or animal-related patterns in image or video data
    • G06V40/10Human or animal bodies, e.g. vehicle occupants or pedestrians; Body parts, e.g. hands
    • G06V40/16Human faces, e.g. facial parts, sketches or expressions

Definitions

  • the present application relates to the field of smart vehicles, and in particular, to a vehicle startup control method and a vehicle-mounted authentication device.
  • the digital car key product may include a mobile device and a digital key of a vehicle deployed in the mobile device.
  • the mobile device can assist in realizing functions such as unlocking the door and starting the vehicle by exchanging information with the in-vehicle authentication device deployed in the vehicle.
  • Bluetooth communication or Ultra Wide Band (Ultra Wide Band, UWB) communication technology can be used to accurately locate the mobile device, and determine whether the mobile device is located inside the vehicle according to the positioning result.
  • UWB Ultra Wide Band
  • the embodiments of the present application provide a vehicle startup control method and an on-board authentication device, which can realize the deployment of digital sensors or other components in the vehicle without adding sensors or other components for assisting in accurately locating the mobile device.
  • the vehicle can only be started when the mobile device of the key is located inside the vehicle, which meets regulatory requirements and ensures the safety of vehicle use.
  • a vehicle startup control method is provided, and the method can be executed by an in-vehicle authentication device of the vehicle.
  • the method includes: the in-vehicle authentication device obtains the biometric information of the target user; wherein, the target user sits on a target seat of the vehicle, and the target seat is located in the cab of the vehicle.
  • the in-vehicle authentication device encrypts the biometric information obtained by it according to the first key associated with the first mobile device, and sends the encrypted biometric information to the first mobile device; wherein the first mobile device and the vehicle The authentication device establishes a communication connection, the digital key of the vehicle is deployed in the first mobile device, and the in-vehicle authentication device has determined that the digital key has passed the authentication.
  • the in-vehicle authentication device receives a matching result from the first mobile device; wherein, the matching result is used to indicate whether the biometric information matches a biometric template, and the biometric template is the biometric feature of the user holding the first mobile device information.
  • the in-vehicle authentication device may activate/trigger the vehicle control device of the vehicle to activate the vehicle when the vehicle activation signal is received and the matching result indicates that the biometric information matches the biometric template.
  • the vehicle can only be started under the following conditions, which can meet the regulatory requirements and ensure the safety of the vehicle, such as reducing the risk of mis-starting and theft of the vehicle.
  • the in-vehicle authentication device completes authentication of the digital key and authentication of the target user's authority to use the vehicle before receiving the vehicle start signal.
  • the digital key is authenticated and the target user in the cab has the authority to legally use the vehicle.
  • the vehicle-mounted authentication device quickly starts or triggers the vehicle control device of the vehicle to start the vehicle, and the user experience is better.
  • the vehicle-mounted authentication device may further determine whether the trigger condition for collecting the biometric information is reached before acquiring the biometric information of the target user; if so, start the information collection unit of the vehicle-mounted authentication device; wherein , the information collection unit is used to collect the biometric information of the target user.
  • the information collection unit can be started on demand, so that the information collection state is prevented from being in the started state for a long time, and the power consumption of the information collection unit can be reduced.
  • the triggering condition for collecting biometric information includes at least one of the following items: the target user is seated on the target seat, the target user seated in the target seat is wearing a seat belt, and the The doors of the vehicle are closed.
  • the in-vehicle authentication device may further collect at least two scene images of the cab of the vehicle before acquiring the biometric information of the target user; and determine whether there is a target user performing the operation according to the at least two scene images at least one preset action; wherein, the at least one preset action includes at least one of the following actions: sitting on the target seat, wearing a seat belt, and looking at the information collection unit of the vehicle-mounted authentication device; if yes, Then it is determined that there is a target user who has performed at least one preset action.
  • the in-vehicle authentication device may extract the face image of the target user from the at least two scene images after determining that the target user has performed at least one preset action.
  • the face image of the target user is the Biometric information for the target user.
  • the vehicle-mounted device may further determine whether the face image satisfies a preset condition before encrypting the biometric information according to the first key associated with the first mobile device; wherein the preset condition Including at least one of the following items: the brightness value of the face image reaches a preset threshold, the face image does not have occlusion phenomenon, and the pose of the face image meets the predetermined requirements; if so, it is determined that the face image meets the preset requirements. Set conditions. In this way, it can be ensured that the face image sent to the first mobile device has good quality, so that the first mobile device can quickly match the face image and the face template in the subsequent process without requiring re-acquisition, thereby Helps to start the vehicle quickly.
  • the preset condition Including at least one of the following items: the brightness value of the face image reaches a preset threshold, the face image does not have occlusion phenomenon, and the pose of the face image meets the predetermined requirements; if so, it is determined that the face image meets the preset requirements. Set
  • the in-vehicle authentication device may further switch the current state of the vehicle from a non-startable state to a startable state when the matching result indicates that the biometric information matches the biometric template.
  • the in-vehicle device may trigger the vehicle control device to start the vehicle only when the vehicle start signal is received and the current state of the vehicle is a startable state.
  • the in-vehicle authentication device may also switch the current state of the vehicle from a startable state to a non-startable state when there is a state switching event; wherein the state switching event includes at least one of the following events : The target user sitting on the target seat leaves the target seat, the seat belt detection circuit corresponding to the target seat is switched from on to off, the door of the vehicle is switched from the closed state to the open state, and the vehicle is in the startable state for a continuous period of time. The time has reached the predetermined time.
  • the vehicle control device is triggered to start the vehicle, so as to avoid the verification of the digital key due to the completion of the vehicle-mounted authentication device.
  • the target user's authorization to use the vehicle is authenticated, if the target user sitting in the target seat changes, the target user no longer wears the seat belt, the door is reopened, etc., the vehicle is wrongly started and the Affecting driving safety.
  • the vehicle-mounted authentication device may further determine the respective location information of the plurality of second mobile devices before encrypting the biometric information according to the first key associated with the first mobile device; wherein the first The second mobile device has established a communication connection with the vehicle-mounted authentication device, the digital key of the vehicle is deployed in the second mobile device, and the vehicle-mounted authentication device has determined that the digital key deployed in the second mobile device has passed the authentication; location information to determine the first mobile device located in the cab of the vehicle.
  • a vehicle startup control device is provided.
  • the vehicle startup control device is deployed in an in-vehicle authentication device, and reference is made to the description in the first aspect for its beneficial effects.
  • the apparatus may comprise means or means implementing the method as provided in the first aspect.
  • the apparatus includes: a feature information acquisition unit for acquiring biometric information of the target user; wherein the target user sits on a target seat of the vehicle, and the target seat is located in the cab of the vehicle.
  • a feature information processing unit configured to encrypt the biometric information according to the first key associated with the first mobile device, and send the encrypted biometric information to the first mobile device; wherein the first mobile device and the vehicle-mounted authentication device
  • the communication connection is established, the digital key of the vehicle is deployed in the first mobile device, and the in-vehicle authentication device has determined that the digital key has passed the authentication.
  • the matching result receiving unit is configured to receive the matching result from the first mobile device; wherein, the matching result is used to indicate whether the biometric information matches the biometric template.
  • the starting signal receiving unit is used for receiving the vehicle starting signal.
  • the vehicle starting control unit is configured to trigger the vehicle control device of the vehicle to start the vehicle when the matching result indicates that the biometric information matches the biometric template.
  • the device further includes: a feature collection control unit, configured to determine whether a trigger condition for collecting biometric information is reached, and if so, start an information collection unit of the vehicle-mounted authentication device; wherein, the information collection unit uses It is used to collect the biometric information of the target user.
  • a feature collection control unit configured to determine whether a trigger condition for collecting biometric information is reached, and if so, start an information collection unit of the vehicle-mounted authentication device; wherein, the information collection unit uses It is used to collect the biometric information of the target user.
  • the triggering condition for collecting biometric information includes at least one of the following items: the target user is seated on the target seat, the target user seated in the target seat is wearing a seat belt, and the The doors of the vehicle are closed.
  • the apparatus further includes: a camera, configured to collect at least two scene images of the cab of the vehicle.
  • a feature acquisition control unit configured to determine whether there is a target user who has performed at least one preset action according to the at least two scene images; wherein, the at least one preset action includes at least one of the following actions: sitting on the target seat, The seat belt, and gaze at the information collection unit of the vehicle-mounted authentication device; if yes, it is determined that there is a target user who has performed at least one preset action.
  • the feature information acquisition unit is specifically configured to extract the face image of the target user from the at least two scene images.
  • the preprocessing unit is configured to determine whether the face image satisfies a preset condition; wherein the preset condition includes at least one of the following items: the brightness value of the face image reaches a preset value The threshold value, the face image does not have occlusion phenomenon, and the pose of the face image meets the predetermined requirements; if yes, it is determined that the face image meets the preset condition.
  • the device further includes: a state maintenance unit, configured to switch the current state of the vehicle from the non-startable state to the biometric template when the matching result indicates that the biometric information matches the biometric template. startable state.
  • the vehicle start control unit is specifically configured to trigger the vehicle control device of the vehicle to start the vehicle when the current state of the vehicle is a startable state.
  • an in-vehicle authentication device in a third aspect, is provided, and reference is made to the description in the first aspect for its beneficial effects.
  • the in-vehicle authentication device includes: a communication module, a memory and a processor. Wherein, computer programs/instructions are stored in the memory.
  • the communication module is used to communicate with the first mobile device.
  • the processor executes the computer program/instruction, the in-vehicle authentication device is made to implement the method provided in any one of the first aspects.
  • the vehicle-mounted authentication device further includes: an information collection unit, configured to collect biometric information of the target user.
  • the information collection unit includes a camera; and the biometric information includes a face image.
  • the vehicle-mounted authentication device further includes: a vehicle door sensor, configured to provide a sensor signal to the processor when the vehicle door is in a closed state; wherein the sensor signal is used to indicate that the vehicle door is in a closed state.
  • the in-vehicle authentication device further includes: a seat sensor, the seat sensor is disposed on a target seat in the cab of the vehicle, and is used to notify the processor to the processor when there is a target user sitting on the target seat Provide a trigger signal.
  • the in-vehicle authentication device further includes: a seat belt detection circuit, configured to detect whether the user seated in the target seat is wearing a seat belt.
  • a fourth aspect a computer-readable storage medium for storing a computer program/instruction, when the computer program/instruction is executed on an in-vehicle authentication device, the in-vehicle authentication device is made to execute any one of the above-mentioned first aspects the method described.
  • a fifth aspect provides a computer program product comprising a computer program/instruction, characterized in that, when the computer program product is run on an electronic device, the electronic device is made to perform any one of the above-mentioned first aspects. method described.
  • FIG. 1 is a schematic structural diagram of a vehicle-mounted authentication device provided in an embodiment of the application.
  • FIG. 2 is a schematic diagram of the deployment position of the camera of the in-vehicle authentication device in the vehicle.
  • FIG. 3 is a schematic structural diagram of a mobile device provided in an embodiment of the present application.
  • FIG. 4 is a schematic diagram of a service scenario according to an embodiment of the present application.
  • FIG. 5 is a schematic flowchart of a vehicle startup control method provided in an embodiment of the present application.
  • FIG. 6 is a schematic structural diagram of a starting control device for a vehicle provided in an embodiment of the application.
  • A/B can mean A or B.
  • "and/or" is only an association relationship to describe associated objects, indicating that there can be three kinds of relationships; for example, A and/or B can mean that A exists alone, A and B exist simultaneously, and exist independently B these three cases.
  • a plurality of means two or more.
  • first and second are only used for description purposes, and cannot be understood as indicating or implying relative importance or implying the quantity of indicated technical features. Thus, a feature defined as “first” or “second” may expressly or implicitly include one or more of that feature.
  • the terms “including”, “including”, “having” and their variants mean “including but not limited to” unless specifically emphasized otherwise.
  • a vehicle is a vehicle on land that uses wheels to turn. Such as fuel vehicles, electric vehicles, trucks, buses, etc.
  • the in-vehicle authentication device is deployed in the vehicle, and is used for information interaction with the mobile device on which the vehicle's digital key is deployed, so as to authenticate the vehicle's digital key and perform corresponding control operations.
  • the authentication of the digital key of the vehicle may include, but is not limited to, one or more of key authentication, anti-relay authentication and location authentication for the digital key.
  • the digital key passes the key authentication; if it is judged that the mobile device with the digital key deployed does not exist If it is determined that the distance between the mobile device where the digital key is deployed and the vehicle is not greater than the preset distance, the digital key passes the positioning authentication.
  • the in-vehicle authentication device can control/trigger the body control device and engine control device of the vehicle to achieve vehicle control functions such as unlocking the vehicle, starting the engine, and starting the trunk.
  • FIG. 1 is a schematic structural diagram of a vehicle-mounted authentication device provided in an embodiment of the application.
  • the in-vehicle authentication device 100 may include a processor 110 , an internal memory 120 and a communication module 130 .
  • One or more of the sensor module 160, the camera 180, and the seat belt detection circuit 190 may also be included.
  • the sensor module 160 may include, but is not limited to, a seat sensor 160A and a door sensor 160B.
  • the internal memory 120 is used to store computer instructions/computer program codes, and is also used to store various data created by the in-vehicle authentication device 100 during use.
  • the internal memory 120 may include high-speed random access memory and non-volatile memory, such as disk memory, flash memory, universal flash storage (UFS), and the like.
  • the internal memory 120 may include one or more secure storage modules for storing data related to the digital key and authentication algorithms.
  • the secure storage module may include, but is not limited to, a secure element (secure element, SE), for example, may also include a hardware security module (hardware Secure module, HSM).
  • SE is an independent hardware unit with anti-physical attack and anti-tampering capabilities, which is used to provide a safe operating environment for some applet (Applet), and can guarantee the security and confidentiality of digital assets stored in it.
  • the SE may be an embedded SE (embedded SE, ESE), an integrated SE (INSE) integrated into a system on chip (system on chip, SOC), or a universal integrated circuit card SE (universal integrated circuit card SE, UICCSE).
  • the processor 110 is used to execute computer instructions/computer program codes stored in the internal memory 120 to implement various functions and data processing procedures of the vehicle-mounted authentication device 100 . For example, after establishing a communication connection with the mobile terminal, operations such as key authentication, anti-relay authentication, and location authentication may be performed.
  • the seat sensor 160A may be deployed on the target seat in the cab of the vehicle, and the processor 110 may determine whether there is a target user sitting on the target seat according to the trigger signal from the seat sensor 160A.
  • a door sensor 160B may be deployed on a door or a corresponding position of the vehicle, and the processor 110 may determine whether the door of the vehicle is in a closed state according to a trigger signal from the door sensor 160B.
  • the seat belt detection circuit 190 may be deployed in the correspondingly configured seat belt. The on and off detection circuit 190 determines whether the user seated in the target seat is wearing a seat belt.
  • the seat sensor 160A is used to assist in detecting whether there is a user sitting on a corresponding seat.
  • the seat sensor 160A may be configured on a target seat in the cab of the vehicle.
  • the seat sensor 160A may be a thin-film contact sensor, and its contacts may be uniformly or non-uniformly distributed on the force-bearing surface of the seat; when the seat is subjected to external pressure, such as When the user sits on the seat, the seat sensor 160A may generate a trigger signal, which will be provided to the processor 110 .
  • the door sensor 160B is used to detect whether the door of the vehicle is in a closed state.
  • the door sensor may be a pressure sensor, a corresponding rubber strip may be provided on the vehicle door, the pressure sensor is located in the rubber strip, and when the vehicle door is in a closed state, the vehicle door and the vehicle body squeeze the rubber strip, so that the pressure sensor A larger pressure signal (or a trigger signal) may be generated, and the pressure signal may be provided to the processor 110, so that the processor 110 determines that the vehicle door is in a closed state according to the pressure signal.
  • the door sensor can also be other types of sensors, and can also be replaced by a signal detection device composed of an infrared radiation tube or a detection circuit including a Hall element.
  • the communication module 130 is used to support the on-board authentication device 100 to communicate with the mobile device on which the digital key of the vehicle is deployed.
  • the communication module 130 may include two types of mobile communication modules and short-range communication modules.
  • the mobile communication module is used to support the in-vehicle authentication device 100 to connect to the mobile communication network, so that the in-vehicle authentication device 100 establishes a network connection with the mobile device through the mobile communication network.
  • the short-range communication module is used to support the establishment of a short-range communication connection between the in-vehicle authentication device 100 and the mobile device in a relatively short distance; for example, the short-range communication module may include a Bluetooth module, and the in-vehicle authentication device 100 may establish a connection with the mobile device through the Bluetooth module Bluetooth connection, and further information exchange with the mobile device through the Bluetooth connection to complete the authentication process of the digital key.
  • the short-range communication module may include a Bluetooth module
  • the in-vehicle authentication device 100 may establish a connection with the mobile device through the Bluetooth module Bluetooth connection, and further information exchange with the mobile device through the Bluetooth connection to complete the authentication process of the digital key.
  • the in-vehicle authentication device 100 may generally include a plurality of cameras 180 each used to support the implementation of a specific service. As shown in FIG. 2, one or more cameras 180 may be deployed in the cab of the vehicle for collecting face images of the target user located in the cab. Generally, the camera 180 may include, but is not limited to, a fatigue monitoring camera or a visual distraction camera; the camera 180 may be deployed on the upper right side of the steering wheel 11 of the vehicle, or may be arranged at other positions inside the vehicle, such as the steering wheel of the vehicle on the upper left side, on the steering wheel, or on the front windshield.
  • the in-vehicle authentication device 100 may include one or more seat belt detection circuits 190, each seat belt detection circuit 190 being used to detect whether a user seated in a corresponding seat is wearing a seat belt.
  • each seat belt detection circuit 190 being used to detect whether a user seated in a corresponding seat is wearing a seat belt.
  • the processor 110 can sense the conduction of the seat belt detection circuit 190, so as to determine that the user seated in the target seat in the cab is wearing a seat belt.
  • the in-vehicle authentication device 100 may further include more or less components; for example, the in-vehicle authentication device 100 may further include an information collection module for collecting other biometric information of the user, specifically, a fingerprint collection module for collecting fingerprint information. Certain components in the in-vehicle authentication device 100 may also be combined. Certain components in the vehicle-mounted authentication device 100 may also be split; for example, the processor 110 may be split into a plurality of mutually independent processing units. Various components in the vehicle-mounted authentication device 100 may also have other connection relationships.
  • a mobile device refers to an electronic device that can be carried around by the user, in which the digital key of the vehicle can be deployed.
  • Mobile devices may include, but are not limited to, mobile phones, tablet computers, digital cameras, personal digital assistants (PDAs), wearable devices, laptops, and other portable electronic devices.
  • PDAs personal digital assistants
  • wearable devices laptops, and other portable electronic devices.
  • DK digital key
  • information can be exchanged with the on-board authentication device 100 deployed in the vehicle according to the digital key, so that the on-board authentication device can authenticate the digital key.
  • FIG. 3 is a schematic structural diagram of a mobile device provided in an embodiment of the present application.
  • the mobile device 300 may include a processor 310 , an internal memory 320 and a communication module 330 .
  • the internal memory 320 is used to store computer instructions/computer program codes, such as computer program codes corresponding to the digital key of the vehicle. It is also used to store various data created during the use of the mobile device 300, for example, to store biometric templates such as face images and fingerprint information entered by the user.
  • the internal memory 320 may include high-speed random access memory and non-volatile memory, such as disk memory, flash memory, general-purpose flash memory, and the like.
  • the internal memory 320 may include one or more secure storage modules for storing computer program code corresponding to the digital key and data related to the digital key.
  • the security storage module of the mobile device 300 is similar to the security storage module of the vehicle-mounted authentication device 100 , and details are not described here.
  • the processor 310 is used to execute computer instructions/computer program codes stored in the internal memory 320 to implement various functions and data processing processes of the mobile device 300 . For example, decrypt the encrypted face image from the in-vehicle authentication device 100, and compare the face image from the in-vehicle authentication device 100 with the face template pre-entered by the user.
  • Processor 310 may include one or more processing units.
  • some processing units included in the processor 310 or the operating mode of the processor 310 may be configured to form a trusted execution environment (TEE) for processing sensitive information.
  • TEE trusted execution environment
  • the rich execution environment (rich execution environment) corresponding to the TEE cannot access the resources of the TEE, so as to realize the security protection of the TEE-based business.
  • a first trusted application can be run in the TEE, and the first TA is used to perform encryption/decryption operations on the information that the mobile device 300 interacts with the in-vehicle authentication device 100; Second TA, the second TA is used to compare the biometric information from the in-vehicle authentication device 100 with the biometric template.
  • the digital key For the digital key deployed in the mobile device 300, according to the communication technology adopted by the digital key and/or user experience, the digital key usually includes a remote keyless entry (RKE) key, a near field communication (NFC) key and passive entry passive start (PEPS) keys and other types.
  • RKE remote keyless entry
  • NFC near field communication
  • PEPS passive entry passive start
  • the RKE key usually needs to be operated by the user on the mobile device after the mobile device establishes a near-field communication connection with the vehicle authentication device, thereby initiating the business process of unlocking the door and/or starting the vehicle, unlocking the door and/or starting the vehicle
  • the process is independent of the mobile communication network.
  • the NFC key usually does not require the user to perform corresponding operations on the mobile device, but requires the user to place the mobile device in the NFC card reading area of the vehicle to initiate the business process of unlocking the door and/or starting the vehicle.
  • the PEPS key usually does not require the user to perform any operation on the mobile device, nor to connect the mobile device to the mobile communication network.
  • the vehicle-mounted authentication device can authenticate the digital key deployed in the mobile device. When the digital key is authenticated, the door can be unlocked.
  • the embodiments of the present application provide at least a vehicle startup control method and a vehicle-mounted authentication device.
