1. Patent Search
  2. Details

METHOD FOR AUTHORIZING A DRIVER TO ACTIVATE AT LEAST ONE SYSTEM OF A VEHICLE, BASED ON A BIOMETRIC AUTHENTICATION PROCESS

20190061691 ยท 2019-02-28

    Inventors

    Cpc classification

    International classification

    Abstract

    A method for authorizing a driver to activate at least one system of a vehicle, based on a biometric authentication process. The method comprises an enrollment step, a reservation step, an access step, an authentication step, then an activation step or a refusal step. In the access step, when device enters a predetermined range from the vehicle, device provides the vehicle identifier to vehicle, while vehicle provides the device identifier to device, thus establishing a wireless communication between device and vehicle. Driver is granted access to vehicle upon completion of a secured protocol. Device provides biometric data to vehicle via the wireless communication. In the authentication step, vehicle processes the data to restore the enrollment biometric data. A reader equipping vehicle is used for scanning authentication biometric data of driver. The authentication biometric data are then compared with the enrollment biometric data registered in the vehicle.

    Claims

    1. A method for authorizing a driver to activate at least one system of a vehicle, based on a biometric authentication process, said method comprising: an enrollment step including: scanning enrollment biometric data of the driver, splitting the enrollment biometric data into a first part registered in a personal device of the driver and a second part registered in a server distinct from the personal device, a reservation step in which: the driver requests a vehicle to the server, a device identifier of the personal device is provided to the server, a vehicle having a vehicle identifier is assigned to the driver, the server provides a first data set including the vehicle identifier of the vehicle to the personal device via a first wireless communication, the server provides a second data set including the device identifier and the second part of the enrollment biometric data to the vehicle via a second wireless communication, an access step in which: when the personal device enters a predetermined range from the vehicle, the personal device provides the vehicle identifier to the vehicle, while the vehicle provides the device identifier to the personal device, thus establishing a third wireless communication between the personal device and the vehicle, the driver is granted access to the vehicle upon completion of a secured protocol, the personal device provides the first part of the biometric data to the vehicle, via the third wireless communication, an authentication step, in which: the vehicle processes the first part and the second part to restore the enrollment biometric data in a secured memory, a reader equipping the vehicle is used for scanning authentication biometric data of the driver, the authentication biometric data are compared with the enrollment biometric data registered in the secured memory of the vehicle, then an activation step consisting, if the authentication biometric data match with the enrollment biometric data, in authorizing the driver to activate the at least one system of the vehicle, or a refusal step consisting, if the authentication biometric data does not match with the enrollment biometric data, in forbidding the driver to activate the at least one system of the vehicle.

    2. The method according to claim 1, wherein in the reservation step, an access code is included in both the first data set and the second data set.

    3. The method according to claim 2, wherein in the access step, the secured protocol granting access to the vehicle consists in manually typing the access code on an external keypad equipping the vehicle.

    4. The method according to claim 2, wherein in the access step, the secured protocol granting access to the vehicle consists in entering the access code in a dedicated application installed on the personal device.

    5. The method according to claim 1, wherein in the access step, the secured protocol granting access to the vehicle simply consists in establishing the third wireless communication between the personal device and the vehicle when the personal device enters a predetermined range from the vehicle.

    6. The method according to claim 1, wherein the access step and the authentication step are at least partly concomitant, and wherein the secured protocol granting access to the vehicle in the access step consists in authenticating the driver when the authentication biometric data match with the enrollment biometric data in the authentication step.

    7. The method according to claim 1, wherein the personal device provides the first part of the biometric data to the vehicle after completion of the secured protocol.

    8. The method according to claim 1, wherein the personal device provides the first part of the biometric data to the vehicle automatically after establishing the third wireless communication.

    9. The method according to claim 1, wherein in the reservation step, a transfer code is included in both the first data set and the second data set, and wherein the personal device provides the first part of the biometric data to the vehicle after entering the transfer code in a dedicated application installed on the personal device.

    10. The method according to claim 1, wherein the third wireless communication implements a communication standard different from the first wireless communication and the second wireless communication.

    11. The method according to claim 1, wherein the enrollment biometric data are erased from the secured memory of the vehicle after the driver relocks the vehicle or after a predefined period of time.

    12. The method according to claim 1, wherein the biometric data include at least one fingerprint, a palmar venous network, an eye iris, facial features and/or voice.

    13. The method according to claim 1, wherein the server is an independent personal device distinct from the personal device of the driver.

    14. The method according to claim 1, wherein the reader used in the authentication step is integrated to a shifter equipping the vehicle.

    15. The method according to claim 1, wherein the reader used in the authentication step is a camera oriented outside the vehicle.

    16. The method according to claim 1, wherein the reader used in the authentication step is a camera designed for driving assistance.

