JP7542691B2 - User identification system and user identification method - Google Patents

Description

An embodiment of the present invention relates to a user identification system and a user identification method.

Previously, there have been systems that use the vehicle-mounted device ID transmitted from an ETC vehicle-mounted device to control the opening and closing of entry/exit control sections in apartment complexes and commercial facilities. However, because the vehicle-mounted device ID transmitted from the vehicle-mounted device is an ID associated with the vehicle, it is not possible to accurately identify the people inside the vehicle. As a result, the above-mentioned systems could not be used in places where high security is required.

JP 2005-227996 A JP 2009-294310 A

"Condominium parking lot (Condominium ETC system)", [online], [Retrieved May 24, 2016], Internet <URL: http://www.furuno.com/jp/dsrc/case/enter_leave/>

The problem that this invention aims to solve is to provide a user identification system and method that can identify people inside a vehicle with greater accuracy.

The entry/exit system of the embodiment has an on-board device ID matching device, an entry/exit management device, and an entry/exit roadside device. The information control unit of the on-board device ID matching device identifies the mobile terminal ID of the mobile terminal carried by the person riding in the vehicle based on the on-board device ID, which is identification information of the on-board device of the vehicle that has entered the entry/exit system, and transmits the mobile terminal ID to the entry/exit management device. The entry/exit management device authentication processing unit executes authentication processing on the matching information received by the entry/exit management device. The entry/exit control unit of the entry/exit roadside device determines whether to open or close the entry/exit inhibition unit based on the result of the authentication processing.

1 is a schematic diagram showing a specific application example of the entrance/exit system 1 of the first embodiment. FIG. 1 is a system configuration diagram showing the system configuration of an entrance/exit system 1. FIG. 2 is a schematic block diagram showing the functional configuration of the vehicle-mounted device 100. FIG. 5 is a schematic block diagram showing the functional configuration of a mobile terminal 500. FIG. 2 is a sequence diagram showing the processing flow of the entrance/exit system 1 in the first embodiment. FIG. 11 is a system configuration diagram showing the system configuration of an entrance/exit system 2 according to a second embodiment. FIG. 11 is a sequence diagram showing the flow of processing until an operator links and registers an in-vehicle device ID, a facility ID, and a mobile terminal ID in the entry/exit system 2 in the second embodiment. FIG. 11 is a sequence diagram showing the processing flow of the entrance/exit system 2 in the second embodiment. FIG. 13 is a system configuration diagram showing the system configuration of an entrance/exit system 3 in a third embodiment. FIG. 13 is a sequence diagram showing a process flow until use of a vehicle-mounted device ID and a mobile terminal ID is started in the entry/exit system 3 according to the third embodiment. FIG. 13 is a sequence diagram showing the processing flow of the entrance/exit system 3 in the third embodiment.

The following describes the embodiment of the entrance/exit system and entrance/exit control method with reference to the drawings.

First Embodiment
Fig. 1 is a schematic diagram showing a specific application example of the entrance/exit system 1 of the first embodiment. In Fig. 1, the entrance/exit system 1 is a system that controls the entrance/exit of a vehicle by using an in-vehicle device 100 mounted on the vehicle.
1, a facility 10 is surrounded by a fence or the like. An entrance/exit roadside device 200 and an entrance/exit inhibitor 600 are provided at the entrance/exit of the facility 10. An in-vehicle ID matching device 300 and an entrance/exit management device 400 are connected to the entrance/exit roadside device 200 via a network 700. A mobile terminal 500 is held by a driver of the vehicle, for example.

The vehicle-mounted device ID matching device 300 is, for example, a dedicated information processing device managed by an external organization such as a government. The entry/exit management device 400 is an information processing device that stores an authentication information table that associates a mobile terminal ID, a facility variable password, and a mobile terminal password that is not updated and is preset by the vehicle-mounted device user. Here, the mobile terminal ID is identification information of the mobile terminal 500. The mobile terminal ID may be any value that does not overlap with other mobile terminal IDs. The mobile terminal ID may be, for example, an email address, a serial number, a MAC address, etc. The mobile terminal password is information that is stored in the authentication information table in advance by the vehicle-mounted device user. The facility variable password is password information that is periodically generated by the entry/exit management device 400. The facility variable password is information that is changed at short intervals, such as every day. For this reason, the facility variable password is information that cannot be known even by a person riding in the vehicle until it is notified. The combination of the facility variable PIN, mobile terminal PIN, and mobile terminal ID is referred to below as "matching information."

The vehicle-mounted device 100 is an in-vehicle device for receiving an electronic toll collection service by ETC. An in-vehicle device ID is set for the vehicle-mounted device 100 when the vehicle-mounted device 100 is installed in the vehicle. The mobile terminal 500 is a terminal capable of short-range wireless communication or medium-range wireless communication. Specifically, the mobile terminal 500 is a portable terminal such as a smartphone or tablet.