  • the in-vehicle authentication device is deployed in the vehicle and can obtain the biometric information of the target user located in the cab of the vehicle. Then, the on-board authentication device or the mobile device on which the digital key of the vehicle is deployed determines whether the biometric information matches the biometric template; wherein the biometric template is stored in the mobile device on which the digital key of the vehicle is deployed, and the biometric The template is the biometric information of the user holding the mobile device.
  • the vehicle-mounted authentication device can start/trigger the vehicle control device of the vehicle to start the vehicle when receiving the vehicle start signal. In this way, without adding sensors or other components in the vehicle to assist in the accurate positioning of the mobile device, the vehicle can be started only when the mobile device to which the vehicle's digital key is deployed is located inside the vehicle, meeting regulatory requirements and It can ensure the safety of vehicle use, such as reducing the risk of misstarting and theft of the vehicle.
  • the in-vehicle authentication device completes authentication of the digital key and authentication of the target user's authority to use the vehicle before receiving the vehicle start signal.
  • the digital key is authenticated and the target user in the cab has the authority to legally use the vehicle.
  • the vehicle-mounted authentication device quickly starts or triggers the vehicle control device of the vehicle to start the vehicle, and the user experience is better.
  • the process of controlling the startup of the vehicle 10 by the information interaction between the mobile device M1 and the vehicle-mounted authentication device 100 deployed in the vehicle 10 .
  • the digital key of the vehicle 10 is deployed in the mobile device M1.
  • the mobile device M1 exchanges information with the in-vehicle authentication device 100 , and the process of controlling the start of the vehicle 10 may include the following steps.
  • step 501 after the mobile device M1 enters the short-range communication area P1 of the vehicle 10, the in-vehicle authentication device 100 can discover the mobile device M1 and establish a communication connection with the mobile device M1.
  • the communication connection may be a short-range communication connection, such as a Bluetooth connection.
  • the in-vehicle authentication device 100 may also discover other mobile devices entering the short-range communication area P1, and establish a communication connection with the other mobile devices; the digital key of the vehicle 10 may or may not be deployed in other mobile devices. . As shown in FIG. 4 , regardless of whether the digital key of the vehicle 10 is deployed on the mobile device M2 and the mobile device M3, when the mobile device M2 and the mobile device M3 enter the short-range communication area P1 of the vehicle 10, the on-board authentication device 100 can discover the mobile device M2 and mobile device M3, and establish communication connections with mobile device M2 and mobile device M3 respectively.
  • Step 502 the in-vehicle authentication device 100 sends a digital key authentication request to the mobile device M1.
  • the in-vehicle authentication device 100 may send a digital key authentication request to each mobile device with which a communication connection is established. As shown in FIG. 4 , for the mobile device M2 and the mobile device M3 that have established a communication connection with the in-vehicle authentication device 100, the in-vehicle authentication device 100 may also send a digital key authentication request to the mobile device M2 and the mobile device M3.
  • Step 503 the mobile device M1 sends the authentication ciphertext to the vehicle-mounted authentication device 100 .
  • a digital key is deployed in the mobile device M1, and an authentication ciphertext can be generated according to the service key of the digital key and the information in the authentication request.
  • step 504 the vehicle-mounted authentication device 100 determines whether the digital key has passed the key authentication according to the authentication ciphertext.
  • step 505 is executed to perform positioning authentication and anti-relay authentication on the mobile device M1.
  • the in-vehicle authentication device 100 After the in-vehicle authentication device 100 locates the mobile device M1 into the door unlocking area of the vehicle 10 and the mobile device M1 does not have a relay attack, that is, after the mobile device M1 passes the location authentication and the anti-relay authentication, the in-vehicle authentication device can execute step 506 , unlock the door of the vehicle 10 and associate the first key with the target communication connection.
  • the first key is used to encrypt the biometric information in the subsequent process.
  • the target communication connection refers to the communication connection established between the in-vehicle authentication device 100 and the mobile device M1, so the first key can also be associated with the mobile device M1.
  • the first key may be the service key of the digital key deployed in the mobile device M1; or the first key may be obtained by using the service key for derivative calculation; or the first key may be pre-stored in the vehicle-mounted authentication device. 100, and different digital keys correspond to different first keys.
  • the in-vehicle authentication device 100 can continue/periodically.
  • the mobile device M1 is located, the location of the mobile device M1 is obtained, and whether there is a relay attack on the mobile device M1 is determined.
  • the mobile device M1 After the mobile device M1 enters the door unlocking area P2 of the vehicle 10 under the carrying of the user, the mobile device M1 passes the positioning authentication; at this time, if the mobile device M1 passes the anti-relay authentication, that is, if it is determined that there is no relay attack on the mobile device M1 , the in-vehicle authentication device 100 can unlock the door of the vehicle 10 , or trigger the body control device to unlock the door of the vehicle 10 .
  • the in-vehicle authentication device 100 After the in-vehicle authentication device 100 successfully unlocks the door of the vehicle 10 , the user carrying the mobile device M1 can enter the interior of the vehicle 10 through the unlocked door. Correspondingly, the in-vehicle authentication device 100 may execute step 507 to determine whether a trigger condition for collecting biometric information is reached.
  • the triggering conditions for collecting biometric information may include, but are not limited to, one or more of the following conditions: there is a target seat where the target user is seated in the cab of the vehicle 10 , the target user is seated on the target seat of users wear seat belts and the vehicle's doors are closed.
  • the trigger condition for collecting biometric information may also include: for the target user sitting on the target seat, the target user's eyes are fixed on the information collection unit (such as a camera) of the in-vehicle authentication device 100 or the start button of the vehicle.
  • the in-vehicle authentication device may collect at least two scene images of the cab of the vehicle 10 through a camera; determine whether the target user has performed at least one preset action according to the at least two scene images; Trigger condition for collecting biometric information.
  • the at least one preset action includes at least one of the following actions: sitting on the target seat, fastening a seat belt, and looking at the information collection unit of the vehicle-mounted authentication device.
  • the in-vehicle authentication device 100 may execute step 508 to collect biometric information of the user seated in the cab of the vehicle 10 .
  • the biometric information may include, but is not limited to, one or more of information such as face image, fingerprint information, voiceprint information or iris information.
  • the information collection unit for collecting biometric information may be activated after the vehicle-mounted authentication device 100 determines that a trigger condition for collecting biometric information is reached, so as to reduce the power consumption of the information collection unit.
  • the camera such as a fatigue monitoring camera, a visual distraction camera
  • the processor 310 triggers the camera 180 to collect the user. face image.
  • the processor 310 may extract the face image of the target user from the at least two scene images collected by the camera.
  • the in-vehicle authentication device 100 can also provide corresponding image information and/or sound information to the user through its display screen and/or speaker, so that the user can use the image information according to the image information and/or sound information.
  • Information and/or voice information prompts, and actively cooperate with the vehicle-mounted authentication device 100 to collect its own biometric information, which is beneficial for the vehicle-mounted authentication device 100 to quickly complete the collection of high-quality biometric information.
  • Step 509 the vehicle-mounted authentication device 100 determines the mobile device located in the cab of the vehicle 10 from the mobile devices according to the positions of the mobile devices with which the communication connection has been established and the deployed digital key has been authenticated.
  • the vehicle-mounted authentication device may locate the mobile devices M1, M2, and M3 to obtain the positions of the mobile devices M1, M2, and M3 in a specified coordinate system (eg, the earth coordinate system).
  • the in-vehicle authentication device can also determine the position of a certain reference object (such as a communication module of the in-vehicle authentication device) in the specified coordinate system through a corresponding positioning technology.
  • the vehicle-mounted authentication device can determine the distances between the mobile devices M1, M2, M3 and the reference objects according to the positions of the mobile devices M1, M2, and M3 in the specified coordinate system and the position of the reference object in the specified coordinate system. .
  • the mobile device located in the cab of the vehicle is determined. For example, if the reference object is deployed in the cab, the mobile device with the smallest distance from the reference object may be determined as the mobile device located in the cab of the vehicle.
  • a distance measuring device may also be added at a designated position in the vehicle, such as adding a distance measuring device on the steering wheel of the vehicle.
  • the distance between the ranging device and each mobile device can be measured based on fine timing measurement (FTM) or other ranging technologies, and the distance between the ranging device and each mobile device can be measured.
  • FTM fine timing measurement
  • the mobile device with the smallest distance between the devices is determined as the mobile device located in the cab of the vehicle.
  • step 509 is optional.
  • the on-board authentication device 100 can perform step 509 for the mobile device M1 and the mobile device M2; if only the digital key deployed in one mobile device passes the authentication, for example, only the digital key deployed in the mobile device M1 passes the authentication, the on-board authentication device 100 does not need to perform step 509, and can directly perform the following step 510.
  • the in-vehicle authentication device 100 may execute step 510, using the target communication to connect the associated first key pair
  • the biometric information is encrypted, wherein the target communication connection is a communication connection established between the mobile device M1 and the vehicle-mounted authentication device 100, and the encrypted biometric information is sent to the mobile device M1.
  • the in-vehicle authentication device 100 may further preprocess the biometric information collected by it, and the preprocessing process may include, but is not limited to, determining whether the biometric information satisfies a preset condition, wherein the biometric information that satisfies the preset condition of relatively good quality.
  • the preset conditions include: the brightness of the face image reaches a preset threshold, the face area in the face image is not blocked, and the pose of the face image meets predetermined requirements, etc. If the face image collected by the in-vehicle authentication device 100 does not meet the preset conditions, the in-vehicle authentication device 100 may play the corresponding voice message through the speaker or in other ways, prompting the user to cooperate with the in-vehicle authentication device 100 to complete the collection of the face image that meets the preset conditions , until the face image that meets the preset condition is obtained, the face image that meets the preset condition is encrypted with the first key and sent to the mobile device M1.
  • the in-vehicle authentication device 100 sends the biometric information encrypted with the first key to the mobile device M1 through the target communication connection associated with the first key, so that the biometric information collected by the in-vehicle authentication device 100 will not be transmitted to the mobile device M1.
  • the authentication device 100 establishes a communication connection with other mobile devices. On the one hand, it can ensure the security of biometric information; Other mobile devices perform meaningless processing of encrypted biometric information.
  • Step 511 the mobile device M1 determines whether the biometric information matches the biometric template.
  • the biometric template can usually be pre-deployed in the mobile device M1, such as pre-deployed in the TEE or SE of the mobile device M1.
  • the biometric template refers to the biometric information of the user holding the mobile device M1.
  • the encrypted biometric information may be decrypted using the second key corresponding to the first key in the TEE of the mobile device M1 to obtain the biometric information.
  • the second key and the first key constitute a key pair, and the specific implementation can refer to the relevant description of the first key, which will not be repeated here.
  • the mobile device M1 can decrypt the encrypted biometric information with the second key through the first TA in its TEE to obtain the biometric information.
  • the biometric information is then provided to the second TA, and the second TA calculates the similarity between the biometric information and the biometric template. If the similarity reaches a preset threshold, it is determined that the biometric information matches the biometric template; otherwise, it is determined that the biometric information does not match the biometric template.
  • the biometric information matches the biometric template, it means that the user sitting in the seat of the cab of the vehicle 10 is the user holding the mobile device M1.
  • the mobile device M1 since the mobile device M1 is usually carried by the user who holds the mobile device M1, it can be considered that the mobile device M1 is also located in the vehicle 10, or the user sitting on the seat of the vehicle cab has the right to legally use the vehicle 10. . In this way, the risk of vehicle theft and mis-starting of the vehicle can be mitigated, and regulatory requirements can be met.
  • Step 512 the mobile device M1 sends the matching result to the in-vehicle authentication device 100 .
  • the matching result is used to indicate whether the biometric information matches the biometric template.
  • the in-vehicle authentication device 100 may execute step 513 to make the vehicle 10 enter the startable state from the non-startable state.
  • the in-vehicle authentication device 100 may run a state machine for recording the current state of the vehicle 10 .
  • the current state of the vehicle 10 recorded by the state machine is a non-startable state.
  • the running state machine is updated, so that the current state of the vehicle 10 recorded by the state machine is switched to the startable state.
  • Step 514 the vehicle-mounted authentication device 100 receives the vehicle start signal.
  • Step 515 the vehicle-mounted authentication device 100 triggers the vehicle control device to start the vehicle 10 in the startable state.
  • the vehicle-mounted authentication device 100 starts/triggers the vehicle control device to start the vehicle 10 .
  • the in-vehicle authentication device may continuously or periodically detect whether the conditions for maintaining the startable state of the vehicle are still satisfied. If the in-vehicle authentication device 100 determines that the conditions for the vehicle to be in the startable state are no longer satisfied, the in-vehicle authentication device 100 makes the vehicle 10 enter the inactive state from the startable state.
  • the conditions for the vehicle to maintain the startable state may include, but are not limited to, one of the following conditions: the target user is seated on the target seat, the target user seated in the target seat is wearing a seat belt, and the door of the vehicle is closed. or more.
  • the in-vehicle authentication device may continuously monitor whether there is a state switching event, and when there is a state switching event, the current state of the vehicle is switched from the startable state to the non-startable state.
  • the state switching event includes at least one of the following events: the target user sitting on the target seat leaves the target seat, the seat belt detection circuit corresponding to the target seat is switched from on to off, and the door of the vehicle changes from the closed state Switch to the ON state and the vehicle is in the startable state for a predetermined period of time.
  • the vehicle control device is triggered to start the vehicle, so as to avoid the verification of the digital key due to the completion of the vehicle-mounted authentication device.
  • the target user's authorization to use the vehicle is authenticated, if the target user sitting in the target seat changes, the target user no longer wears the seat belt, or the door is opened, the vehicle is started and the driving safety is affected.
  • the user may provide a sound signal to the vehicle-mounted authentication device 100 through the microphone of the vehicle-mounted authentication device 100 , and the sound signal may be used as a vehicle start signal for instructing the vehicle-mounted authentication device 100 to start the vehicle 10 .
  • the user may press the start button of the in-vehicle authentication device 100 to complete providing the in-vehicle authentication device 100 with a vehicle activation signal for instructing the in-vehicle authentication device 100 to start the vehicle 10 .
  • the in-vehicle authentication device 100 can start/trigger the vehicle control device to start the vehicle 10 after receiving the vehicle start signal.
  • the collection of the user's biometric information and the matching between the biometric information and the biometric template occur before the vehicle-mounted authentication device 100 receives the vehicle start signal, which is beneficial for the vehicle-mounted authentication device 100 to quickly start the vehicle 10 , Avoid giving users a sense of delay and improve user experience.
  • whether the biometric information matches the biometric template is determined by the mobile device, and there is no need to pre-store the user's biometric template in the vehicle-mounted authentication device, which is beneficial to the sharing of digital keys, driving on behalf of vehicles, and fleets. Management and other remote scenarios.
  • the mobile device and the vehicle-mounted authentication device can directly exchange corresponding information through the short-range communication connection established by the mobile device, and have no dependence on the mobile communication network. Unlock the doors and start the vehicle.
  • the fatigue monitoring camera and the visual distraction camera deployed in the vehicle can be reused to collect face images, and there is no need to add a new information collection unit in the vehicle, let alone to assist in the realization of mobile A sensor or other component of a device for accurate positioning.
  • the difference is that the mobile device M1 receives the digital key authentication request from the vehicle-mounted authentication device 100 for the first time, and the digital key deployed in the mobile device M1 passes the key authentication Afterwards, the mobile device M1 can send its stored biometric template to the vehicle-mounted authentication device.
  • the in-vehicle authentication device 100 does not need to perform associating the first key with the target communication connection, nor does it need to perform steps 509 to 512, but the in-vehicle authentication device 100 determines whether the biometric information it collects and the biometric template from the mobile device M1 are not. match to get the corresponding matching result.
  • the in-vehicle authentication device 100 may store the biometric template from the mobile device M1 and associate the biometric template with the mobile device M1. If it is not the first time that the in-vehicle authentication device 100 sends a digital key authentication request to the mobile device M1, the in-vehicle authentication device 100 may match the biometric template associated with the mobile device M1 with the biometric information collected.
  • the embodiments of the present application also provide a vehicle startup control apparatus, which may include units or means for implementing each step performed by the vehicle-mounted authentication device in the foregoing method embodiments .
  • the device may include:
  • a feature information acquisition unit 601 configured to acquire biometric information of a target user; wherein, the target user sits on a target seat of the vehicle, and the target seat is located in the cab of the vehicle;
  • the feature information processing unit 602 is configured to encrypt the biometric information according to the first key associated with the first mobile device, and send the encrypted biometric information to the first mobile device; wherein the first mobile device and the vehicle-mounted authentication The device has established a communication connection, the digital key of the vehicle is deployed in the first mobile device, and the in-vehicle authentication device has determined that the digital key has passed the authentication;
  • a matching result receiving unit 603, configured to receive a matching result from the first mobile device; wherein, the matching result is used to indicate whether the biometric information matches the biometric template;
  • a start signal receiving unit 604 configured to receive a vehicle start signal
  • the vehicle start control unit 605 is configured to trigger the vehicle control device of the vehicle to start the vehicle when the matching result indicates that the biometric information matches the biometric template.
  • the device further includes: a feature collection control unit, configured to determine whether a trigger condition for collecting biometric information is reached, and if so, start an information collection unit of the vehicle-mounted authentication device; wherein, the information collection unit uses It is used to collect the biometric information of the target user.
  • a feature collection control unit configured to determine whether a trigger condition for collecting biometric information is reached, and if so, start an information collection unit of the vehicle-mounted authentication device; wherein, the information collection unit uses It is used to collect the biometric information of the target user.
  • the triggering condition for collecting biometric information includes at least one of the following items: the target user is seated on the target seat, the target user seated in the target seat is wearing a seat belt, and the The doors of the vehicle are closed.
  • the apparatus further includes: a camera, configured to collect at least two scene images of the cab of the vehicle.
  • a feature acquisition control unit configured to determine whether there is a target user who has performed at least one preset action according to the at least two scene images; wherein, the at least one preset action includes at least one of the following actions: sitting on the target seat, The seat belt, and gaze at the information collection unit of the vehicle-mounted authentication device; if yes, it is determined that there is a target user who has performed at least one preset action.
  • the feature information obtaining unit 601 is specifically configured to extract the face image of the target user from the at least two scene images.
  • the preprocessing unit is configured to determine whether the face image satisfies a preset condition; wherein the preset condition includes at least one of the following items: the brightness value of the face image reaches a preset threshold , there is no occlusion phenomenon in the face image, and the pose of the face image meets the predetermined requirements; if yes, it is determined that the face image meets the preset conditions.
  • the device further includes: a state maintenance unit, configured to switch the current state of the vehicle from the non-startable state to the biometric template when the matching result indicates that the biometric information matches the biometric template. Startable state.
  • the vehicle start control unit is specifically configured to trigger the vehicle control device of the vehicle to start the vehicle when the current state of the vehicle is a startable state.
  • the embodiments of the present application also provide a vehicle-mounted authentication device, in which a vehicle startup control device can be deployed. It can be understood that the in-vehicle authentication device may perform various steps performed by the in-vehicle authentication device in the method shown in FIG. 5 , which will not be described in detail here in order to avoid repetition.
  • the vehicle-mounted authentication device may include:
  • Internal memory 120 for storing computer programs/instructions
  • a communication module 130 configured to communicate with a mobile device, for example, to communicate with the mobile device 300 shown in FIG. 3 or the mobile devices M1, M2, and M3 shown in FIG. 4;
  • the processor 110 is configured to execute the computer program/instruction in the internal memory 120, when the computer program/instruction is executed: the processor 110 obtains the biometric information of the target user; wherein, the target user is seated in the The target seat of the vehicle is located in the cab of the vehicle.
  • the processor 110 encrypts the biometric information according to the first key associated with the first mobile device, and sends the encrypted biometric information to the first mobile device through the communication module 130; Wherein, the first mobile device establishes a communication connection with the vehicle-mounted authentication device, the digital key of the vehicle is deployed in the first mobile device, and the vehicle-mounted authentication device has determined that the digital key has passed the authentication.
  • the processor 110 receives the matching result from the first mobile device through the communication module 130; wherein the matching result is used to indicate whether the biometric information matches the biometric template.
  • the processor 110 receives a vehicle activation signal.
  • the processor 110 triggers the vehicle control device of the vehicle to start the vehicle if the matching result indicates that the biometric information matches the biometric template.
  • the first mobile device may include the mobile device M1 described in the foregoing method embodiments, and the first key may be a key associated with the communication connection established between the first mobile device and the vehicle-mounted authentication device.
  • the processor 110 can cooperate with other functional modules of the in-vehicle authentication device, such as cooperating with a camera and a seat belt detection circuit, to implement one or more steps performed by the in-vehicle authentication device in the foregoing method embodiments. Referring to the foregoing method embodiments and the related introduction to the in-vehicle authentication device 100 shown in FIG. 1 , details are not repeated here.
  • the size of the sequence numbers of the above-mentioned processes does not mean the sequence of execution, and the execution sequence of each process should be determined by its functions and internal logic, and should not be applied to the present application.
  • the implementation of the embodiments constitutes no limitation.
  • those skilled in the art can clearly understand that, for the convenience and brevity of description, the specific working process of the above-mentioned vehicle-mounted authentication device may refer to the corresponding process in the foregoing method embodiments, which will not be repeated here.
  • the device embodiments described above are schematic, for example, the division of the modules/units is only a logical function division, and other division methods may be used in actual implementation, for example, multiple units or components may be Combinations can either be integrated into another system, or some features can be omitted, or not implemented.
  • the shown or discussed mutual coupling or direct coupling or communication connection may be through some interfaces, indirect coupling or communication connection of devices or units, and may be in electrical, mechanical or other forms.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Human Computer Interaction (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Mechanical Engineering (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Oral & Maxillofacial Surgery (AREA)
  • Multimedia (AREA)
  • Lock And Its Accessories (AREA)