    Description

    DESCRIPTION OF THE DRAWINGS

    [0063] At least some embodiments will now be explained in correspondence with the annexed figures, and as an illustrative example, without restricting the object of the invention. In the annexed figures:

    [0064] FIG. 1 is a chart illustrating an embodiment of the method according to the invention;

    [0065] FIG. 2 is a schematic view illustrating the access step of the method;

    [0066] FIG. 3 is a schematic view illustrating the authentication step of the method;

    [0067] FIG. 4 is a schematic view illustrating the activation step of the method; and

    [0068] FIG. 5 is a schematic view illustrating the refusal step of the method.

    DETAILED DESCRIPTION

    [0069] FIGS. 1 to 5 illustrate an embodiment of the method according to the invention, for authorizing a driver 2 to activate at least one system of a vehicle 5, based on a biometric authentication process.

    [0070] The method comprises an enrollment step 110, a reservation step 120, an access step 130 and an authentication step 140. The method further comprises an activation step 150 or a refusal step 160, following the authentication step 140, depending on the success or failure of the biometric authentication process.

    [0071] The enrollment step 110 can be performed at a dedicated location, outside vehicle 5. The dedicated location may be an enrollment center, used to manage a fleet of vehicles 5. The enrollment center comprises a biometric scanner for scanning the fingerprint of driver 2, and a server 4 storing vehicle identifiers 50 associated with different vehicles 5. Alternately; step 110 can be performed by using a biometric scanner outside enrollment center, inside or outside vehicle 5, then sending data to server 4.

    [0072] The enrollment step 110 consists in scanning enrollment biometric data 20 of driver 2, then splitting the enrollment biometric data 20 into a first part 21 and a second part 22. Driver 2 owns a personal device 3, such as a smartphone.

    [0073] In the represented example, data 20 is a fingerprint of driver 2. Alternately, data 20 may be a palmar venous network, an eye iris, facial features, voice, or any other suitable biometric data.

    [0074] Server 4 processes data 20 to create parts 21 and 22. In the represented example, part 21 corresponds to the upper part of the fingerprint, while part 22 corresponds to the lower part of the fingerprint. Thus, data 20 cannot be reconstituted when parts 21 and 22 are taken alone but can be reconstituted when parts 21 and 22 are reunited. Alternately, parts 21 and 22 can comprise any portions of data 20, preventing to reconstitute data 20 when parts 21 and 22 are taken alone and allowing to reconstitute data 20 when parts 21 and 22 are reunited.

    [0075] Part 21 is registered in device 3 of the driver 2, such as a smartphone. Part 22 is registered in the server 4. Data 20 and part 21 are then deleted from server 4. Thus, server 4 does not store full data 20 corresponding to the fingerprint.

    [0076] The reservation step 120 can be performed via a dedicated application installed on device 3, via a dedicated website, or directly at the enrollment center.

    [0077] Firstly, driver 2 requests one of the vehicles 5 from the fleet to server 4.

    [0078] Secondly, a device identifier 30 corresponding to device 3 is provided to server 4.

    [0079] Thirdly, a vehicle 5 having a vehicle identifier 50 is assigned to driver 2. Moreover, an access code 33 is assigned to vehicle 5 and driver 2.

    [0080] At this stage, server 4 provides a first data set 41 including the vehicle identifier 50 and the access code 33 to device 3 via a wireless communication 61, and provides a second data set 42 including the device identifier 30, the access code 33 and the second part 22 of the enrollment biometric data 20 to vehicle 5 via another wireless communication 62.

    [0081] Communications 61 and 62 may implement a mobile communication standard(s), for example 3G, 4G, GSM, EDGE, LTE, etc. Alternately, communications 61 and 62 can implement any other wireless communication standard.

    [0082] Also, data 41, 42 and communications 61, 62 may implement encryption techniques.

    [0083] The access step 130 is performed when driver 2 reaches vehicle 5, in order to allow driver 2 to enter vehicle 5.

    [0084] Vehicle 5 comprises a secured memory 11 connected to or integrated into its electronic central unit. Vehicle 5 further comprises an engine 12, a steering wheel 13, a steering column 14, several doors 15, a rear trunk 16, a shifter 17, a biometric scanner 18, and an external keypad 19. Secured memory 11 may be integrated to the electronic board disposed inside the base of shifter 17. Also, scanner 18 may be disposed at the upper extremity of the knob of shifter 17.

    [0085] When device 3 enters a predetermined range from vehicle 5, device 3 provides the vehicle identifier 50 to vehicle 5, while vehicle 5 provides the device identifier 30 to device 3. Thus, a wireless communication 63 is established between device 3 and vehicle 5.

    [0086] Driver 2 is granted access to the vehicle 5 upon completion of a secured protocol 70. On the represented example, the secured protocol 70 consists in manually typing the access code 33 on the external keypad 19 equipping vehicle 5.

    [0087] Alternately, the secured protocol 70 can consist in entering the access code 33 in the dedicated application installed on device 3.