In the entry/exit system 1 configured in this way, authentication is not performed using only the vehicle-mounted device ID, which is the identification information of the vehicle-mounted device 100, but also using facility variable secret information and mobile terminal secret information. This makes it possible to authenticate people who are actually riding in the vehicle, making it possible to identify people inside the vehicle with higher accuracy. Furthermore, in the entry/exit system 1 configured in this way, unless the vehicle-mounted device 100 and the mobile terminal 500 are near the entry/exit roadside device 200, they cannot be authenticated by the entry/exit management device 400. This makes it possible to prevent the mobile terminal 500 from being operated by someone away from the vehicle. This also makes it possible to identify people inside the vehicle with higher accuracy.

In addition, since the vehicle-mounted device ID is very important information, it is necessary to manage it strictly. Therefore, it is desirable that the vehicle-mounted device ID matching device 300 having a table in which the vehicle-mounted device ID is registered be managed by a strict organization. For example, the vehicle-mounted device ID matching device 300 may be configured by a server device operated by a public organization such as an external organization.
On the other hand, although the matching information including the mobile terminal ID (e.g., email address) is personal information and important information, it does not need to be managed as strictly as the vehicle-mounted device ID, and it is preferable that it be flexibly registered and updated for each facility 10. Therefore, the matching information is managed by the entry/exit management device 400. In the above-mentioned entry/exit system 1, the vehicle-mounted device ID and the mobile terminal ID are associated and managed in the vehicle-mounted device ID matching device 300, and the mobile terminal ID is transmitted to the entry/exit management device 400. In other words, the vehicle-mounted device ID is not transmitted to the entry/exit management device 400. With this configuration, it is possible to manage the vehicle-mounted device ID more strictly and maintain security.

Next, a description will be given of each component that constitutes the entrance/exit system 1 with reference to a configuration diagram.
The ingress/egress roadside device 200 includes an on-board communication unit 201, an encryption processing unit 202, an IP communication unit 204, a terminal communication unit 203, a communication control unit 205, an ingress/egress control unit 206, and an ingress/egress communication unit 207. The ingress/egress roadside device 200 includes a plurality of network interfaces, a central processing unit (CPU) connected by a bus, a memory, an auxiliary storage device, and the like. All or part of the functions of the ingress/egress roadside device 200 may be realized using hardware such as an application specific integrated circuit (ASIC), a programmable logic device (PLD), or a field programmable gate array (FPGA). The ingress/egress roadside device 200 may be configured using a plurality of information processing devices.

The vehicle-mounted device communication unit 201 is a network interface for communicating with the vehicle-mounted device 100. The wireless communication may be, for example, DSRC (Dedicated Short Range Communication), which is used in the conventional ETC system or the ETC 2.0 system.

The encryption processing unit 202 performs encryption processing of the vehicle-mounted device ID and generates an encrypted vehicle-mounted device ID.

The terminal communication unit 203 is a network interface for the entrance/exit roadside device 200 to communicate with the mobile terminal 500. For example, the wireless communication is preferably a short-distance wireless communication method to prevent communication from a long distance. For example, the wireless communication may be a wireless LAN (Wi-Fi), Bluetooth (registered trademark), or NFC (Near Field Communication).

The IP communication unit 204 is a network interface for communication with the entry/exit roadside unit 200. The IP communication unit 204 communicates with the vehicle-mounted device ID matching device 300 to inquire about the mobile terminal ID via the network 700.

The communication control unit 205 controls the execution of the authentication process of the entrance/exit roadside device 200 when a vehicle equipped with the on-board device 100 enters the entrance/exit system 1.

The entry/exit control unit 206 controls the entry/exit inhibitor 600 to open the gate based on instructions from the entry/exit management device 400.

The entry/exit communication unit 207 is a network interface that allows the entry/exit roadside device 200 to communicate with the entry/exit inhibitor 600. The entry/exit communication unit 207 communicates with the entry/exit inhibitor 600. The communication method may be, for example, wired communication. The communication method may be, for example, wireless communication such as Bluetooth or wireless LAN.

The entry/exit inhibitor 600 is a device that prevents vehicles from actually entering. Specifically, the entry/exit inhibitor 600 is composed of a barrier, a shutter, etc. The entry/exit inhibitor 600 includes a communication unit 601, an entry/exit control unit 602, and an entry/exit inhibitor 603.

The communication unit 601 is an interface unit that communicates with the entrance/exit roadside device 200, and the communication method can be any method, such as Bluetooth, wireless LAN, wired LAN, etc.