Abstract

Provided are a vehicle start control method and a vehicle-mounted authentication device. The vehicle-mounted authentication device is deployed in a vehicle and can acquire biological feature information of a user located in a cab of the vehicle; and whether the biological feature information matches a biological feature template is determined by means of the vehicle-mounted authentication device or a mobile device in which a digital key to the vehicle is deployed, wherein the biological feature template is biological feature information of a user holding the mobile device. If the biological feature information matches the biological feature template, this indicates that the user located in the cab has the right to legitimately use the vehicle, and the mobile device is located in the vehicle; and the vehicle-mounted authentication device can start or trigger, when receiving a vehicle start signal, a vehicle control apparatus to start the vehicle. Where a mobile device in which a digital key to a vehicle is deployed is located in the vehicle, the vehicle can be started without adding a sensor or other assemblies, which are used for assisting with accurate positioning of the mobile device, in the vehicle.

Description

车辆的启动控制方法及车载认证设备Vehicle start control method and vehicle-mounted authentication device
本申请要求于2020年08月06日提交中国国家知识产权局、申请号为202010785537.9、申请名称为“车辆的启动控制方法及车载认证设备”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of the Chinese patent application with the application number 202010785537.9 and the application title "Starting Control Method for Vehicles and On-Board Authentication Equipment", which was filed with the State Intellectual Property Office of China on August 6, 2020, the entire contents of which are incorporated by reference in this application.
技术领域technical field
本申请涉及智能车领域,尤其涉及车辆的启动控制方法及车载认证设备。The present application relates to the field of smart vehicles, and in particular, to a vehicle startup control method and a vehicle-mounted authentication device.
背景技术Background technique
随着车联网的普及,数字车钥匙产品应运而生。其中,数字车钥匙产品可以包括移动设备,和部署在该移动设备中的车辆的数字钥匙。该移动设备通过与部署在车辆内的车载认证设备进行信息交互,可以辅助实现解锁车门以及启动车辆等功能。With the popularity of the Internet of Vehicles, digital car key products came into being. Wherein, the digital car key product may include a mobile device and a digital key of a vehicle deployed in the mobile device. The mobile device can assist in realizing functions such as unlocking the door and starting the vehicle by exchanging information with the in-vehicle authentication device deployed in the vehicle.
考虑到监管需要以及车辆安全,当需要启动车辆时,通常需要确保数字车钥匙产品位于车辆内部,即确保部署了车辆的数字钥匙的移动设备位于车辆内部。Considering regulatory needs and vehicle safety, when the vehicle needs to be started, it is usually necessary to ensure that the digital car key product is located inside the vehicle, that is, to ensure that the mobile device on which the vehicle's digital key is deployed is located inside the vehicle.
通常的,可以采用蓝牙通信或者超宽带(Ultra Wide Band,UWB)通信技术,实现对移动设备进行准确定位,并且根据定位结果确定移动设备是否位于车辆内部。这需要在车辆内部署性能要求极高的传感器,或是通过在车内增加传感器节点数量,或是通过在车辆和移动设备中增加用于支持UWB通信技术的组件,辅助实现对移动设备进行准确定位。Generally, Bluetooth communication or Ultra Wide Band (Ultra Wide Band, UWB) communication technology can be used to accurately locate the mobile device, and determine whether the mobile device is located inside the vehicle according to the positioning result. This requires the deployment of sensors with extremely high performance requirements in the vehicle, or by increasing the number of sensor nodes in the vehicle, or by adding components to support UWB communication technology in the vehicle and mobile devices to assist in the realization of accurate mobile devices. position.
发明内容SUMMARY OF THE INVENTION
本申请实施例中提供了一种车辆的启动控制方法及车载认证设备,无需在车辆中增加用于辅助实现对移动设备进行准确定位的传感器或其它组件,即可实现在部署了该车辆的数字钥匙的移动设备位于车辆内部的情况下才启动车辆,满足监管需求且能够确保车辆使用的安全。The embodiments of the present application provide a vehicle startup control method and an on-board authentication device, which can realize the deployment of digital sensors or other components in the vehicle without adding sensors or other components for assisting in accurately locating the mobile device. The vehicle can only be started when the mobile device of the key is located inside the vehicle, which meets regulatory requirements and ensures the safety of vehicle use.
第一方面,提供了一种车辆的启动控制方法,该方法可以由车辆的车载认证设备执行。该方法包括:车载认证设备获取目标用户的生物特征信息;其中,目标用户落座于车辆的目标座椅,目标座椅位于车辆的驾驶室内。接着,车载认证设备根据与第一移动设备关联的第一密钥,对其获取的生物特征信息进行加密,并且向第一移动设备发送加密后的生物特征信息;其中,第一移动设备与车载认证设备建立了通信连接,第一移动设备中部署了车辆的数字钥匙,车载认证设备已确定该数字钥匙通过认证。接着,车载认证设备接收来自第一移动设备的匹配结果;其中,该匹配结果用于指示所述生物特征信息与生物特征模板是否匹配,生物特征模板是持有第一移动设备的用户的生物特征信息。如果生物特征信息与生物特征模板相匹配,则说明位于车辆的驾驶室的用户具有合法使用该车辆的权限;此外,由于移动设备通常由用户随身携带,说明部署了车辆的数字钥匙的移动设备同样位于该车辆中。相应的,车载认证设备可以在接收车辆启动信号,并且在匹配结果指示了生物特征信息与生物特征模板相匹配的情况下,启动/触发车辆的车辆控制装置启动车辆。In a first aspect, a vehicle startup control method is provided, and the method can be executed by an in-vehicle authentication device of the vehicle. The method includes: the in-vehicle authentication device obtains the biometric information of the target user; wherein, the target user sits on a target seat of the vehicle, and the target seat is located in the cab of the vehicle. Next, the in-vehicle authentication device encrypts the biometric information obtained by it according to the first key associated with the first mobile device, and sends the encrypted biometric information to the first mobile device; wherein the first mobile device and the vehicle The authentication device establishes a communication connection, the digital key of the vehicle is deployed in the first mobile device, and the in-vehicle authentication device has determined that the digital key has passed the authentication. Next, the in-vehicle authentication device receives a matching result from the first mobile device; wherein, the matching result is used to indicate whether the biometric information matches a biometric template, and the biometric template is the biometric feature of the user holding the first mobile device information. If the biometric information matches the biometric template, it means that the user in the cab of the vehicle has legal authority to use the vehicle; in addition, since mobile devices are usually carried by the user, the mobile device where the digital key of the vehicle is deployed is also in this vehicle. Correspondingly, the in-vehicle authentication device may activate/trigger the vehicle control device of the vehicle to activate the vehicle when the vehicle activation signal is received and the matching result indicates that the biometric information matches the biometric template.
如此,当车辆的数字钥匙通过认证之后,无需在车辆中增加用于辅助实现对移动设备进行准确定位的传感器或其它组件,即可实现在部署了车辆的数字钥匙的移动设备位于车辆内部的情况下才启动车辆,满足监管需求且能够确保车辆使用安全,例如降低车辆发生误启动、被盗窃的风险。In this way, after the digital key of the vehicle is authenticated, it is not necessary to add sensors or other components in the vehicle for assisting in the accurate positioning of the mobile device, so that the situation that the mobile device on which the digital key of the vehicle is deployed is located inside the vehicle can be realized. The vehicle can only be started under the following conditions, which can meet the regulatory requirements and ensure the safety of the vehicle, such as reducing the risk of mis-starting and theft of the vehicle.
此外,车载认证设备在接收到车辆启动信号之前,完成对数字钥匙进行认证以及目标用户对车辆的使用权限进行认证,在数字钥匙通过认证并且驾驶室内的目标用户具有合法使用该车辆的权限的情况下,车载认证设备在接收到车辆启动信号之后,快速的启动或者触发车 辆的车辆控制装置启动车辆,用户体验较好。In addition, the in-vehicle authentication device completes authentication of the digital key and authentication of the target user's authority to use the vehicle before receiving the vehicle start signal. The digital key is authenticated and the target user in the cab has the authority to legally use the vehicle. In this case, after receiving the vehicle start signal, the vehicle-mounted authentication device quickly starts or triggers the vehicle control device of the vehicle to start the vehicle, and the user experience is better.
在一种可能的实施方式中,车载认证设备还可以在获取目标用户的生物特征信息之前,进一步确定是否达到采集生物特征信息的触发条件;如果是,则启动车载认证设备的信息采集单元;其中,信息采集单元用于采集目标用户的生物特征信息。如此,按需启动信息采集单元,避免信息采集状态长期处于已启动状态,可以降低信息采集单元的功耗。In a possible implementation manner, the vehicle-mounted authentication device may further determine whether the trigger condition for collecting the biometric information is reached before acquiring the biometric information of the target user; if so, start the information collection unit of the vehicle-mounted authentication device; wherein , the information collection unit is used to collect the biometric information of the target user. In this way, the information collection unit can be started on demand, so that the information collection state is prevented from being in the started state for a long time, and the power consumption of the information collection unit can be reduced.
在一种可能的实施方式中,采集生物特征信息的触发条件包括以下各项中的至少一项:目标用户落座于目标座椅、落座于目标座椅的目标用户系了安全带,以及所述车辆的车门处于关闭状态。In a possible implementation, the triggering condition for collecting biometric information includes at least one of the following items: the target user is seated on the target seat, the target user seated in the target seat is wearing a seat belt, and the The doors of the vehicle are closed.
在一种可能的实施方式中,车载认证设备还可以在获取目标用户的生物特征信息之前,进一步采集车辆的驾驶室的至少两张场景图像;根据至少两张场景图像,确定是否存在目标用户执行了至少一个预设动作;其中,至少一个预设动作包括以下各个动作中的至少一个:落座于目标座椅、系安全带,以及目光注视于所述车载认证设备的信息采集单元;如果是,则确定存在目标用户执行了至少一个预设动作。In a possible implementation manner, the in-vehicle authentication device may further collect at least two scene images of the cab of the vehicle before acquiring the biometric information of the target user; and determine whether there is a target user performing the operation according to the at least two scene images at least one preset action; wherein, the at least one preset action includes at least one of the following actions: sitting on the target seat, wearing a seat belt, and looking at the information collection unit of the vehicle-mounted authentication device; if yes, Then it is determined that there is a target user who has performed at least one preset action.
在一种可能的实施方式中,车载认证设备可以确定了存在目标用户执行了至少一个预设动作之后,才从至少两张场景图像中提取目标用户的人脸图像,目标用户的人脸图像即为目标用户的生物特征信息。如此,可以复用车辆内部署的疲劳监测摄像头、视觉分心摄像头等采集人脸图像,无需在车辆内增加新的用于采集用户的其它生物特征信息的信息采集单元。In a possible implementation manner, the in-vehicle authentication device may extract the face image of the target user from the at least two scene images after determining that the target user has performed at least one preset action. The face image of the target user is the Biometric information for the target user. In this way, the fatigue monitoring cameras, visual distraction cameras, etc. deployed in the vehicle can be reused to collect face images, and there is no need to add a new information collection unit in the vehicle for collecting other biometric information of the user.
在一种可能的实施方式中,车载设备还可以在根据与第一移动设备关联的第一密钥对生物特征信息进行加密之前,进一步确定人脸图像是否满足预设条件;其中,预设条件包括以下各项中的至少一项:人脸图像的亮度值达到预设阈值、人脸图像不存在遮挡现象,以及人脸图像的位姿满足预定要求;如果是,则确定人脸图像满足预设条件。如此,可以确保被发送至第一移动设备的人脸图像具有较好的质量,以便第一移动设备在后续过程中快速实现对人脸图像和人脸模板进行匹配而不会要求重新采集,从而有利于快速启动车辆。In a possible implementation manner, the vehicle-mounted device may further determine whether the face image satisfies a preset condition before encrypting the biometric information according to the first key associated with the first mobile device; wherein the preset condition Including at least one of the following items: the brightness value of the face image reaches a preset threshold, the face image does not have occlusion phenomenon, and the pose of the face image meets the predetermined requirements; if so, it is determined that the face image meets the preset requirements. Set conditions. In this way, it can be ensured that the face image sent to the first mobile device has good quality, so that the first mobile device can quickly match the face image and the face template in the subsequent process without requiring re-acquisition, thereby Helps to start the vehicle quickly.
在一种可能的实施方式中,车载认证设备还可以在匹配结果指示了生物特征信息与生物特征模板相匹配的情况下,令该车辆的当前状态由不可启动状态切换至可启动状态。相应的,车载设备可以在接收到车辆启动信号,并且车辆的当前状态为可启动状态的情况下,才触发车辆控制装置启动车辆。In a possible implementation manner, the in-vehicle authentication device may further switch the current state of the vehicle from a non-startable state to a startable state when the matching result indicates that the biometric information matches the biometric template. Correspondingly, the in-vehicle device may trigger the vehicle control device to start the vehicle only when the vehicle start signal is received and the current state of the vehicle is a startable state.
在一种可能的实施方式中,车载认证设备还可以当存在状态切换事件时,令该车辆的当前状态由可启动状态切换至不可启动状态;其中,状态切换事件包括以下各个事件中的至少一个:落座于目标座椅的目标用户离开目标座椅、目标座椅对应的安全带检测电路由导通切换至断开、车辆的车门由关闭状态切换至开启状态,以及车辆处于可启动状态的持续时间到达预定时长。In a possible implementation manner, the in-vehicle authentication device may also switch the current state of the vehicle from a startable state to a non-startable state when there is a state switching event; wherein the state switching event includes at least one of the following events : The target user sitting on the target seat leaves the target seat, the seat belt detection circuit corresponding to the target seat is switched from on to off, the door of the vehicle is switched from the closed state to the open state, and the vehicle is in the startable state for a continuous period of time. The time has reached the predetermined time.
换而言之,当且仅当车载认证设备在接收到车辆启动信号,并且车辆处于可启动状态的情况下,才触发车辆控制装置启动车辆,避免因车载认证设备在完成对数字钥匙进行认证,以及完成目标用户对车辆的使用权限进行认证之后,发生落座于目标座椅的目标用户发生变化、目标用户不再系安全带、车门被重新打开等现象的情况下,车辆被错误的启动而对行车安全造成影响。In other words, if and only when the vehicle-mounted authentication device receives the vehicle start signal and the vehicle is in a startable state, the vehicle control device is triggered to start the vehicle, so as to avoid the verification of the digital key due to the completion of the vehicle-mounted authentication device. And after the target user's authorization to use the vehicle is authenticated, if the target user sitting in the target seat changes, the target user no longer wears the seat belt, the door is reopened, etc., the vehicle is wrongly started and the Affecting driving safety.
在一种可能的实施方式中,车载认证设备还可以在根据第一移动设备关联的第一密钥对生物特征信息进行加密之前,进一步确定多个第二移动设备各自的位置信息;其中,第二移动设备与车载认证设备建立了通信连接,第二移动设备中部署了车辆的数字钥匙,车载认证设备已确定第二移动设备中部署的数字钥匙通过认证;接着根据多个第二移动设备各自的位 置信息,确定位于车辆的驾驶室内的第一移动设备。In a possible implementation manner, the vehicle-mounted authentication device may further determine the respective location information of the plurality of second mobile devices before encrypting the biometric information according to the first key associated with the first mobile device; wherein the first The second mobile device has established a communication connection with the vehicle-mounted authentication device, the digital key of the vehicle is deployed in the second mobile device, and the vehicle-mounted authentication device has determined that the digital key deployed in the second mobile device has passed the authentication; location information to determine the first mobile device located in the cab of the vehicle.
第二方面,提供了一种车辆的启动控制装置,该车辆启动控制装置部署在车载认证设备中,其有益效果参考第一方面中的描述。其中该装置可以包括实现如第一方面中提供的方法的单元或手段(means)。In a second aspect, a vehicle startup control device is provided. The vehicle startup control device is deployed in an in-vehicle authentication device, and reference is made to the description in the first aspect for its beneficial effects. Wherein the apparatus may comprise means or means implementing the method as provided in the first aspect.
在一种可能的实施方式中,该装置包括:特征信息获取单元,用于获取目标用户的生物特征信息;其中,目标用户落座于车辆的目标座椅,目标座椅位于车辆的驾驶室内。特征信息处理单元,用于根据与第一移动设备关联的第一密钥对生物特征信息进行加密,以及向第一移动设备发送加密后的生物特征信息;其中,第一移动设备与车载认证设备建立了通信连接,第一移动设备中部署了车辆的数字钥匙,车载认证设备已确定数字钥匙通过认证。匹配结果接收单元,用于接收来自第一移动设备的匹配结果;其中,匹配结果用于指示生物特征信息与生物特征模板是否匹配。启动信号接收单元,用于接收车辆启动信号。车辆启动控制单元,用于在匹配结果指示了生物特征信息与生物特征模板相匹配的情况下,触发车辆的车辆控制装置启动车辆。In a possible implementation manner, the apparatus includes: a feature information acquisition unit for acquiring biometric information of the target user; wherein the target user sits on a target seat of the vehicle, and the target seat is located in the cab of the vehicle. A feature information processing unit, configured to encrypt the biometric information according to the first key associated with the first mobile device, and send the encrypted biometric information to the first mobile device; wherein the first mobile device and the vehicle-mounted authentication device The communication connection is established, the digital key of the vehicle is deployed in the first mobile device, and the in-vehicle authentication device has determined that the digital key has passed the authentication. The matching result receiving unit is configured to receive the matching result from the first mobile device; wherein, the matching result is used to indicate whether the biometric information matches the biometric template. The starting signal receiving unit is used for receiving the vehicle starting signal. The vehicle starting control unit is configured to trigger the vehicle control device of the vehicle to start the vehicle when the matching result indicates that the biometric information matches the biometric template.
在一种可能的实施方式中,该装置还包括:特征采集控制单元,用于确定是否达到采集生物特征信息的触发条件,如果是,启动车载认证设备的信息采集单元;其中,信息采集单元用于采集目标用户的生物特征信息。In a possible implementation manner, the device further includes: a feature collection control unit, configured to determine whether a trigger condition for collecting biometric information is reached, and if so, start an information collection unit of the vehicle-mounted authentication device; wherein, the information collection unit uses It is used to collect the biometric information of the target user.
在一种可能的实施方式中,采集生物特征信息的触发条件包括以下各项中的至少一项:目标用户落座于目标座椅、落座于目标座椅的目标用户系了安全带,以及所述车辆的车门处于关闭状态。In a possible implementation, the triggering condition for collecting biometric information includes at least one of the following items: the target user is seated on the target seat, the target user seated in the target seat is wearing a seat belt, and the The doors of the vehicle are closed.
在一种可能的实施方式中,该装置还包括:摄像头,用于采集车辆的驾驶室的至少两张场景图像。特征采集控制单元,用于根据至少两张场景图像,确定是否存在目标用户执行了至少一个预设动作;其中,至少一个预设动作包括以下各个动作中的至少一个:落座于目标座椅、系安全带,以及目光注视于所述车载认证设备的信息采集单元;如果是,则确定存在目标用户执行了至少一个预设动作。In a possible implementation manner, the apparatus further includes: a camera, configured to collect at least two scene images of the cab of the vehicle. A feature acquisition control unit, configured to determine whether there is a target user who has performed at least one preset action according to the at least two scene images; wherein, the at least one preset action includes at least one of the following actions: sitting on the target seat, The seat belt, and gaze at the information collection unit of the vehicle-mounted authentication device; if yes, it is determined that there is a target user who has performed at least one preset action.
在一种可能的实施方式中,特征信息获取单元,具体用于从至少两张场景图像中提取目标用户的人脸图像。In a possible implementation manner, the feature information acquisition unit is specifically configured to extract the face image of the target user from the at least two scene images.
在一种可能的实施方式中,预处理的单元,用于确定人脸图像是否满足预设条件;其中,预设条件包括以下各项中的至少一项:人脸图像的亮度值达到预设阈值、人脸图像不存在遮挡现象,以及人脸图像的位姿满足预定要求;如果是,则确定人脸图像满足预设条件。In a possible implementation, the preprocessing unit is configured to determine whether the face image satisfies a preset condition; wherein the preset condition includes at least one of the following items: the brightness value of the face image reaches a preset value The threshold value, the face image does not have occlusion phenomenon, and the pose of the face image meets the predetermined requirements; if yes, it is determined that the face image meets the preset condition.
在一种可能的实施方式中,该装置还包括:状态维护单元,用于在匹配结果指示了生物特征信息与生物特征模板相匹配的情况下,令该车辆的当前状态由不可启动状态切换至可启动状态。相应的,车辆启动控制单元,具体用于在车辆的当前状态为可启动状态的情况下,触发车辆的车辆控制装置启动车辆。In a possible implementation manner, the device further includes: a state maintenance unit, configured to switch the current state of the vehicle from the non-startable state to the biometric template when the matching result indicates that the biometric information matches the biometric template. startable state. Correspondingly, the vehicle start control unit is specifically configured to trigger the vehicle control device of the vehicle to start the vehicle when the current state of the vehicle is a startable state.
第三方面,提供了一种车载认证设备,其有益效果参考第一方面中的描述。该车载认证设备包括:通信模块、存储器和处理器。其中,存储器中存储有计算机程序/指令。通信模块用于与第一移动设备通信。处理器执行计算机程序/指令时,使得车载认证设备实现第一方面中任一项提供的方法。In a third aspect, an in-vehicle authentication device is provided, and reference is made to the description in the first aspect for its beneficial effects. The in-vehicle authentication device includes: a communication module, a memory and a processor. Wherein, computer programs/instructions are stored in the memory. The communication module is used to communicate with the first mobile device. When the processor executes the computer program/instruction, the in-vehicle authentication device is made to implement the method provided in any one of the first aspects.
在一种可能的实施方式中,车载认证设备还包括:信息采集单元,用于采集目标用户的生物特征信息。In a possible implementation manner, the vehicle-mounted authentication device further includes: an information collection unit, configured to collect biometric information of the target user.
在一种可能的实施方式中,信息采集单元包括摄像头;生物特征信息包括人脸图像。In a possible implementation, the information collection unit includes a camera; and the biometric information includes a face image.
在一种可能的实施方式中,车载认证设备还包括:车门传感器,用于当车门处于关闭状 态时,向处理器提供传感信号;其中,该传感信号用于指示车门处于关闭状态。In a possible implementation, the vehicle-mounted authentication device further includes: a vehicle door sensor, configured to provide a sensor signal to the processor when the vehicle door is in a closed state; wherein the sensor signal is used to indicate that the vehicle door is in a closed state.
在一种可能的实施方式中,车载认证设备还包括:座椅传感器,座椅传感器设置于车辆的驾驶室内的目标座椅上,用于当存在目标用户落座于目标座椅时,向处理器提供触发信号。In a possible implementation manner, the in-vehicle authentication device further includes: a seat sensor, the seat sensor is disposed on a target seat in the cab of the vehicle, and is used to notify the processor to the processor when there is a target user sitting on the target seat Provide a trigger signal.
在一种可能的实施方式中,车载认证设备还包括:安全带检测电路,用于检测落座于目标座椅的用户是否系了安全带。In a possible implementation manner, the in-vehicle authentication device further includes: a seat belt detection circuit, configured to detect whether the user seated in the target seat is wearing a seat belt.
第四方面,一种计算机可读存储介质,用于存储计算机程序/指令,当所述计算机程序/指令在车载认证设备上运行时,使得所述车载认证设备执行上述第一方面中任一项所述的方法。A fourth aspect, a computer-readable storage medium for storing a computer program/instruction, when the computer program/instruction is executed on an in-vehicle authentication device, the in-vehicle authentication device is made to execute any one of the above-mentioned first aspects the method described.