    [0088] Communication 63 may be established automatically, independently of completion of protocol 70, when device 3 provides the vehicle identifier 50 to vehicle 5, while vehicle 5 provides the device identifier 30 to device 3.

    [0089] Alternately, communication 63 can be established only after completion of the secured protocol 70.

    [0090] The third wireless communication may implement Bluetooth communication standard. Also, communication 63 may implement a communication standard different from communications 61 and 62. Also, communication 632 may implement encryption techniques.

    [0091] During the access step 130, device 3 provides part 21 of biometric data 20 to vehicle 5 via communication 63.

    [0092] Device 3 may provide part 21 of data 20 to vehicle 5 after completion of the secured protocol 70 granting access to vehicle 5. In this regard, vehicle 5 can confirm to device 3 that protocol 70 has been complete, so that device 3 will provide part 21 of data 20.

    [0093] Alternately, device 3 can provide part 21 of data 20 to vehicle 5 automatically after establishing communication 63, independently of completion of the secured protocol 70 granting access to vehicle 5.

    [0094] Alternately, in the reservation step 120, a transfer code different from the access code 33 can be included in both the first data set 41 and the second data set 42. Device 3 provides the first part 21 of data 20 to vehicle 5 after entering the transfer code in the dedicated application installed on device 3, independently of completion of the secured protocol 70 granting access to vehicle 5.

    [0095] In the authentication step 140, vehicle 5 processes part 21 provided by device 3 and part 22 previously provided by server 4 to restore the enrollment biometric data 20 in the secured memory 11.

    [0096] Driver 2 uses reader 18 is used for scanning authentication biometric data 23.

    [0097] Then, the authentication biometric data 23 are compared with the enrollment biometric data 20 registered in memory 11 of vehicle 5. Data 23 may be used for comparison but not registered in memory 11. Alternatively, data 23 may be temporarily registered in memory 11.

    [0098] The activation step 150 consists, if data 23 match with data 20, in authorizing driver 2 to activate systems 12 and 14 of vehicle 5. In other words, driver 2 can ignite engine 12 and rotate steering column 14, so as to drive vehicle 5.

    [0099] The refusal step 160 consists, if data 23 does not match with data 20, in forbidding driver 2 to activate systems 12 and 14 of vehicle 5. In other words, driver 2 cannot ignite engine 12, nor rotate steering column 14. In addition, vehicle 5 may be configured such that its handbrake is locked when data 23 does not match data 20. As an alternative or a complement, vehicle 5 may be configured for issuing a warning signal, especially a visual signal and/or a sound signal, inside vehicle 5 and/or to the server 4. Other results may be implemented within the scope of the invention.

    [0100] Data 20, 21, 22 and 23 may be erased from secured memory 11 of vehicle 5 when driver 2 relocks vehicle 5 (more precisely when driver 2 relocks openings 15 and 16 when leaving vehicle 5) or after a predefined period of time (starting at relocking of openings 15 and 16, or another predefined event).

    [0101] Such method is advantageously secured, given that sensitive personal biometric data 20, 21, 22 and 23 do not stay stored in vehicle 5. Thus, these data cannot be recovered and used by someone having access to vehicle 5.

    [0102] In addition, only data 20, 21, 22 and 23 corresponding to current driver 2 are stored in memory 11 at a given time. This speeds up comparison between data 20 and 23, and activation of system 12 and/or 14 of vehicle 5.

    [0103] As shown on FIGS. 1 to 5, the enrollment step 110 precedes the reservation step 120, which precedes the access step 130. The access step 130 usually precedes the authentication step 140. The authentication step 140 precedes the activation step 150 or the refusal step 160.

    [0104] Alternately, the access step 130 and the authentication step 140 can be partly concomitant.

    [0105] For example, the secured protocol 70 granting access to vehicle 5 in the access step 130 can consist in authenticating the driver 2 when the authentication biometric data 23 match with the enrollment biometric data 20 in the authentication step 140.

    [0106] In this case, the sub-steps of steps 130 and 140 are performed according to the following sequence:

    [0107] When device 3 enters a predetermined range from vehicle 5, device 3 provides the vehicle identifier 50 to vehicle 5, while vehicle 5 provides the device identifier 30 to device 3, thus establishing communication 63 between device 3 and vehicle 5.

    [0108] Device 3 provides part 21 of data 20 to vehicle 5 via communication 63.

    [0109] Vehicle 5 processes parts 21 and 22 to restore data 20 in memory.

    [0110] Reader 18 is used for scanning the authentication biometric data 23 of driver 2.

    [0111] Data 23 are compared with data 20.

    [0112] If data 23 match with data 20, driver 2 is granted access to vehicle 5. In addition, driver 2 is authorized to activate systems 12 and 14 of vehicle 5.

    [0113] Other non-shown embodiments can be implemented within the scope of the invention. In addition, technical features of different embodiments can be, in whole or part, combined with each other. Thus, light module 10 can be adapted to the specific requirements of the application.