The entry/exit control unit 602 notifies the entry/exit suppression unit 603 of an open gate command based on an open gate command from the entry/exit roadside device 200. After notifying the open gate command, the entry/exit control unit 602 notifies the entry/exit suppression unit 603 of a close gate command when a predetermined time has elapsed. In addition, the entry/exit control unit 602 may notify the entry/exit suppression unit 603 of a close gate command after the vehicle-mounted device 100 passes through the entry/exit suppression unit 603 that has opened the gate.

When the entry/exit suppression unit 603 receives a notification of an open gate instruction from the entry/exit control unit 602, it opens the entry/exit suppression unit 603. Also, when the entry/exit suppression unit 603 receives a notification of a close gate instruction from the entry/exit control unit 602, it closes the entry/exit suppression unit 603. Also, the entry and exit sections of the entry/exit suppression unit 603 may be different.

The vehicle-mounted ID matching device 300 includes an IP communication unit 301, a device information storage unit 302, an information control unit 303, and a decryption processing unit 304. The vehicle-mounted ID matching device 300 is configured using an information processing device such as a mainframe, a workstation, or a personal computer. The vehicle-mounted ID matching device 300 can be any device that can have the functions described below. The vehicle-mounted ID matching device 300 includes a network interface, a CPU connected by a bus, a memory, and an auxiliary storage device. All or part of the functions of the vehicle-mounted ID matching device 300 may be realized using hardware such as an ASIC, a PLD, or an FPGA.

The IP communication unit 301 is a network interface for the vehicle-mounted device ID matching device 300 to communicate. The IP communication unit 301 communicates with the entry/exit roadside device 200 and the entry/exit management device 400 via the network 700.

The device information storage unit 302 is configured using a storage device such as a magnetic hard disk device or a semiconductor storage device. The device information storage unit 302 stores an in-vehicle device ID table 311. As shown in FIG. 2, the in-vehicle device ID record has values of an in-vehicle device ID and a mobile terminal ID.

In the example shown in FIG. 2, the topmost in-vehicle device ID record in the in-vehicle device ID table 311 has an in-vehicle device ID of "XXX" and a mobile terminal ID of "xxx@xxx". This in-vehicle device ID record indicates that if the in-vehicle device ID received by the in-vehicle device ID matching device 300 is "XXX", the information control unit 303 will obtain the mobile terminal ID "xxx@xxx". Note that the in-vehicle device ID table 311 shown in FIG. 2 is merely one specific example. Therefore, the in-vehicle device ID table 311 may be configured in a manner different from that shown in FIG. 2.

The information control unit 303 executes a decryption process of the encrypted vehicle-mounted device ID in the decryption processing unit 304. The information control unit 303 acquires the mobile terminal ID stored in the record in which the vehicle-mounted device ID satisfies (e.g. matches) a predetermined requirement from the vehicle-mounted device ID table 311 in the device information storage unit 302. The information control unit 303 transmits the mobile terminal ID to the entry/exit management device 400.

The decryption processing unit 304 executes the decryption process of the encrypted vehicle-mounted device ID. The decryption processing unit 304 notifies the information control unit 303 of the decrypted vehicle-mounted device ID.

The entrance/exit management device 400 comprises an IP communication unit 401, an authentication control unit 402, an authentication information storage unit 403, an authentication processing unit 404, and a facility variable PIN information generation unit 405. The entrance/exit management device 400 is configured using information processing devices such as network devices, mainframes, workstations, and personal computers. The entrance/exit management device 400 can be any device that is capable of providing the functions described below. The entrance/exit management device 400 comprises a network interface, a CPU connected by a bus, memory, and auxiliary storage device. All or part of the functions of the entrance/exit management device 400 may be realized using hardware such as an ASIC, PLD, or FPGA.

The IP communication unit 401 is a network interface for the entry/exit management device 400 to communicate. The IP communication unit 401 communicates with the entry/exit roadside device 200 and the vehicle-mounted device ID matching device 300 via the network 700.

The authentication control unit 402 receives the mobile terminal ID from the vehicle-mounted ID matching device 300. The authentication control unit 402 acquires the facility variable PIN information from the authentication information storage unit 403 and transmits it to the vehicle-mounted unit 100. The authentication control unit 402 executes authentication processing of the matching information in the authentication processing unit 404. The authentication control unit 402 transmits the result of the authentication processing performed by the authentication processing unit 404 to the entry/exit roadside unit 200.

The authentication information storage unit 403 is configured using a storage device such as a magnetic hard disk device or a semiconductor storage device. The authentication information storage unit 403 stores an authentication information table 411.

As shown in FIG. 2, the authentication information table 411 has matching information for each authentication information record. The facility variable password is authentication information that is periodically generated by the facility variable password generation unit 405. The facility variable password may be, for example, a character string including numbers and letters. The mobile terminal password is authentication information that is preregistered in the authentication information record by the user of the vehicle-mounted device 100 (hereinafter referred to as the "vehicle-mounted device user"). The mobile terminal password may be any information that is used as existing authentication information, such as, for example, a character string including numbers and letters, a combination of pictures, or a line pattern. The mobile terminal password may be, for example, biometric information such as a fingerprint or face. The mobile terminal password may be a combination of multiple pieces of information.