第五方面,提供了一种包含计算机程序/指令的计算机程序产品,其特征在于,当所述计算机程序产品在电子设备上运行时,使得所述电子设备执行上述第一方面中任一项所述的方法。A fifth aspect provides a computer program product comprising a computer program/instruction, characterized in that, when the computer program product is run on an electronic device, the electronic device is made to perform any one of the above-mentioned first aspects. method described.
附图说明Description of drawings
下面对实施例或现有技术描述中所需使用的附图作简单地介绍。The following briefly introduces the accompanying drawings required in the description of the embodiments or the prior art.
图1为本申请实施例中提供的一种车载认证设备的结构示意图。FIG. 1 is a schematic structural diagram of a vehicle-mounted authentication device provided in an embodiment of the application.
图2为车载认证设备的摄像头在车辆内的部署位置的示意图。FIG. 2 is a schematic diagram of the deployment position of the camera of the in-vehicle authentication device in the vehicle.
图3为本申请实施例中提供的一种移动设备的结构示意图。FIG. 3 is a schematic structural diagram of a mobile device provided in an embodiment of the present application.
图4为本申请实施例的一种业务场景的示意图。FIG. 4 is a schematic diagram of a service scenario according to an embodiment of the present application.
图5为本申请实施例中提供的一种车辆的启动控制方法的流程示意图。FIG. 5 is a schematic flowchart of a vehicle startup control method provided in an embodiment of the present application.
图6为本申请实施例中提供的一种车辆的启动控制装置的结构示意图。FIG. 6 is a schematic structural diagram of a starting control device for a vehicle provided in an embodiment of the application.
具体实施方式detailed description
下面将结合本申请实施例中的附图,对本申请实施例中的技术方案进行描述。The technical solutions in the embodiments of the present application will be described below with reference to the accompanying drawings in the embodiments of the present application.
本申请实施例中,除非另有说明,“/”表示或的意思,例如,A/B可以表示A或B。本申请中的“和/或”仅仅是一种描述关联对象的关联关系,表示可以存在三种关系;例如,A和/或B,可以表示:单独存在A,同时存在A和B,单独存在B这三种情况。另外,多个是指两个或两个以上。In the embodiments of this application, unless otherwise specified, "/" means or means, for example, A/B can mean A or B. In this application, "and/or" is only an association relationship to describe associated objects, indicating that there can be three kinds of relationships; for example, A and/or B can mean that A exists alone, A and B exist simultaneously, and exist independently B these three cases. In addition, a plurality of means two or more.
本申请实施例中,术语“第一”、“第二”仅用于描述目的,而不能理解为指示或暗示相对重要性或者隐含指明所指示的技术特征的数量。由此,限定有“第一”、“第二”的特征可以明示或者隐含地包括一个或者多个该特征。术语“包括”、“包含”、“具有”及它们的变形都意味着“包括但不限于”,除非是以其他方式另外特别强调。In the embodiments of the present application, the terms "first" and "second" are only used for description purposes, and cannot be understood as indicating or implying relative importance or implying the quantity of indicated technical features. Thus, a feature defined as "first" or "second" may expressly or implicitly include one or more of that feature. The terms "including", "including", "having" and their variants mean "including but not limited to" unless specifically emphasized otherwise.
车辆是指陆地上用使用轮子转动的交通工具。比如燃油汽车、电动汽车、卡车、客车等。A vehicle is a vehicle on land that uses wheels to turn. Such as fuel vehicles, electric vehicles, trucks, buses, etc.
车载认证设备部署在车辆内,用于与部署了车辆的数字钥匙的移动设备进行信息交互,实现对车辆的数字钥匙进行认证并执行相应的控制操作。其中,对车辆的数字钥匙进行认证可以包括但不限于对数字钥匙进行密钥认证、防中继认证和定位认证中的一项或多项。其中,如果判断移动设备中部署有数字钥匙的业务密钥,并且通过鉴权协议完成了移动设备的身份鉴权,则数字钥匙通过密钥认证;如果判断部署了数字钥匙的移动设备不存在中继攻击,则数字钥匙通过防中继认证;如果判断部署了数字钥匙的移动设备与车辆之间的距离不大于预设距离,则数字钥匙通过定位认证。在数字钥匙通过认证后,车载认证设备可以通过对车辆的车身控制装置、引擎控制装置等进行控制/触发,实现车辆解闭锁、发动引擎、启动后备箱等车辆控制功能。The in-vehicle authentication device is deployed in the vehicle, and is used for information interaction with the mobile device on which the vehicle's digital key is deployed, so as to authenticate the vehicle's digital key and perform corresponding control operations. Wherein, the authentication of the digital key of the vehicle may include, but is not limited to, one or more of key authentication, anti-relay authentication and location authentication for the digital key. Wherein, if it is judged that the service key of the digital key is deployed in the mobile device, and the identity authentication of the mobile device is completed through the authentication protocol, the digital key passes the key authentication; if it is judged that the mobile device with the digital key deployed does not exist If it is determined that the distance between the mobile device where the digital key is deployed and the vehicle is not greater than the preset distance, the digital key passes the positioning authentication. After the digital key is authenticated, the in-vehicle authentication device can control/trigger the body control device and engine control device of the vehicle to achieve vehicle control functions such as unlocking the vehicle, starting the engine, and starting the trunk.
图1为本申请实施例中提供的一种车载认证设备的结构示意图。如图1所示,车载认证设备100可以包括处理器110、内部存储器120和通信模块130。还可以包括传感器模块160、 摄像头180以及安全带检测电路190中的一项或多项。其中传感器模块160可以包括但不限于座椅传感器160A和车门传感器160B。FIG. 1 is a schematic structural diagram of a vehicle-mounted authentication device provided in an embodiment of the application. As shown in FIG. 1 , the in-vehicle authentication device 100 may include a processor 110 , an internal memory 120 and a communication module 130 . One or more of the sensor module 160, the camera 180, and the seat belt detection circuit 190 may also be included. The sensor module 160 may include, but is not limited to, a seat sensor 160A and a door sensor 160B.
内部存储器120用于存储计算机指令/计算机程序代码,还用于存储车载认证设备100在使用过程中创建的各种数据。此外内部存储器120可以包括高速随机存取存储器和非易失性存储器,比如包括磁盘存储器、闪存器以及通用闪存存储器(universal flash storage,UFS)等。The internal memory 120 is used to store computer instructions/computer program codes, and is also used to store various data created by the in-vehicle authentication device 100 during use. In addition, the internal memory 120 may include high-speed random access memory and non-volatile memory, such as disk memory, flash memory, universal flash storage (UFS), and the like.
内部存储器120可以包括一个或多个安全存储模块,用于存储与数字钥匙相关的数据及认证算法。其中,安全存储模块可以包括但不限于安全单元(secure element,SE),比如还可以包括硬件安全模块(hardware Secure module,HSM)。SE是独立的并且具备防物理攻击和防篡改能力的硬件单元,用于为某些小程序(Applet)提供安全的运行环境,并且能够保证存储在其中的数字资产的安全性和机密性。SE可以是嵌入式SE(embedded SE,ESE)、集成到系统芯片(system on chip,SOC)中的集成式SE(INSE)或者通用集成电路卡SE(universal integrated circuit card SE,UICCSE)等。The internal memory 120 may include one or more secure storage modules for storing data related to the digital key and authentication algorithms. Wherein, the secure storage module may include, but is not limited to, a secure element (secure element, SE), for example, may also include a hardware security module (hardware Secure module, HSM). SE is an independent hardware unit with anti-physical attack and anti-tampering capabilities, which is used to provide a safe operating environment for some applet (Applet), and can guarantee the security and confidentiality of digital assets stored in it. The SE may be an embedded SE (embedded SE, ESE), an integrated SE (INSE) integrated into a system on chip (system on chip, SOC), or a universal integrated circuit card SE (universal integrated circuit card SE, UICCSE).
处理器110用于运行存储在内部存储器120中的计算机指令/计算机程序代码,实现车载认证设备100的各种功能及数据处理过程。比如,可以在和移动终端建立通信连接后,执行密钥认证、防中继认证、定位认证等操作。又如,可以在车辆的驾驶室内的目标座椅上部署座椅传感器160A,处理器110可以根据来自座椅传感器160A的触发信号,确定是否存在目标用户落座于目标座椅。又如,可以在车辆的车门或相应位置部署车门传感器160B,处理器110可以根据来自车门传感器160B的触发信号,确定车辆的车门是否处于关闭状态。又如,对于车辆的驾驶室内的目标座椅,可以在其对应配置的安全带中部署安全带检测电路190,处理器110可以感知安全带检测电路190的导通和断开,从而根据安全带检测电路190的导通和断开,确定落座于目标座椅的用户是否系了安全带。The processor 110 is used to execute computer instructions/computer program codes stored in the internal memory 120 to implement various functions and data processing procedures of the vehicle-mounted authentication device 100 . For example, after establishing a communication connection with the mobile terminal, operations such as key authentication, anti-relay authentication, and location authentication may be performed. For another example, the seat sensor 160A may be deployed on the target seat in the cab of the vehicle, and the processor 110 may determine whether there is a target user sitting on the target seat according to the trigger signal from the seat sensor 160A. For another example, a door sensor 160B may be deployed on a door or a corresponding position of the vehicle, and the processor 110 may determine whether the door of the vehicle is in a closed state according to a trigger signal from the door sensor 160B. For another example, for the target seat in the cab of the vehicle, the seat belt detection circuit 190 may be deployed in the correspondingly configured seat belt. The on and off detection circuit 190 determines whether the user seated in the target seat is wearing a seat belt.
座椅传感器160A用于辅助检测是否存在用户落座于相应的座椅。通常的,车辆的驾驶室内的目标座椅可以配置座椅传感器160A。在一些实施例中,座椅传感器160A可以是一种薄膜型触点传感器,其触点可以均匀或非均匀的分布在座椅的受力表面;当座椅受来自于外部的压力时,比如用户落座于座椅时,座椅传感器160A可产生一个触发信号,该触发信号将会被提供给处理器110。The seat sensor 160A is used to assist in detecting whether there is a user sitting on a corresponding seat. Typically, the seat sensor 160A may be configured on a target seat in the cab of the vehicle. In some embodiments, the seat sensor 160A may be a thin-film contact sensor, and its contacts may be uniformly or non-uniformly distributed on the force-bearing surface of the seat; when the seat is subjected to external pressure, such as When the user sits on the seat, the seat sensor 160A may generate a trigger signal, which will be provided to the processor 110 .
车门传感器160B用于检测车辆的车门是否处于关闭状态。示例性的,车门传感器可以是压力传感器,车门上可以设置相应的胶条,该压力传感器位于该胶条中,当车门处于关闭状态时,车门与车身对该胶条形成挤压,使得压力传感器可以产生一个较大的压力信号(或者称为触发信号),该压力信号可以被提供给处理器110,使得处理器110根据该压力信号确定出该车门处于关闭状态。可以理解,车门传感器还可以是其它类型的传感器,还可以被替换为由红外对射管组成的信号检测装置或者包括霍尔元件的检测电路等。The door sensor 160B is used to detect whether the door of the vehicle is in a closed state. Exemplarily, the door sensor may be a pressure sensor, a corresponding rubber strip may be provided on the vehicle door, the pressure sensor is located in the rubber strip, and when the vehicle door is in a closed state, the vehicle door and the vehicle body squeeze the rubber strip, so that the pressure sensor A larger pressure signal (or a trigger signal) may be generated, and the pressure signal may be provided to the processor 110, so that the processor 110 determines that the vehicle door is in a closed state according to the pressure signal. It can be understood that the door sensor can also be other types of sensors, and can also be replaced by a signal detection device composed of an infrared radiation tube or a detection circuit including a Hall element.
通信模块130用于支持车载认证设备100与部署了车辆的数字钥匙的移动设备进行通信。其中,通信模块130可以包括移动通信模块和近距离通信模块两种类型。移动通信模块用于支持车载认证设备100连接到移动通信网络,以便车载认证设备100通过移动通信网络与移动设备建立网络连接。近距离通信模块用于支持车载认证设备100与移动设备在相对较近的距离内建立近距离通信连接;比如,近距离通信模块可以包括蓝牙模块,车载认证设备100可以通过蓝牙模块与移动设备建立蓝牙连接,进而通过该蓝牙连接与移动设备进行信息交互,完成对数字钥匙的认证过程。The communication module 130 is used to support the on-board authentication device 100 to communicate with the mobile device on which the digital key of the vehicle is deployed. The communication module 130 may include two types of mobile communication modules and short-range communication modules. The mobile communication module is used to support the in-vehicle authentication device 100 to connect to the mobile communication network, so that the in-vehicle authentication device 100 establishes a network connection with the mobile device through the mobile communication network. The short-range communication module is used to support the establishment of a short-range communication connection between the in-vehicle authentication device 100 and the mobile device in a relatively short distance; for example, the short-range communication module may include a Bluetooth module, and the in-vehicle authentication device 100 may establish a connection with the mobile device through the Bluetooth module Bluetooth connection, and further information exchange with the mobile device through the Bluetooth connection to complete the authentication process of the digital key.
车载认证设备100通常可以包括多个各自用于支持实现特定业务的摄像头180。如图2所示,车辆的驾驶室内可以部署一个或多个摄像头180,用于采集位于驾驶室内的目标用户 的人脸图像。通常的,该摄像头180可以包括但不限于疲劳监测摄像头或者视觉分心摄像头;该摄像头180可以部署在车辆的方向盘11的右上侧,也可以设置在车辆内部的其它位置,比如设置在车辆的方向盘的左上侧、方向盘上或前挡风玻璃上。The in-vehicle authentication device 100 may generally include a plurality of cameras 180 each used to support the implementation of a specific service. As shown in FIG. 2, one or more cameras 180 may be deployed in the cab of the vehicle for collecting face images of the target user located in the cab. Generally, the camera 180 may include, but is not limited to, a fatigue monitoring camera or a visual distraction camera; the camera 180 may be deployed on the upper right side of the steering wheel 11 of the vehicle, or may be arranged at other positions inside the vehicle, such as the steering wheel of the vehicle on the upper left side, on the steering wheel, or on the front windshield.
车载认证设备100可以包括一个或多个安全带检测电路190,每个安全带检测电路190用于检测落座于相应座椅的用户是否系了安全带。以车辆驾驶室内的目标座椅为例,当目标用户将该目标座椅对应配置的安全带的插扣,插入该安全带的锁扣时,该安全带对应的安全带检测电路190导通,处理器110可以感知该安全带检测电路190的导通,从而确定落座于驾驶室内的目标座椅的用户系了安全带。The in-vehicle authentication device 100 may include one or more seat belt detection circuits 190, each seat belt detection circuit 190 being used to detect whether a user seated in a corresponding seat is wearing a seat belt. Taking the target seat in the vehicle cab as an example, when the target user inserts the seat belt buckle corresponding to the target seat into the seat belt buckle, the seat belt detection circuit 190 corresponding to the seat belt is turned on, The processor 110 can sense the conduction of the seat belt detection circuit 190, so as to determine that the user seated in the target seat in the cab is wearing a seat belt.
需要说明的是,示例性描述的车载认证设备100的结构及功能,并不构成对车载认证设备100的具体结构的限定。车载认证设备100还可以包括更多或更少的部件;比如,车载认证设备100还可以包括用于采集用户的其它生物特征信息的信息采集模块,具体如用于采集指纹信息的指纹采集模块。还可以组合车载认证设备100中的某些部件。还可以将车载认证设备100中的某些部件进行拆分;比如,将处理器110拆分为多个相互独立的处理单元。车载认证设备100中的各个部件还可以具有其它连接关系。It should be noted that the structure and function of the vehicle-mounted authentication device 100 described by way of example do not constitute a limitation on the specific structure of the vehicle-mounted authentication device 100 . The in-vehicle authentication device 100 may further include more or less components; for example, the in-vehicle authentication device 100 may further include an information collection module for collecting other biometric information of the user, specifically, a fingerprint collection module for collecting fingerprint information. Certain components in the in-vehicle authentication device 100 may also be combined. Certain components in the vehicle-mounted authentication device 100 may also be split; for example, the processor 110 may be split into a plurality of mutually independent processing units. Various components in the vehicle-mounted authentication device 100 may also have other connection relationships.
移动设备是指可以由用户随身携带的电子设备,该电子设备中可以部署车辆的数字钥匙。A mobile device refers to an electronic device that can be carried around by the user, in which the digital key of the vehicle can be deployed.
移动设备可以包括但不限于手机、平板电脑、数码相机、个人数字助理(personal digital assistant,PDA)、可穿戴设备、膝上型计算机(laptop)等便携式电子设备。Mobile devices may include, but are not limited to, mobile phones, tablet computers, digital cameras, personal digital assistants (PDAs), wearable devices, laptops, and other portable electronic devices.
移动设备中部署了车辆的数字钥匙(digital key,DK)之后,即可根据该数字钥匙与部署在车辆内的车载认证设备100进行信息交互,以便车载认证设备对数字钥匙进行认证。After the digital key (DK) of the vehicle is deployed in the mobile device, information can be exchanged with the on-board authentication device 100 deployed in the vehicle according to the digital key, so that the on-board authentication device can authenticate the digital key.
图3为本申请实施例中提供的一种移动设备的结构示意图。如图3所示,移动设备300可以包括处理器310、内部存储器320和通信模块330。FIG. 3 is a schematic structural diagram of a mobile device provided in an embodiment of the present application. As shown in FIG. 3 , the mobile device 300 may include a processor 310 , an internal memory 320 and a communication module 330 .
内部存储器320用于存储计算机指令/计算机程序代码,比如存储车辆的数字钥匙对应的计算机程序代码。还用于存储移动设备300在使用过程中创建的各种数据,比如存储用户录入的人脸图像、指纹信息等生物特征模板。此外内部存储器320可以包括高速随机存取存储器和非易失性存储器,比如包括磁盘存储器、闪存器以及通用闪存存储器等。The internal memory 320 is used to store computer instructions/computer program codes, such as computer program codes corresponding to the digital key of the vehicle. It is also used to store various data created during the use of the mobile device 300, for example, to store biometric templates such as face images and fingerprint information entered by the user. In addition, the internal memory 320 may include high-speed random access memory and non-volatile memory, such as disk memory, flash memory, general-purpose flash memory, and the like.
内部存储器320可以包括一个或多个安全存储模块,用于存储数字钥匙对应的计算机程序代码以及与数字钥匙相关的数据。其中,移动设备300的安全存储模块与车载认证设备100的安全存储模块类似,这里不再赘述。The internal memory 320 may include one or more secure storage modules for storing computer program code corresponding to the digital key and data related to the digital key. The security storage module of the mobile device 300 is similar to the security storage module of the vehicle-mounted authentication device 100 , and details are not described here.
处理器310用于运行存储在内部存储器320中的计算机指令/计算机程序代码,实现移动设备300的各种功能及数据处理过程。比如,实现对来自车载认证设备100的并且加密后的人脸图像进行解密,将来自车载认证设备100的人脸图像与用户预先录入的人脸模板进行比较等。The processor 310 is used to execute computer instructions/computer program codes stored in the internal memory 320 to implement various functions and data processing processes of the mobile device 300 . For example, decrypt the encrypted face image from the in-vehicle authentication device 100, and compare the face image from the in-vehicle authentication device 100 with the face template pre-entered by the user.
处理器310可以包括一个或多个处理单元。Processor 310 may include one or more processing units.
在一些实施例中,可以对处理器310包括的部分处理单元或处理器310的运行模式进行配置,形成用于对敏感信息进行处理的可信执行环境(trusted execution environment,TEE)。其中,与TEE对应的富执行环境(rich execution environment)无法访问TEE的资源,实现对基于TEE的业务进行安全保护。In some embodiments, some processing units included in the processor 310 or the operating mode of the processor 310 may be configured to form a trusted execution environment (TEE) for processing sensitive information. Among them, the rich execution environment (rich execution environment) corresponding to the TEE cannot access the resources of the TEE, so as to realize the security protection of the TEE-based business.
在一些实施例中,TEE中可以运行第一可信应用(trusted application,TA),第一TA用于对移动设备300与车载认证设备100交互的信息进行加密/解密操作;以及用于运行第二TA,第二TA用于将来自车载认证设备100的生物特征信息与生物特征模板进行比较。In some embodiments, a first trusted application (TA) can be run in the TEE, and the first TA is used to perform encryption/decryption operations on the information that the mobile device 300 interacts with the in-vehicle authentication device 100; Second TA, the second TA is used to compare the biometric information from the in-vehicle authentication device 100 with the biometric template.
对于部署在移动设备300内的数字钥匙,根据数字钥匙采用的通信技术和/或用户使用体 验,数字钥匙通常包括遥控(remote keyless entry,RKE)钥匙、近场通信(near field communication,NFC)钥匙和无感(passive entry passive start,PEPS)钥匙等多种类型。For the digital key deployed in the mobile device 300, according to the communication technology adopted by the digital key and/or user experience, the digital key usually includes a remote keyless entry (RKE) key, a near field communication (NFC) key and passive entry passive start (PEPS) keys and other types.
RKE钥匙,通常需要在移动设备与车载认证设备建立近距离通信连接之后,由用户在移动设备上进行相应的操作,从而发起解锁车门和/或启动车辆的业务流程,解锁车门和/或启动车辆的过程对移动通信网络无依赖。The RKE key usually needs to be operated by the user on the mobile device after the mobile device establishes a near-field communication connection with the vehicle authentication device, thereby initiating the business process of unlocking the door and/or starting the vehicle, unlocking the door and/or starting the vehicle The process is independent of the mobile communication network.
NFC钥匙,通常无需用户在移动设备上进行相应的操作,但是需要用户将移动设备放置到车辆的NFC读卡区域,从而发起解锁车门和/或启动车辆的业务流程。The NFC key usually does not require the user to perform corresponding operations on the mobile device, but requires the user to place the mobile device in the NFC card reading area of the vehicle to initiate the business process of unlocking the door and/or starting the vehicle.
PEPS钥匙,通常无需用户对移动设备进行任何操作,也无需将移动设备连接到移动通信网络。在移动设备与车载认证设备建立近距离通信连接的情况下,车载认证设备可以对移动设备中部署的数字钥匙进行认证。当数字钥匙通过认证之后,即可解锁车门。The PEPS key usually does not require the user to perform any operation on the mobile device, nor to connect the mobile device to the mobile communication network. In the case that the mobile device establishes a short-range communication connection with the vehicle-mounted authentication device, the vehicle-mounted authentication device can authenticate the digital key deployed in the mobile device. When the digital key is authenticated, the door can be unlocked.
对于PEPS钥匙,考虑监管需要以及车辆使用安全,在启动车辆时,通常需要确保部署了车辆的数字钥匙的移动设备位于车辆内部。可以在车辆内部署性能要求极高的传感器,或者通过增加传感器数量,或是在车辆和移动设备中增加支持UWB通信技术的组件,辅助实现对移动设备进行准确定位,并根据定位结果确定移动设备是否位于车辆内部。For PEPS keys, considering regulatory needs and vehicle use safety, when starting the vehicle, it is often necessary to ensure that the mobile device on which the vehicle's digital key is deployed is located inside the vehicle. Sensors with extremely high performance requirements can be deployed in vehicles, or by increasing the number of sensors, or by adding components that support UWB communication technology in vehicles and mobile devices, to assist in the accurate positioning of mobile devices, and determine mobile devices according to the positioning results. is inside the vehicle.
有鉴于此,本申请实施例中至少提供了一种车辆的启动控制方法及车载认证设备。车载认证设备部署在车辆中,可以获取位于车辆驾驶室的目标用户的生物特征信息。接着由车载认证设备或者部署了该车辆的数字钥匙的移动设备,确定该生物特征信息与生物特征模板是否匹配;其中,生物特征模板存储在部署了车辆的数字钥匙的移动设备中,该生物特征模板是持有该移动设备的用户的生物特征信息。如果生物特征信息与生物特征模板相匹配,则说明位于车辆的驾驶室的用户具有合法使用该车辆的权限;此外,由于移动设备通常由用户随身携带,说明部署了车辆的数字钥匙的移动设备同样位于该车辆中。当数字钥匙通过认证后,车载认证设备可在接收到车辆启动信号时启动/触发该车辆的车辆控制装置启动该车辆。如此,无需在车辆中增加用于辅助实现对移动设备进行准确定位的传感器或其它组件,即可实现在部署了车辆的数字钥匙的移动设备位于车辆内部的情况下才启动车辆,满足监管需求且能够确保车辆使用安全,例如降低车辆发生误启动、被盗窃的风险。In view of this, the embodiments of the present application provide at least a vehicle startup control method and a vehicle-mounted authentication device. The in-vehicle authentication device is deployed in the vehicle and can obtain the biometric information of the target user located in the cab of the vehicle. Then, the on-board authentication device or the mobile device on which the digital key of the vehicle is deployed determines whether the biometric information matches the biometric template; wherein the biometric template is stored in the mobile device on which the digital key of the vehicle is deployed, and the biometric The template is the biometric information of the user holding the mobile device. If the biometric information matches the biometric template, it means that the user in the cab of the vehicle has legal authority to use the vehicle; in addition, since mobile devices are usually carried by the user, the mobile device where the digital key of the vehicle is deployed also in this vehicle. After the digital key is authenticated, the vehicle-mounted authentication device can start/trigger the vehicle control device of the vehicle to start the vehicle when receiving the vehicle start signal. In this way, without adding sensors or other components in the vehicle to assist in the accurate positioning of the mobile device, the vehicle can be started only when the mobile device to which the vehicle's digital key is deployed is located inside the vehicle, meeting regulatory requirements and It can ensure the safety of vehicle use, such as reducing the risk of misstarting and theft of the vehicle.
此外,车载认证设备在接收到车辆启动信号之前,完成对数字钥匙进行认证以及目标用户对车辆的使用权限进行认证,在数字钥匙通过认证并且驾驶室内的目标用户具有合法使用该车辆的权限的情况下,车载认证设备在接收到车辆启动信号之后,快速的启动或者触发车辆的车辆控制装置启动车辆,用户体验较好。In addition, the in-vehicle authentication device completes authentication of the digital key and authentication of the target user's authority to use the vehicle before receiving the vehicle start signal. The digital key is authenticated and the target user in the cab has the authority to legally use the vehicle. In this case, after receiving the vehicle start signal, the vehicle-mounted authentication device quickly starts or triggers the vehicle control device of the vehicle to start the vehicle, and the user experience is better.
下面结合图4所示的业务场景,对移动设备M1与部署在车辆10内的车载认证设备100进行信息交互,实现控制车辆10启动的过程进行示例性描述。其中,移动设备M1中部署了车辆10的数字钥匙。如图5所示,移动设备M1与车载认证设备100进行信息交互,实现控制车辆10启动的过程可以包括如下各个步骤。In the following, in conjunction with the business scenario shown in FIG. 4 , an exemplary description will be given of the process of controlling the startup of the vehicle 10 by the information interaction between the mobile device M1 and the vehicle-mounted authentication device 100 deployed in the vehicle 10 . Among them, the digital key of the vehicle 10 is deployed in the mobile device M1. As shown in FIG. 5 , the mobile device M1 exchanges information with the in-vehicle authentication device 100 , and the process of controlling the start of the vehicle 10 may include the following steps.
步骤501,移动设备M1进入车辆10的近距离通信区域P1之后,车载认证设备100可以发现移动设备M1,并且与移动设备M1建立通信连接。In step 501, after the mobile device M1 enters the short-range communication area P1 of the vehicle 10, the in-vehicle authentication device 100 can discover the mobile device M1 and establish a communication connection with the mobile device M1.
其中,该通信连接可以是近距离通信连接,比如是蓝牙连接。The communication connection may be a short-range communication connection, such as a Bluetooth connection.
车载认证设备100还可能发现进入近距离通信区域P1的其它移动设备,并且与其他移动设备建立通信连接;其他移动设备中可能部署了车辆10的数字钥匙,也可能并未部署车辆10的数字钥匙。如图4所示,无论移动设备M2、移动设备M3是否部署了车辆10的数字钥匙,当移动设备M2、移动设备M3进入车辆10的近距离通信区域P1之后,车载认证设备100均可以发现移动设备M2和移动设备M3,并且与移动设备M2和移动设备M3分别建立 通信连接。The in-vehicle authentication device 100 may also discover other mobile devices entering the short-range communication area P1, and establish a communication connection with the other mobile devices; the digital key of the vehicle 10 may or may not be deployed in other mobile devices. . As shown in FIG. 4 , regardless of whether the digital key of the vehicle 10 is deployed on the mobile device M2 and the mobile device M3, when the mobile device M2 and the mobile device M3 enter the short-range communication area P1 of the vehicle 10, the on-board authentication device 100 can discover the mobile device M2 and mobile device M3, and establish communication connections with mobile device M2 and mobile device M3 respectively.
步骤502,车载认证设备100向移动设备M1发送数字钥匙认证请求。Step 502, the in-vehicle authentication device 100 sends a digital key authentication request to the mobile device M1.
车载认证设备100可以向与其建立通信连接的每个移动设备均发送数字钥匙认证请求。如图4所示,对于已经与车载认证设备100建立通信连接的移动设备M2和移动设备M3,车载认证设备100还可以向移动设备M2和移动设备M3发送数字钥匙认证请求。The in-vehicle authentication device 100 may send a digital key authentication request to each mobile device with which a communication connection is established. As shown in FIG. 4 , for the mobile device M2 and the mobile device M3 that have established a communication connection with the in-vehicle authentication device 100, the in-vehicle authentication device 100 may also send a digital key authentication request to the mobile device M2 and the mobile device M3.
步骤503,移动设备M1向车载认证设备100发送认证密文。Step 503 , the mobile device M1 sends the authentication ciphertext to the vehicle-mounted authentication device 100 .
其中,移动设备M1中部署有数字钥匙,可以根据该数字钥匙的业务密钥和认证请求中的信息生成认证密文。A digital key is deployed in the mobile device M1, and an authentication ciphertext can be generated according to the service key of the digital key and the information in the authentication request.
步骤504,车载认证设备100根据认证密文确定数字钥匙是否通过密钥认证。In step 504, the vehicle-mounted authentication device 100 determines whether the digital key has passed the key authentication according to the authentication ciphertext.
如果车载认证设备100确定数字钥匙通过密钥认证,则执行步骤505,对移动设备M1进行定位认证和防中继认证。If the in-vehicle authentication device 100 determines that the digital key has passed the key authentication, step 505 is executed to perform positioning authentication and anti-relay authentication on the mobile device M1.
在车载认证设备100定位到移动设备M1进入车辆10的车门解锁区域且移动设备M1不存在中继攻击之后,即移动设备M1通过定位认证和防中继认证之后,车载认证设备即可执行步骤506,解锁车辆10的车门,并将第一密钥和目标通信连接关联。After the in-vehicle authentication device 100 locates the mobile device M1 into the door unlocking area of the vehicle 10 and the mobile device M1 does not have a relay attack, that is, after the mobile device M1 passes the location authentication and the anti-relay authentication, the in-vehicle authentication device can execute step 506 , unlock the door of the vehicle 10 and associate the first key with the target communication connection.
其中,第一密钥用于在后续过程中对生物特征信息进行加密。目标通信连接是指车载认证设备100与移动设备M1建立的通信连接,因此也可以将第一密钥和移动设备M1关联。第一密钥可以是移动设备M1中部署的数字钥匙的业务密钥;或者第一密钥可以是使用该业务密钥进行派生计算以得到的;或者第一密钥可以预先存储在车载认证设备100中,并且不同的数字钥匙各自对应不同的第一密钥。Wherein, the first key is used to encrypt the biometric information in the subsequent process. The target communication connection refers to the communication connection established between the in-vehicle authentication device 100 and the mobile device M1, so the first key can also be associated with the mobile device M1. The first key may be the service key of the digital key deployed in the mobile device M1; or the first key may be obtained by using the service key for derivative calculation; or the first key may be pre-stored in the vehicle-mounted authentication device. 100, and different digital keys correspond to different first keys.
示例性的,移动设备M1进入车辆10的近距离通信区域P1,与车载认证设备100建立通信连接,并且其部署的数字钥匙通过密钥认证之后,车载认证设备100即可持续的/周期性的对移动设备M1进行定位,获得移动设备M1所在的位置,并且确定移动设备M1是否存在中继攻击。当移动设备M1在用户的携带下进入车辆10的车门解锁区域P2之后,移动设备M1通过定位认证;此时,如果移动设备M1通过防中继认证,即如果确定移动设备M1不存在中继攻击,则车载认证设备100可以解锁车辆10的车门,或者触发车身控制装置解锁车辆10的车门。Exemplarily, after the mobile device M1 enters the short-range communication area P1 of the vehicle 10, establishes a communication connection with the in-vehicle authentication device 100, and after the digital key deployed by the mobile device M1 passes the key authentication, the in-vehicle authentication device 100 can continue/periodically. The mobile device M1 is located, the location of the mobile device M1 is obtained, and whether there is a relay attack on the mobile device M1 is determined. After the mobile device M1 enters the door unlocking area P2 of the vehicle 10 under the carrying of the user, the mobile device M1 passes the positioning authentication; at this time, if the mobile device M1 passes the anti-relay authentication, that is, if it is determined that there is no relay attack on the mobile device M1 , the in-vehicle authentication device 100 can unlock the door of the vehicle 10 , or trigger the body control device to unlock the door of the vehicle 10 .
车载认证设备100成功解锁车辆10的车门之后,携带移动设备M1的用户可通过解锁的车门进入车辆10内部。相应的,车载认证设备100可以执行步骤507,确定是否达到采集生物特征信息的触发条件。After the in-vehicle authentication device 100 successfully unlocks the door of the vehicle 10 , the user carrying the mobile device M1 can enter the interior of the vehicle 10 through the unlocked door. Correspondingly, the in-vehicle authentication device 100 may execute step 507 to determine whether a trigger condition for collecting biometric information is reached.
在一些实施例中,采集生物特征信息的触发条件可以包括但不限于如下各项条件中的一项或多项:存在目标用户落座于车辆10的驾驶室内的目标座椅、落座于目标座椅的用户系了安全带以及车辆的车门处于关闭状态。采集生物特征信息的触发条件还可以包括:对于落座于目标座椅的目标用户,该目标用户的目光注视于车载认证设备100的信息采集单元(比如摄像头)或者车辆的启动按键等。In some embodiments, the triggering conditions for collecting biometric information may include, but are not limited to, one or more of the following conditions: there is a target seat where the target user is seated in the cab of the vehicle 10 , the target user is seated on the target seat of users wear seat belts and the vehicle's doors are closed. The trigger condition for collecting biometric information may also include: for the target user sitting on the target seat, the target user's eyes are fixed on the information collection unit (such as a camera) of the in-vehicle authentication device 100 or the start button of the vehicle.
在一些实施例中,车载认证设备可以通过摄像头采集车辆10的驾驶室的至少两张场景图像;根据至少两张场景图像确定是否存在目标用户执行了至少一个预设动作;如果是,则确定达到采集生物特征信息的触发条件。其中,至少一个预设动作包括以下各个动作中的至少一个:落座于目标座椅、系安全带,以及目光注视于车载认证设备的信息采集单元。In some embodiments, the in-vehicle authentication device may collect at least two scene images of the cab of the vehicle 10 through a camera; determine whether the target user has performed at least one preset action according to the at least two scene images; Trigger condition for collecting biometric information. The at least one preset action includes at least one of the following actions: sitting on the target seat, fastening a seat belt, and looking at the information collection unit of the vehicle-mounted authentication device.
如果车载认证设备100确定达到采集生物特征信息的触发条件,车载认证设备可以执行步骤508,采集落座于车辆10驾驶室内的用户的生物特征信息。If the in-vehicle authentication device 100 determines that the trigger condition for collecting biometric information is met, the in-vehicle authentication device may execute step 508 to collect biometric information of the user seated in the cab of the vehicle 10 .
其中,生物特征信息可以包括但不限于:人脸图像、指纹信息、声纹信息或虹膜信息等 信息中的一项或多项。Wherein, the biometric information may include, but is not limited to, one or more of information such as face image, fingerprint information, voiceprint information or iris information.
在一些实施例中,用于采集生物特征信息的信息采集单元,可以在车载认证设备100确定达到采集生物特征信息的触发条件之后才启动,以降低信息采集单元的功耗。In some embodiments, the information collection unit for collecting biometric information may be activated after the vehicle-mounted authentication device 100 determines that a trigger condition for collecting biometric information is reached, so as to reduce the power consumption of the information collection unit.
示例性的,当车载认证设备100确定达到采集生物特征信息的触发条件之后,位于车辆10驾驶室内的摄像头(比如疲劳监测摄像头、视觉分心摄像头)180启动,处理器310触发该摄像头180采集用户的人脸图像。或者,当车载认证设备100确定达到采集生物特征信息的触发条件之后,处理器310可以从摄像头采集的至少两张场景图像中提取目标用户的人脸图像。Exemplarily, after the in-vehicle authentication device 100 determines that the trigger condition for collecting biometric information is reached, the camera (such as a fatigue monitoring camera, a visual distraction camera) 180 located in the cab of the vehicle 10 is activated, and the processor 310 triggers the camera 180 to collect the user. face image. Alternatively, after the in-vehicle authentication device 100 determines that the trigger condition for collecting biometric information is reached, the processor 310 may extract the face image of the target user from the at least two scene images collected by the camera.
在一些实施例中,在车载认证设备100确定达到采集生物特征信息的触发条件之后,还可以通过其显示屏和/或扬声器,向用户提供相应的图像信息和/或声音信息,以便用户根据图像信息和/或声音信息的提示,主动配合车载认证设备100采集其自身的生物特征信息,有利于车载认证设备100快速完成采集高质量的生物特征信息。In some embodiments, after the in-vehicle authentication device 100 determines that the triggering condition for collecting biometric information is reached, it can also provide corresponding image information and/or sound information to the user through its display screen and/or speaker, so that the user can use the image information according to the image information and/or sound information. Information and/or voice information prompts, and actively cooperate with the vehicle-mounted authentication device 100 to collect its own biometric information, which is beneficial for the vehicle-mounted authentication device 100 to quickly complete the collection of high-quality biometric information.
步骤509,车载认证设备100根据已经与其建立了通信连接,并且部署的数字钥匙已经通过认证的若干移动设备的位置,从若干移动设备中确定位于车辆10驾驶室的移动设备。Step 509 , the vehicle-mounted authentication device 100 determines the mobile device located in the cab of the vehicle 10 from the mobile devices according to the positions of the mobile devices with which the communication connection has been established and the deployed digital key has been authenticated.
示例性的,车载认证设备可以对移动设备M1、M2、M3进行定位,获得移动设备M1、M2、M3在指定坐标系(例如地球坐标系)中的位置。此外,车载认证设备还可以对通过相应的定位技术,确定某个参照物(比如车载认证设备的通信模块)在该指定坐标系中的位置。接着,车载认证设备可以根据移动设备M1、M2、M3各自在指定坐标系中的位置,以及参照物在指定坐标系中的位置,确定移动设备M1、M2、M3各自与参照物之间的距离。最后,根据移动设备M1、M2、M3各自对应的距离以及参照物在车辆内的部署位置,确定位于车辆的驾驶室内的移动设备。例如,参照物部署在驾驶室内,可以将与参照物之间的距离最小的移动设备,确定为位于车辆的驾驶室内的移动设备。Exemplarily, the vehicle-mounted authentication device may locate the mobile devices M1, M2, and M3 to obtain the positions of the mobile devices M1, M2, and M3 in a specified coordinate system (eg, the earth coordinate system). In addition, the in-vehicle authentication device can also determine the position of a certain reference object (such as a communication module of the in-vehicle authentication device) in the specified coordinate system through a corresponding positioning technology. Next, the vehicle-mounted authentication device can determine the distances between the mobile devices M1, M2, M3 and the reference objects according to the positions of the mobile devices M1, M2, and M3 in the specified coordinate system and the position of the reference object in the specified coordinate system. . Finally, according to the respective distances of the mobile devices M1 , M2 and M3 and the deployment position of the reference object in the vehicle, the mobile device located in the cab of the vehicle is determined. For example, if the reference object is deployed in the cab, the mobile device with the smallest distance from the reference object may be determined as the mobile device located in the cab of the vehicle.
在一些实施例中,不同于步骤509的是,还可以在车辆中的指定位置增加测距装置,比如在车辆的方向盘上增加测距装置。对于已经与车载认证设备建立了通信连接的各个终端设备,可以基于精确时间测量(fine timing measurement,FTM)或其它测距技术,测量该测距装置与各移动设备之间的距离,将与测距装置之间的距离最小的移动设备确定为位于车辆驾驶室的移动设备。In some embodiments, different from step 509, a distance measuring device may also be added at a designated position in the vehicle, such as adding a distance measuring device on the steering wheel of the vehicle. For each terminal device that has established a communication connection with the in-vehicle authentication device, the distance between the ranging device and each mobile device can be measured based on fine timing measurement (FTM) or other ranging technologies, and the distance between the ranging device and each mobile device can be measured. The mobile device with the smallest distance between the devices is determined as the mobile device located in the cab of the vehicle.
需要说明的是,步骤509为可选的。示例性的,对于已经与车载认证设备100建立了通信连接的移动设备M1、移动设备M2和移动设备M3等多个移动设备中,如果移动设备M1和移动设备M2中部署的数字钥匙均通过认证,则车载认证设备100可以针对移动设备M1和移动设备M2执行步骤509;如果仅存在一个移动设备中部署的数字钥匙通过认证,比如仅存在移动设备M1中部署的数字钥匙通过认证,车载认证设备100无需执行步骤509,直接执行以下步骤510即可。It should be noted that step 509 is optional. Exemplarily, for multiple mobile devices such as mobile device M1, mobile device M2, and mobile device M3 that have established a communication connection with the in-vehicle authentication device 100, if the digital keys deployed in the mobile device M1 and the mobile device M2 pass the authentication , then the on-board authentication device 100 can perform step 509 for the mobile device M1 and the mobile device M2; if only the digital key deployed in one mobile device passes the authentication, for example, only the digital key deployed in the mobile device M1 passes the authentication, the on-board authentication device 100 does not need to perform step 509, and can directly perform the following step 510.
假设仅存在移动设备M1中部署的数字钥匙通过认证,或者车载认证设备确定出移动设备M1位于车辆10驾驶室内,则车载认证设备100可以执行步骤510,利用目标通信连接关联的第一密钥对生物特征信息进行加密,其中目标通信连接为移动设备M1与车载认证设备100之间建立的通信连接,向移动设备M1发送加密后的生物特征信息。Assuming that only the digital key deployed in the mobile device M1 passes the authentication, or the in-vehicle authentication device determines that the mobile device M1 is located in the cab of the vehicle 10, the in-vehicle authentication device 100 may execute step 510, using the target communication to connect the associated first key pair The biometric information is encrypted, wherein the target communication connection is a communication connection established between the mobile device M1 and the vehicle-mounted authentication device 100, and the encrypted biometric information is sent to the mobile device M1.
在一些实施例中,车载认证设备100还可以对其采集的生物特征信息进行预处理,预处理过程可以包括但不限于确定生物特征信息是否满足预设条件,其中满足预设条件的生物特征信息具有相对较好的质量。In some embodiments, the in-vehicle authentication device 100 may further preprocess the biometric information collected by it, and the preprocessing process may include, but is not limited to, determining whether the biometric information satisfies a preset condition, wherein the biometric information that satisfies the preset condition of relatively good quality.
以生物特征信息是人脸图像为例,预设条件包括:人脸图像的亮度达到预设阈值、人脸 图像中的人脸区域未被遮挡,以及人脸图像的位姿满足预定要求等。如果车载认证设备100采集的人脸图像并不满足预设条件,车载认证设备100可通过扬声器播放相应的语音信息或其它方式,提示用户配合车载认证设备100完成采集满足预设条件的人脸图像,直至获取到满足预设条件的人脸图像之后,才利用第一密钥对满足预设条件的人脸图像进行加密并发送至移动设备M1。如此,确保被发送至移动设备M1的人脸图像具有较好的质量,以便移动设备M1在后续过程中快速实现对人脸图像和人脸模板进行匹配而不会要求重新采集,从而有利于快速启动车辆10。Taking the biometric information being a face image as an example, the preset conditions include: the brightness of the face image reaches a preset threshold, the face area in the face image is not blocked, and the pose of the face image meets predetermined requirements, etc. If the face image collected by the in-vehicle authentication device 100 does not meet the preset conditions, the in-vehicle authentication device 100 may play the corresponding voice message through the speaker or in other ways, prompting the user to cooperate with the in-vehicle authentication device 100 to complete the collection of the face image that meets the preset conditions , until the face image that meets the preset condition is obtained, the face image that meets the preset condition is encrypted with the first key and sent to the mobile device M1. In this way, it is ensured that the face image sent to the mobile device M1 has good quality, so that the mobile device M1 can quickly match the face image and the face template in the subsequent process without requiring re-acquisition, which is conducive to rapid Start the vehicle 10 .
车载认证设备100通过第一密钥关联的目标通信连接,向移动设备M1发送利用第一密钥加密后的生物特征信息,使得车载认证设备100采集的生物特征信息不会被传输至已经与车载认证设备100建立通信连接的其它移动设备。一方面,可以确保生物特征信息的安全性;另一方面,避免生物特征信息被发送至已经与车载认证设备100建立了通信连接的其它移动设备(比如移动设备M2和移动设备M3),从而避免其它移动设备执行对加密后的生物特征信息进行无意义的处理流程。The in-vehicle authentication device 100 sends the biometric information encrypted with the first key to the mobile device M1 through the target communication connection associated with the first key, so that the biometric information collected by the in-vehicle authentication device 100 will not be transmitted to the mobile device M1. The authentication device 100 establishes a communication connection with other mobile devices. On the one hand, it can ensure the security of biometric information; Other mobile devices perform meaningless processing of encrypted biometric information.
步骤511,移动设备M1确定生物特征信息与生物特征模板是否匹配。Step 511, the mobile device M1 determines whether the biometric information matches the biometric template.
其中,生物特征模板通常可以预先部署到移动设备M1中,比如预先部署到移动设备M1的TEE或SE中。生物特征模板是指持有移动设备M1的用户的生物特征信息。Wherein, the biometric template can usually be pre-deployed in the mobile device M1, such as pre-deployed in the TEE or SE of the mobile device M1. The biometric template refers to the biometric information of the user holding the mobile device M1.
在一些实施例中,可以在移动设备M1的TEE中,利用与第一密钥相对应的第二密钥对加密后的生物特征信息进行解密,得到生物特征信息。其中,第二密钥与第一密钥构成一个密钥对,其具体实现可对应参考第一密钥的相关描述,这里不再进行赘述。In some embodiments, the encrypted biometric information may be decrypted using the second key corresponding to the first key in the TEE of the mobile device M1 to obtain the biometric information. The second key and the first key constitute a key pair, and the specific implementation can refer to the relevant description of the first key, which will not be repeated here.
通常的,移动设备M1可以通过其TEE中的第一TA,利用第二密钥对加密后的生物特征信息进行解密以得到生物特征信息。然后将生物特征信息提供给第二TA,由第二TA计算生物特征信息与生物特征模板的相似度。如果相似度达到预设阈值,则确定生物特征信息与生物特征模板相匹配;否则,确定生物特征信息与生物特征模板不匹配。Generally, the mobile device M1 can decrypt the encrypted biometric information with the second key through the first TA in its TEE to obtain the biometric information. The biometric information is then provided to the second TA, and the second TA calculates the similarity between the biometric information and the biometric template. If the similarity reaches a preset threshold, it is determined that the biometric information matches the biometric template; otherwise, it is determined that the biometric information does not match the biometric template.
可以理解,如果生物特征信息和生物特征模板相匹配,则说明落座于车辆10驾驶室的座椅的用户为持有移动设备M1的用户。另外,由于移动设备M1通常由持有该移动设备M1的用户随身携带,因此可以认为移动设备M1也位于车辆10内,或是落座于车辆驾驶室的座椅的用户具有合法使用车辆10的权限。如此,缓解盗窃车辆、误启动车辆的风险,满足监管需求。It can be understood that, if the biometric information matches the biometric template, it means that the user sitting in the seat of the cab of the vehicle 10 is the user holding the mobile device M1. In addition, since the mobile device M1 is usually carried by the user who holds the mobile device M1, it can be considered that the mobile device M1 is also located in the vehicle 10, or the user sitting on the seat of the vehicle cab has the right to legally use the vehicle 10. . In this way, the risk of vehicle theft and mis-starting of the vehicle can be mitigated, and regulatory requirements can be met.
步骤512,移动设备M1向车载认证设备100发送匹配结果。Step 512 , the mobile device M1 sends the matching result to the in-vehicle authentication device 100 .
其中,匹配结果用于指示生物特征信息与生物特征模板是否匹配。The matching result is used to indicate whether the biometric information matches the biometric template.
如果匹配结果指示生物特征信息与生物特征模板相匹配,则车载认证设备100可以执行步骤513,令该车辆10由不可启动状态进入可启动状态。If the matching result indicates that the biometric information matches the biometric template, the in-vehicle authentication device 100 may execute step 513 to make the vehicle 10 enter the startable state from the non-startable state.
在一些实施例中,车载认证设备100可以运行用于记录车辆10的当前状态的状态机,在车载认证设备执行步骤512之前,状态机所记录的车辆10的当前状态为不可启动状态。当车载认证设备100确定匹配结果指示生物特征信息与生物特征模板相匹配之后,对其运行的状态机进行更新,令该状态机所记录车辆10的当前状态切换至可启动状态。In some embodiments, the in-vehicle authentication device 100 may run a state machine for recording the current state of the vehicle 10 . Before the in-vehicle authentication device executes step 512 , the current state of the vehicle 10 recorded by the state machine is a non-startable state. After the in-vehicle authentication device 100 determines that the matching result indicates that the biometric information matches the biometric template, the running state machine is updated, so that the current state of the vehicle 10 recorded by the state machine is switched to the startable state.
步骤514,车载认证设备100接收车辆启动信号。Step 514, the vehicle-mounted authentication device 100 receives the vehicle start signal.
步骤515,车载认证设备100触发车辆控制装置启动处于可启动状态的车辆10。Step 515 , the vehicle-mounted authentication device 100 triggers the vehicle control device to start the vehicle 10 in the startable state.
也就是说,当且仅当车辆10处于可启动状态,并且车载认证设备100接收到用于指示启动车辆10的启动信号时,车载认证设备100才启动/触发车辆控制装置启动车辆10。That is, if and only when the vehicle 10 is in a startable state and the vehicle-mounted authentication device 100 receives a start signal for instructing to start the vehicle 10 , the vehicle-mounted authentication device 100 starts/triggers the vehicle control device to start the vehicle 10 .
在一些实施例中,车辆10进入可启动状态之后,车载认证设备还可以持续的或者周期性 的检测车辆维持可启动状态的条件是否仍然满足。如果车载认证设备100确定车辆处于可启动状态的条件不再满足,车载认证设备100令该车辆10由可启动状态进入不可启动状态。其中,车辆维持可启动状态的条件可以包括但不限于:存在目标用户落座于目标座椅、落座于目标座椅的目标用户系了安全带,以及车辆的车门处于关闭状态等条件中的一项或多项。In some embodiments, after the vehicle 10 enters the startable state, the in-vehicle authentication device may continuously or periodically detect whether the conditions for maintaining the startable state of the vehicle are still satisfied. If the in-vehicle authentication device 100 determines that the conditions for the vehicle to be in the startable state are no longer satisfied, the in-vehicle authentication device 100 makes the vehicle 10 enter the inactive state from the startable state. The conditions for the vehicle to maintain the startable state may include, but are not limited to, one of the following conditions: the target user is seated on the target seat, the target user seated in the target seat is wearing a seat belt, and the door of the vehicle is closed. or more.
在一些实施例中,车辆10进入可启动状态之后,车载认证设备可以持续的监测是否存在状态切换事件,当存在状态切换事件时,车辆的当前状态由可启动状态切换至不可启动状态。其中,状态切换事件包括以下各个事件中的至少一个:落座于目标座椅的目标用户离开目标座椅、目标座椅对应的安全带检测电路由导通切换至断开、车辆的车门由关闭状态切换至开启状态,以及车辆处于可启动状态的持续时间到达预定时长。In some embodiments, after the vehicle 10 enters the startable state, the in-vehicle authentication device may continuously monitor whether there is a state switching event, and when there is a state switching event, the current state of the vehicle is switched from the startable state to the non-startable state. The state switching event includes at least one of the following events: the target user sitting on the target seat leaves the target seat, the seat belt detection circuit corresponding to the target seat is switched from on to off, and the door of the vehicle changes from the closed state Switch to the ON state and the vehicle is in the startable state for a predetermined period of time.
换而言之,当且仅当车载认证设备在接收到车辆启动信号,并且车辆处于可启动状态的情况下,才触发车辆控制装置启动车辆,避免因车载认证设备在完成对数字钥匙进行认证,以及完成目标用户对车辆的使用权限进行认证之后,发生落座于目标座椅的目标用户发生变化、目标用户不再系安全带、车门被打开等现象的情况下,车辆被启动而影响行车安全。In other words, if and only when the vehicle-mounted authentication device receives the vehicle start signal and the vehicle is in a startable state, the vehicle control device is triggered to start the vehicle, so as to avoid the verification of the digital key due to the completion of the vehicle-mounted authentication device. And after the target user's authorization to use the vehicle is authenticated, if the target user sitting in the target seat changes, the target user no longer wears the seat belt, or the door is opened, the vehicle is started and the driving safety is affected.
在一些实施例中,用户可以通过车载认证设备100的麦克风向车载认证设备100提供声音信号,该声音信号可以作为用于指示车载认证设备100启动车辆10的车辆启动信号。In some embodiments, the user may provide a sound signal to the vehicle-mounted authentication device 100 through the microphone of the vehicle-mounted authentication device 100 , and the sound signal may be used as a vehicle start signal for instructing the vehicle-mounted authentication device 100 to start the vehicle 10 .
在一些实施例中,用户可以按压车载认证设备100的启动按键,完成向车载认证设备100提供用于指示车载认证设备100启动车辆10的车辆启动信号。In some embodiments, the user may press the start button of the in-vehicle authentication device 100 to complete providing the in-vehicle authentication device 100 with a vehicle activation signal for instructing the in-vehicle authentication device 100 to start the vehicle 10 .
根据本申请实施例的技术方案,在移动设备M1中部署的车辆10的数字钥匙通过认证的基础上,如果移动设备M1存储的生物特征模板与车辆驾驶室内的用户的生物特征信息相匹配,则说明该用户为持有移动设备M1的用户。由于移动设备M1通常由持有移动设备M1的用户随身携带,说明移动设备M1同样位于车辆10中。在生物特征信息与生物特征模板相匹配的情况下,车载认证设备100才可以在接收到车辆启动信号之后,启动/触发车辆控制装置启动车辆10。如此,无需在车辆10中增加用于辅助实现对移动设备M1进行准确定位的传感器或其它组件,即可实现在部署了车辆10的数字钥匙的移动设备M1位于车辆10内部的情况下,才可启动车辆10,满足监管需求且能够确保车辆使用安全。According to the technical solutions of the embodiments of the present application, on the basis that the digital key of the vehicle 10 deployed in the mobile device M1 passes the authentication, if the biometric template stored in the mobile device M1 matches the biometric information of the user in the cab of the vehicle, then It is explained that the user is a user who holds the mobile device M1. Since the mobile device M1 is usually carried by the user holding the mobile device M1 , it is explained that the mobile device M1 is also located in the vehicle 10 . Only when the biometric information matches the biometric template, the in-vehicle authentication device 100 can start/trigger the vehicle control device to start the vehicle 10 after receiving the vehicle start signal. In this way, there is no need to add sensors or other components in the vehicle 10 for assisting in the accurate positioning of the mobile device M1, and it can be realized only when the mobile device M1 on which the digital key of the vehicle 10 is deployed is located inside the vehicle 10. Start the vehicle 10 to meet regulatory requirements and ensure safe vehicle use.
根据本申请实施例的技术方案,采集用户的生物特征信息以及对生物特征信息和生物特征模板进行匹配,发生在车载认证设备100接收车辆启动信号之前,有利于车载认证设备100快速启动车辆10,避免给用户来带延迟感,提高用户体验。According to the technical solutions of the embodiments of the present application, the collection of the user's biometric information and the matching between the biometric information and the biometric template occur before the vehicle-mounted authentication device 100 receives the vehicle start signal, which is beneficial for the vehicle-mounted authentication device 100 to quickly start the vehicle 10 , Avoid giving users a sense of delay and improve user experience.
根据本申请实施例的技术方案,由移动设备确定生物特征信息和生物特征模板是否匹配,无需在车载认证设备内预先存储用户的生物特征模板,有利于实现数字钥匙的分享、车辆代驾、车队管理等远程场景。According to the technical solutions of the embodiments of the present application, whether the biometric information matches the biometric template is determined by the mobile device, and there is no need to pre-store the user's biometric template in the vehicle-mounted authentication device, which is beneficial to the sharing of digital keys, driving on behalf of vehicles, and fleets. Management and other remote scenarios.
根据本申请实施例的技术方案,移动设备与车载认证设备通过其建立的近距离通信连接直接交互相应的信息,对移动通信网络无依赖,车载认证设备可以通过其与移动设备的信息交互,快速解锁车门并启动车辆。According to the technical solutions of the embodiments of the present application, the mobile device and the vehicle-mounted authentication device can directly exchange corresponding information through the short-range communication connection established by the mobile device, and have no dependence on the mobile communication network. Unlock the doors and start the vehicle.
根据本申请实施例的技术方案,可以复用车辆内部署的疲劳监测摄像头、视觉分心摄像头采集人脸图像,无需在车辆内增加新的信息采集单元,更不需要增加用于辅助实现对移动设备进行准确定位的传感器或其它组件。According to the technical solutions of the embodiments of the present application, the fatigue monitoring camera and the visual distraction camera deployed in the vehicle can be reused to collect face images, and there is no need to add a new information collection unit in the vehicle, let alone to assist in the realization of mobile A sensor or other component of a device for accurate positioning.
在一些实施例中,相对于如图5所示的过程,不同的是在移动设备M1首次接收到来自车载认证设备100的数字钥匙认证请求,并且移动设备M1中部署的数字钥匙通过密钥认证后,移动设备M1可以向车载认证设备发送其存储的生物特征模板。车载认证设备100无需执行将第一密钥和目标通信连接关联,更不需要执行步骤509至512,而是由车载认证设备 100确定其采集的生物特征信息与来自移动设备M1的生物特征模板是否匹配,得到相应的匹配结果。In some embodiments, compared with the process shown in FIG. 5 , the difference is that the mobile device M1 receives the digital key authentication request from the vehicle-mounted authentication device 100 for the first time, and the digital key deployed in the mobile device M1 passes the key authentication Afterwards, the mobile device M1 can send its stored biometric template to the vehicle-mounted authentication device. The in-vehicle authentication device 100 does not need to perform associating the first key with the target communication connection, nor does it need to perform steps 509 to 512, but the in-vehicle authentication device 100 determines whether the biometric information it collects and the biometric template from the mobile device M1 are not. match to get the corresponding matching result.
此外,车载认证设备100可以对来自移动设备M1的生物特征模板进行存储,并将该生物特征模板与移动设备M1关联。如果车载认证设备100并非首次向移动设备M1发送数字钥匙认证请求,车载认证设备100可以将移动设备M1关联的生物特征模板与其采集的生物特征信息进行匹配。In addition, the in-vehicle authentication device 100 may store the biometric template from the mobile device M1 and associate the biometric template with the mobile device M1. If it is not the first time that the in-vehicle authentication device 100 sends a digital key authentication request to the mobile device M1, the in-vehicle authentication device 100 may match the biometric template associated with the mobile device M1 with the biometric information collected.
与前述方法实施例基于相同的构思,本申请实施例中还提供了一种车辆启动控制装置,该装置可以包括,用于实现前述方法实施例中由车载认证设备执行的各步骤的单元或手段。Based on the same concept as the foregoing method embodiments, the embodiments of the present application also provide a vehicle startup control apparatus, which may include units or means for implementing each step performed by the vehicle-mounted authentication device in the foregoing method embodiments .
在一种可能的实施方式中,如图6所示,该装置可以包括:In a possible implementation, as shown in Figure 6, the device may include:
特征信息获取单元601,用于获取目标用户的生物特征信息;其中,目标用户落座于车辆的目标座椅,目标座椅位于车辆的驾驶室内;A feature information acquisition unit 601, configured to acquire biometric information of a target user; wherein, the target user sits on a target seat of the vehicle, and the target seat is located in the cab of the vehicle;
特征信息处理单元602,用于根据与第一移动设备关联的第一密钥对生物特征信息进行加密,以及向第一移动设备发送加密后的生物特征信息;其中,第一移动设备与车载认证设备建立了通信连接,第一移动设备中部署了车辆的数字钥匙,车载认证设备已确定数字钥匙通过认证;The feature information processing unit 602 is configured to encrypt the biometric information according to the first key associated with the first mobile device, and send the encrypted biometric information to the first mobile device; wherein the first mobile device and the vehicle-mounted authentication The device has established a communication connection, the digital key of the vehicle is deployed in the first mobile device, and the in-vehicle authentication device has determined that the digital key has passed the authentication;
匹配结果接收单元603,用于接收来自第一移动设备的匹配结果;其中,匹配结果用于指示生物特征信息与生物特征模板是否匹配;A matching result receiving unit 603, configured to receive a matching result from the first mobile device; wherein, the matching result is used to indicate whether the biometric information matches the biometric template;
启动信号接收单元604,用于接收车辆启动信号;a start signal receiving unit 604, configured to receive a vehicle start signal;
车辆启动控制单元605,用于在匹配结果指示了生物特征信息与生物特征模板相匹配的情况下,触发车辆的车辆控制装置启动车辆。The vehicle start control unit 605 is configured to trigger the vehicle control device of the vehicle to start the vehicle when the matching result indicates that the biometric information matches the biometric template.
在一种可能的实施方式中,该装置还包括:特征采集控制单元,用于确定是否达到采集生物特征信息的触发条件,如果是,启动车载认证设备的信息采集单元;其中,信息采集单元用于采集目标用户的生物特征信息。In a possible implementation manner, the device further includes: a feature collection control unit, configured to determine whether a trigger condition for collecting biometric information is reached, and if so, start an information collection unit of the vehicle-mounted authentication device; wherein, the information collection unit uses It is used to collect the biometric information of the target user.
在一种可能的实施方式中,采集生物特征信息的触发条件包括以下各项中的至少一项:目标用户落座于目标座椅、落座于目标座椅的目标用户系了安全带,以及所述车辆的车门处于关闭状态。In a possible implementation, the triggering condition for collecting biometric information includes at least one of the following items: the target user is seated on the target seat, the target user seated in the target seat is wearing a seat belt, and the The doors of the vehicle are closed.
在一种可能的实施方式中,该装置还包括:摄像头,用于采集车辆的驾驶室的至少两张场景图像。特征采集控制单元,用于根据至少两张场景图像,确定是否存在目标用户执行了至少一个预设动作;其中,至少一个预设动作包括以下各个动作中的至少一个:落座于目标座椅、系安全带,以及目光注视于所述车载认证设备的信息采集单元;如果是,则确定存在目标用户执行了至少一个预设动作。In a possible implementation manner, the apparatus further includes: a camera, configured to collect at least two scene images of the cab of the vehicle. A feature acquisition control unit, configured to determine whether there is a target user who has performed at least one preset action according to the at least two scene images; wherein, the at least one preset action includes at least one of the following actions: sitting on the target seat, The seat belt, and gaze at the information collection unit of the vehicle-mounted authentication device; if yes, it is determined that there is a target user who has performed at least one preset action.
在一种可能的实施方式中,特征信息获取单元601,具体用于从至少两张场景图像中提取目标用户的人脸图像。In a possible implementation manner, the feature information obtaining unit 601 is specifically configured to extract the face image of the target user from the at least two scene images.
在一种可能的实施方式中,预处理单元,用于确定人脸图像是否满足预设条件;其中,预设条件包括以下各项中的至少一项:人脸图像的亮度值达到预设阈值、人脸图像不存在遮挡现象,以及人脸图像的位姿满足预定要求;如果是,则确定人脸图像满足预设条件。In a possible implementation, the preprocessing unit is configured to determine whether the face image satisfies a preset condition; wherein the preset condition includes at least one of the following items: the brightness value of the face image reaches a preset threshold , there is no occlusion phenomenon in the face image, and the pose of the face image meets the predetermined requirements; if yes, it is determined that the face image meets the preset conditions.
在一种可能的实施方式中,该装置还包括:状态维护单元,用于在匹配结果指示了生物特征信息与生物特征模板相匹配的情况下,令该车辆的当前状态由不可启动状态切换至可启动状态。相应的,车辆启动控制单元,具体用于在车辆的当前状态为可启动状态的情况下,触发车辆的车辆控制装置启动车辆。In a possible implementation manner, the device further includes: a state maintenance unit, configured to switch the current state of the vehicle from the non-startable state to the biometric template when the matching result indicates that the biometric information matches the biometric template. Startable state. Correspondingly, the vehicle start control unit is specifically configured to trigger the vehicle control device of the vehicle to start the vehicle when the current state of the vehicle is a startable state.
与前述方法实施例基于相同的构思,本申请实施例中还提供了一种车载认证设备,该车 载认证设备中可以部署车辆启动控制装置。可以理解,车载认证设备可以执行图5所示的方法中由车载认证设备执行的各个步骤,为了避免重复,此处不再详述。Based on the same concept as the foregoing method embodiments, the embodiments of the present application also provide a vehicle-mounted authentication device, in which a vehicle startup control device can be deployed. It can be understood that the in-vehicle authentication device may perform various steps performed by the in-vehicle authentication device in the method shown in FIG. 5 , which will not be described in detail here in order to avoid repetition.
其中,如图1所示,车载认证设备可以包括:Wherein, as shown in Figure 1, the vehicle-mounted authentication device may include:
内部存储器120,用于存储计算机程序/指令;Internal memory 120 for storing computer programs/instructions;
通信模块130,用于和移动设备进行通信,比如用于与如图3中所示的移动设备300或者图4中所示的移动设备M1、M2、M3进行通信;a communication module 130, configured to communicate with a mobile device, for example, to communicate with the mobile device 300 shown in FIG. 3 or the mobile devices M1, M2, and M3 shown in FIG. 4;
处理器110,用于执行内部存储器120中的计算机程序/指令,当所述计算机程序/指令被执行时:所述处理器110获取目标用户的生物特征信息;其中,所述目标用户落座于所述车辆的目标座椅,所述目标座椅位于所述车辆的驾驶室内。所述处理器110根据与第一移动设备关联的第一密钥对所述生物特征信息进行加密,以及通过所述通信模块130向所述第一移动设备发送加密后的所述生物特征信息;其中,所述第一移动设备与所述车载认证设备建立了通信连接,所述第一移动设备中部署了所述车辆的数字钥匙,所述车载认证设备已确定所述数字钥匙通过认证。所述处理器110通过所述通信模块130接收来自所述第一移动设备的匹配结果;其中,所述匹配结果用于指示所述生物特征信息与生物特征模板是否匹配。所述处理器110接收车辆启动信号。所述处理器110在所述匹配结果指示了所述生物特征信息与生物特征模板相匹配的情况下,触发所述车辆的车辆控制装置启动所述车辆。The processor 110 is configured to execute the computer program/instruction in the internal memory 120, when the computer program/instruction is executed: the processor 110 obtains the biometric information of the target user; wherein, the target user is seated in the The target seat of the vehicle is located in the cab of the vehicle. The processor 110 encrypts the biometric information according to the first key associated with the first mobile device, and sends the encrypted biometric information to the first mobile device through the communication module 130; Wherein, the first mobile device establishes a communication connection with the vehicle-mounted authentication device, the digital key of the vehicle is deployed in the first mobile device, and the vehicle-mounted authentication device has determined that the digital key has passed the authentication. The processor 110 receives the matching result from the first mobile device through the communication module 130; wherein the matching result is used to indicate whether the biometric information matches the biometric template. The processor 110 receives a vehicle activation signal. The processor 110 triggers the vehicle control device of the vehicle to start the vehicle if the matching result indicates that the biometric information matches the biometric template.
可以理解,该第一移动设备可以包括前述方法实施例中所述的移动设备M1,该第一密钥可以是与第一移动设备和车载认证设备建立的通信连接相关联的密钥。It can be understood that the first mobile device may include the mobile device M1 described in the foregoing method embodiments, and the first key may be a key associated with the communication connection established between the first mobile device and the vehicle-mounted authentication device.
可以理解,处理器110可以和车载认证设备的其它功能模块相协作,比如与摄像头、安全带检测电路相协作,实现前述方法实施例中由车载认证设备执行的一个或多个步骤,协作过程可参考前述方法实施例以及对如图1所示车载认证设备100的相关介绍,这里不再赘述。It can be understood that the processor 110 can cooperate with other functional modules of the in-vehicle authentication device, such as cooperating with a camera and a seat belt detection circuit, to implement one or more steps performed by the in-vehicle authentication device in the foregoing method embodiments. Referring to the foregoing method embodiments and the related introduction to the in-vehicle authentication device 100 shown in FIG. 1 , details are not repeated here.
本领域普通技术人员可以意识到,结合本文中所公开的实施例描述的各示例的单元及算法步骤,能够以电子硬件、或者计算机软件和电子硬件的结合来实现。这些功能究竟以硬件还是软件方式来执行,取决于技术方案的特定应用和设计约束条件。专业技术人员可以对每个特定的应用来使用不同方法来实现所描述的功能,但是这种实现不应认为超出本申请实施例的范围。Those of ordinary skill in the art can realize that the units and algorithm steps of each example described in conjunction with the embodiments disclosed herein can be implemented in electronic hardware, or a combination of computer software and electronic hardware. Whether these functions are performed in hardware or software depends on the specific application and design constraints of the technical solution. Experts may use different methods for each specific application to implement the described functions, but such implementation should not be considered beyond the scope of the embodiments of the present application.
可以理解,在本申请实施例的各种实施例中,上述各过程的序号的大小并不意味着执行顺序的先后,各过程的执行顺序应以其功能和内在逻辑确定,而不应对本申请实施例的实施过程构成任何限定。此外,所属领域的技术人员可以清楚地了解到,为描述的方便和简洁,上述车载认证设备的具体工作过程,可以参考前述方法实施例中的对应过程,在此不再赘述。It can be understood that, in various embodiments of the embodiments of the present application, the size of the sequence numbers of the above-mentioned processes does not mean the sequence of execution, and the execution sequence of each process should be determined by its functions and internal logic, and should not be applied to the present application. The implementation of the embodiments constitutes no limitation. In addition, those skilled in the art can clearly understand that, for the convenience and brevity of description, the specific working process of the above-mentioned vehicle-mounted authentication device may refer to the corresponding process in the foregoing method embodiments, which will not be repeated here.
可以理解,以上所描述的装置实施例是示意性的,例如,所述模块/单元的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个单元或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另一点,所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口,装置或单元的间接耦合或通信连接,可以是电性,机械或其它的形式。It can be understood that the device embodiments described above are schematic, for example, the division of the modules/units is only a logical function division, and other division methods may be used in actual implementation, for example, multiple units or components may be Combinations can either be integrated into another system, or some features can be omitted, or not implemented. On the other hand, the shown or discussed mutual coupling or direct coupling or communication connection may be through some interfaces, indirect coupling or communication connection of devices or units, and may be in electrical, mechanical or other forms.
以上仅为本申请实施例的具体实施方式,但本申请实施例的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本申请实施例揭露的技术范围内,可轻易想到变化或替换,都应涵盖在本申请实施例的保护范围之内The above are only specific implementations of the embodiments of the present application, but the protection scope of the embodiments of the present application is not limited thereto. Any person skilled in the art can easily think of changes or Replacement, all should be covered within the protection scope of the embodiments of the present application
最后需要说明的是,以上实施例仅用以说明本申请的技术方案,而未对其限制;尽管参照前述实施例对本申请进行了详细的说明,本领域的普通技术人员应当理解,依然可以对前述各个实施例中所提供的技术方案进行修改,或者对其中部分技术特征进行等同替换,而这 些修改或替换,并不使相应技术方案的本质脱离本申请各个实施例中所提供技术方案的精神和范围。Finally, it should be noted that the above embodiments are only used to illustrate the technical solutions of the present application, but not to limit them; although the present application has been described in detail with reference to the foregoing embodiments, those of ordinary skill in the art should understand that it is still possible to The technical solutions provided in the foregoing embodiments are modified, or some technical features thereof are equivalently replaced, and these modifications or replacements do not make the essence of the corresponding technical solutions depart from the spirit of the technical solutions provided in the various embodiments of the present application and range.

Claims (17)

  1. 一种车辆的启动控制方法,其特征在于,应用于所述车辆的车载认证设备,包括:A vehicle startup control method, characterized in that the vehicle-mounted authentication device applied to the vehicle comprises:
    获取目标用户的生物特征信息;其中,所述目标用户落座于所述车辆的目标座椅,所述目标座椅位于所述车辆的驾驶室内;acquiring biometric information of a target user; wherein the target user is seated in a target seat of the vehicle, and the target seat is located in a cab of the vehicle;
    根据与第一移动设备关联的第一密钥对所述生物特征信息进行加密,以及向所述第一移动设备发送加密后的所述生物特征信息;其中,所述第一移动设备与所述车载认证设备建立了通信连接,所述第一移动设备中部署了所述车辆的数字钥匙,所述车载认证设备已确定所述数字钥匙通过认证;The biometric information is encrypted according to a first key associated with a first mobile device, and the encrypted biometric information is sent to the first mobile device; wherein the first mobile device and the The in-vehicle authentication device has established a communication connection, the digital key of the vehicle is deployed in the first mobile device, and the in-vehicle authentication device has determined that the digital key has passed the authentication;
    接收来自所述第一移动设备的匹配结果;其中,所述匹配结果用于指示所述生物特征信息与生物特征模板是否匹配;receiving a matching result from the first mobile device; wherein the matching result is used to indicate whether the biometric information matches a biometric template;
    接收车辆启动信号;Receive vehicle start signal;
    在所述匹配结果指示了所述生物特征信息与生物特征模板相匹配的情况下,触发所述车辆的车辆控制装置启动所述车辆。In a case where the matching result indicates that the biometric information matches the biometric template, a vehicle control device of the vehicle is triggered to start the vehicle.
  2. 根据权利要求1所述的方法,其特征在于,The method of claim 1, wherein:
    在所述获取目标用户的生物特征信息之前,还包括:Before obtaining the biometric information of the target user, the method further includes:
    确定是否达到采集生物特征信息的触发条件;determining whether a trigger condition for collecting biometric information is met;
    如果是,启动所述车载认证设备的信息采集单元;其中,所述信息采集单元用于采集目标用户的生物特征信息。If yes, start the information collection unit of the vehicle-mounted authentication device; wherein, the information collection unit is used to collect the biometric information of the target user.
  3. 根据权利要求2所述的方法,其特征在于,The method of claim 2, wherein:
    采集生物特征信息的触发条件包括以下各项中的至少一项:目标用户落座于目标座椅、落座于目标座椅的目标用户系了安全带,以及所述车辆的车门处于关闭状态。Trigger conditions for collecting biometric information include at least one of the following: the target user is seated on the target seat, the target user seated in the target seat is wearing a seat belt, and the door of the vehicle is closed.
  4. 根据权利要求1所述的方法,其特征在于,The method of claim 1, wherein:
    在所述获取目标用户的生物特征信息之前,还包括:Before obtaining the biometric information of the target user, the method further includes:
    采集所述车辆的驾驶室的至少两张场景图像;collecting at least two scene images of the cab of the vehicle;
    根据所述至少两张场景图像,确定是否存在目标用户执行了至少一个预设动作;其中,所述至少一个预设动作包括以下各个动作中的至少一个:落座于目标座椅、系安全带,以及目光注视于所述车载认证设备的信息采集单元;According to the at least two scene images, it is determined whether there is a target user who has performed at least one preset action; wherein, the at least one preset action includes at least one of the following actions: sitting on the target seat, wearing a seat belt, and gaze at the information collection unit of the vehicle-mounted authentication device;
    如果是,则确定存在目标用户执行了至少一个预设动作。If so, it is determined that there is a target user who has performed at least one preset action.
  5. 根据权利要求4所述的方法,其特征在于,The method of claim 4, wherein:
    所述获取目标用户的生物特征信息,包括:从所述至少两张场景图像中提取目标用户的人脸图像。The acquiring biometric information of the target user includes: extracting a face image of the target user from the at least two scene images.
  6. 根据权利要求4所述的方法,其特征在于,The method of claim 4, wherein:
    在所述根据与第一移动设备关联的第一密钥对所述生物特征信息进行加密之前,还包括:Before the encrypting the biometric information according to the first key associated with the first mobile device, further comprising:
    确定所述人脸图像是否满足预设条件;其中,所述预设条件包括以下各项中的至少一项:人脸图像的亮度值达到预设阈值、人脸图像不存在遮挡现象,以及人脸图像的位姿满足预定要求;Determine whether the face image satisfies a preset condition; wherein, the preset condition includes at least one of the following items: the brightness value of the face image reaches a preset threshold, the face image does not have occlusion phenomenon, and the human face image The pose of the face image meets the predetermined requirements;
    如果是,则确定所述人脸图像满足预设条件。If yes, it is determined that the face image satisfies the preset condition.
  7. 根据权利要求1至6中任一项所述的方法,其特征在于,所述方法还包括:The method according to any one of claims 1 to 6, wherein the method further comprises:
    在所述匹配结果指示了所述生物特征信息与生物特征模板相匹配的情况下,令所述车辆的当前状态由不可启动状态切换至可启动状态;In the case that the matching result indicates that the biometric information matches the biometric template, switching the current state of the vehicle from a non-startable state to a startable state;
    所述在所述匹配结果指示了生物特征信息与生物特征模板相匹配的情况下,触发所述车 辆的车辆控制装置启动所述车辆,包括:在所述车辆的当前状态为可启动状态的情况下,触发所述车辆的车辆控制装置启动所述车辆。Triggering the vehicle control device of the vehicle to start the vehicle when the matching result indicates that the biometric information matches the biometric template includes: when the current state of the vehicle is a startable state next, trigger the vehicle control device of the vehicle to start the vehicle.
  8. 根据权利要求7所述的方法,其特征在于,所述方法还包括:The method according to claim 7, wherein the method further comprises:
    当存在状态切换事件时,令所述车辆的当前状态由可启动状态切换至不可启动状态;其中,所述状态切换事件包括以下各个事件中的至少一个:落座于目标座椅的目标用户离开目标座椅、目标座椅对应的安全带检测电路由导通切换至断开、所述车辆的车门由关闭状态切换至开启状态,以及所述车辆处于可启动状态的持续时间到达预定时长。When there is a state switching event, the current state of the vehicle is switched from a startable state to a non-startable state; wherein, the state switching event includes at least one of the following events: the target user sitting on the target seat leaves the target The seat belt detection circuit corresponding to the seat and the target seat is switched from on to off, the door of the vehicle is switched from the closed state to the open state, and the vehicle is in the startable state for a predetermined time duration.
  9. 根据权利要求1至8中任一项所述的方法,其特征在于,The method according to any one of claims 1 to 8, characterized in that,
    在所述根据第一移动设备关联的第一密钥对所述生物特征信息进行加密之前,还包括:Before encrypting the biometric information according to the first key associated with the first mobile device, the method further includes:
    确定多个第二移动设备各自的位置信息;其中,所述第二移动设备与所述车载认证设备建立了通信连接,所述第二移动设备中部署了所述车辆的数字钥匙,所述车载认证设备已确定所述第二移动设备中部署的数字钥匙通过认证;Determine the respective location information of a plurality of second mobile devices; wherein, the second mobile device establishes a communication connection with the vehicle-mounted authentication device, the digital key of the vehicle is deployed in the second mobile device, and the vehicle-mounted authentication device is deployed in the second mobile device. The authentication device has determined that the digital key deployed in the second mobile device is authenticated;
    根据所述多个第二移动设备各自的位置信息,确定位于所述车辆的驾驶室内的所述第一移动设备。The first mobile device located in the cab of the vehicle is determined according to the respective location information of the plurality of second mobile devices.
  10. 一种车载认证设备,其特征在于,包括:通信模块、存储器和处理器;其中,An in-vehicle authentication device is characterized in that, comprising: a communication module, a memory and a processor; wherein,
    所述存储器中存储有计算机程序/指令;a computer program/instruction is stored in the memory;
    所述通信模块用于与第一移动设备进行通信;the communication module is used to communicate with the first mobile device;
    所述处理器执行所述计算机程序/指令时,使得所述车载认证设备实现权利要求1至9任一项所述的方法。When the processor executes the computer program/instructions, the in-vehicle authentication device implements the method of any one of claims 1 to 9.
  11. 根据权利要求10所述的车载认证设备,其特征在于,The in-vehicle authentication device according to claim 10, wherein:
    所述车载认证设备还包括:信息采集单元,用于采集目标用户的生物特征信息。The in-vehicle authentication device further includes: an information collection unit for collecting biometric information of the target user.
  12. 根据权利要求11所述的车载认证设备,其特征在于,The in-vehicle authentication device according to claim 11, wherein:
    所述信息采集单元包括摄像头;The information collection unit includes a camera;
    所述生物特征信息包括人脸图像。The biometric information includes an image of a human face.
  13. 根据权利要求10至12中任一所述的车载认证设备,其特征在于,The in-vehicle authentication device according to any one of claims 10 to 12, characterized in that:
    所述车载认证设备还包括:车门传感器,用于当车门处于关闭状态时,向所述处理器提供传感信号;其中,所述传感信号用于指示车门处于关闭状态。The in-vehicle authentication device further includes: a door sensor, configured to provide a sensing signal to the processor when the vehicle door is in a closed state; wherein the sensing signal is used to indicate that the vehicle door is in a closed state.
  14. 根据权利要求10至13中任一所述的车载认证设备,其特征在于,The in-vehicle authentication device according to any one of claims 10 to 13, wherein:
    所述车载认证设备还包括:座椅传感器;其中,The in-vehicle authentication device further includes: a seat sensor; wherein,
    所述座椅传感器设置于目标座椅上;the seat sensor is arranged on the target seat;
    所述座椅传感器,用于当存在目标用户落座于目标座椅时,向所述处理器提供触发信号;其中,所述触发信号用于指示存在目标用户落座于目标座椅。The seat sensor is configured to provide a trigger signal to the processor when there is a target user sitting on the target seat; wherein the trigger signal is used to indicate that the target user is sitting on the target seat.
  15. 根据权利要求10至14中任一所述的车载认证设备,其特征在于,The in-vehicle authentication device according to any one of claims 10 to 14, wherein:
    所述车载认证设备还包括:安全带检测电路,用于检测落座于目标座椅的用户是否系了安全带。The in-vehicle authentication device further includes: a seat belt detection circuit for detecting whether the user seated in the target seat is wearing a seat belt.
  16. 一种计算机可读存储介质,用于存储计算机程序/指令,当所述计算机程序/指令在车载认证设备上运行时,使得所述车载认证设备执行权利要求1至9中任一项所述的方法。A computer-readable storage medium for storing a computer program/instruction, when the computer program/instruction is executed on an in-vehicle authentication device, the in-vehicle authentication device is made to execute the method described in any one of claims 1 to 9. method.
  17. 一种包含计算机程序/指令的计算机程序产品,其特征在于,当所述计算机程序产品在电子设备上运行时,使得所述电子设备执行权利要求1-9中任一项所述的方法。A computer program product comprising a computer program/instruction, characterized in that, when the computer program product is run on an electronic device, the electronic device is caused to perform the method of any one of claims 1-9.
PCT/CN2021/107483 2020-08-06 2021-07-21 Vehicle start control method and vehicle-mounted authentication device WO2022028246A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202010785537.9A CN114095924A (en) 2020-08-06 2020-08-06 Vehicle start control method and vehicle-mounted authentication device
CN202010785537.9 2020-08-06

Publications (1)

Publication Number Publication Date
WO2022028246A1 true WO2022028246A1 (en) 2022-02-10

Family

ID=80116970

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2021/107483 WO2022028246A1 (en) 2020-08-06 2021-07-21 Vehicle start control method and vehicle-mounted authentication device

Country Status (2)

Country Link
CN (1) CN114095924A (en)
WO (1) WO2022028246A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115150365A (en) * 2022-06-02 2022-10-04 上海集度汽车有限公司 Multimedia function application method, device, vehicle and storage medium
WO2024041630A1 (en) * 2022-08-26 2024-02-29 京东方科技集团股份有限公司 Method for operating vehicle

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108082124A (en) * 2017-12-18 2018-05-29 奇瑞汽车股份有限公司 A kind of method and apparatus using bio-identification control vehicle
CN109849847A (en) * 2019-04-03 2019-06-07 奇瑞汽车股份有限公司 A kind of automotive theft proof system, method and automobile
CN109895736A (en) * 2019-02-19 2019-06-18 汉腾汽车有限公司 Safe opening door device and safe opening of car door method based on face recognition technology
KR102099570B1 (en) * 2019-02-26 2020-04-16 현대모비스 주식회사 Remote control system of a vehicle and operating method thereof

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
BR112016029038B1 (en) * 2014-06-11 2023-02-28 Veridium Ip Limited SYSTEM AND METHOD TO FACILITATE USER ACCESS TO VEHICLES BASED ON BIOMETRIC INFORMATION
CN106335469B (en) * 2016-09-04 2019-11-26 深圳市云智易联科技有限公司 Vehicle-mounted authentication method, system, car-mounted device, mobile terminal and server
CN111071203A (en) * 2019-12-20 2020-04-28 北京宝沃汽车股份有限公司 Keyless control system and method for vehicle

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108082124A (en) * 2017-12-18 2018-05-29 奇瑞汽车股份有限公司 A kind of method and apparatus using bio-identification control vehicle
CN109895736A (en) * 2019-02-19 2019-06-18 汉腾汽车有限公司 Safe opening door device and safe opening of car door method based on face recognition technology
KR102099570B1 (en) * 2019-02-26 2020-04-16 현대모비스 주식회사 Remote control system of a vehicle and operating method thereof
CN109849847A (en) * 2019-04-03 2019-06-07 奇瑞汽车股份有限公司 A kind of automotive theft proof system, method and automobile

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115150365A (en) * 2022-06-02 2022-10-04 上海集度汽车有限公司 Multimedia function application method, device, vehicle and storage medium
WO2024041630A1 (en) * 2022-08-26 2024-02-29 京东方科技集团股份有限公司 Method for operating vehicle

Also Published As

Publication number Publication date
CN114095924A (en) 2022-02-25

Similar Documents

Publication Publication Date Title
US9842443B1 (en) Computing device as a vehicle key
JP4636171B2 (en) Biometric authentication system for vehicles
US11537699B2 (en) Authentication techniques in response to attempts to access sensitive information
US20180205728A1 (en) Biometric Device Pairing
US7697737B2 (en) Method and system for providing fingerprint enabled wireless add-on for personal identification number (PIN) accessible smartcards
JP6063859B2 (en) Portable key device and device control method
US9571284B2 (en) Controlling access to personal information stored in a vehicle using a cryptographic key
CN111835689B (en) Identity authentication method of digital key, terminal device and medium
US20050030151A1 (en) Secure authentication of a user to a system and secure operation thereafter
JP2017001615A (en) Authentication apparatus, authentication system, and authentication method
US20210229633A1 (en) Biometric user authenticating keys for vehicles and methods of use
US11463449B2 (en) Authentication for key access
US11044611B2 (en) Authentication for device access
JP5272815B2 (en) Vehicle anti-theft device, vehicle anti-theft method, and program
CN114120487A (en) Automobile digital key management method, system, equipment and storage medium
WO2022028246A1 (en) Vehicle start control method and vehicle-mounted authentication device
CN111919217A (en) Method, device, communication equipment and storage medium for registering biological characteristics
JP6958283B2 (en) Delivery management system
CN111559342B (en) Vehicle control method and device and vehicle
KR20220098656A (en) Vehicle authentication system and vehicle authentication method based on bluetooth low energy and fingerprint
JP4578984B2 (en) Keyless entry system
CN115705422A (en) Vehicle setting system corresponding to occupant and vehicle
CN107274520A (en) Information processing method and device
KR20120046582A (en) System and method for smart key authentication in vehicle
JP2019114907A (en) On-vehicle device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21853331

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 21853331

Country of ref document: EP

Kind code of ref document: A1