2, the authentication information record at the top of the authentication information table 411 has a device ID of "xxx@xxx", facility variable secret information of "QQQQ", and mobile terminal secret information of "RRRR". When the authentication information received by the entrance/exit management device 400 has a mobile terminal ID of "xxx@xxx", facility variable secret information of "QQQQ", and mobile terminal secret information of "RRRR", the authentication processing unit 404 determines that authentication has been successful. Note that the authentication information table 411 shown in FIG. 2 is merely one specific example. Therefore, the authentication information table 411 may be configured in a manner different from that shown in FIG. 2. For example, the authentication information table 411 may have the date and time when the mobile terminal secret information was updated.

The authentication processing unit 404 executes authentication processing based on the matching information received by the entry/exit management device 400 and the authentication information record stored in the authentication information storage unit 403. Specifically, if the matching information received by the entry/exit management device 400 and the authentication information record stored in the authentication information storage unit 403 satisfy (e.g., match) a predetermined authentication condition, the authentication processing unit 404 determines that the vehicle-mounted device 100 is a device with legitimate authority. On the other hand, if the matching information received by the entry/exit management device 400 and the authentication information record stored in the authentication information storage unit 403 do not satisfy (e.g., do not match) a predetermined authentication condition, the authentication processing unit 404 determines that the vehicle-mounted device 100 is a device without legitimate authority.

The facility variable PIN generating unit 405 generates the facility variable PIN at a predetermined frequency. The facility variable PIN generating unit 405 registers the generated facility variable PIN in the facility variable PIN in the authentication information table 411 of the authentication information storage unit 403. The facility variable PIN may be generated once a day, for example. A random value is generated for the facility variable PIN for each record.

The network 700 connects the entry/exit roadside device 200, the vehicle-mounted ID matching device 300, and the entry/exit management device 400 so that they can communicate with each other. The network 700 may be configured, for example, as the Internet.

Figure 3 is a schematic block diagram showing the functional configuration of the vehicle-mounted device 100. The vehicle-mounted device 100 is configured using an ETC vehicle-mounted device mounted on a vehicle. The vehicle-mounted device 100 includes a network interface, a CPU, a memory, an auxiliary storage device, and the like, which are connected by a bus. The vehicle-mounted device 100 functions as a device including a communication unit 101, an information control unit 102, a vehicle-mounted device information storage unit 103, a voice output unit 104, a display unit 105, and a card input/output unit 106, by executing an authentication program. Note that all or part of the functions of the vehicle-mounted device 100 may be realized using hardware such as an ASIC, a PLD, or an FPGA. The authentication program may be recorded on a computer-readable recording medium. The computer-readable recording medium may be, for example, a portable medium such as a flexible disk, a magneto-optical disk, a ROM, a CD-ROM, or a semiconductor storage device, or a storage device such as a hard disk or a semiconductor storage device built into a computer system. Note that the vehicle-mounted device 100 may be configured using a vehicle-mounted device such as a car navigation device or an audio device mounted on a vehicle.

The communication unit 101 is a network interface capable of communicating with the vehicle-mounted communication unit 201. The communication unit 101 communicates with the entry/exit roadside device 200. The communication may be, for example, a DSRC communication method.

The information control unit 102 controls the execution of the authentication process of the vehicle-mounted device 100. The vehicle-mounted device ID is acquired from the vehicle-mounted device information storage unit 103, and is transmitted to the vehicle-mounted device ID matching device 300 via the entrance/exit roadside device 200. The information control unit 102 notifies the voice output unit 104 of the facility variable secret code information received from the entrance/exit roadside device 200. The information control unit 102 notifies the display unit 105 of the facility variable secret code information received from the entrance/exit roadside device 200. The vehicle-mounted device ID is identification information of the vehicle-mounted device of the vehicle that has entered the entrance/exit system. The vehicle-mounted device ID may be any value that does not overlap with other vehicle-mounted device IDs. The vehicle-mounted device ID may be, for example, the WCN (Wireless Call Number) or serial number of an ETC (Electronic Toll Collection System) vehicle-mounted device.

The vehicle-mounted device information storage unit 103 is configured using a storage device such as a magnetic hard disk device or a semiconductor storage device. The vehicle-mounted device information storage unit 103 stores the vehicle-mounted device ID.

The audio output unit 104 is configured using an existing audio output device such as a speaker, earphones, or headphones. The audio output unit 104 may be an interface for connecting an audio output device to the vehicle-mounted device 100. In this case, the audio output unit 104 generates an audio signal from the audio data and outputs the audio signal to the audio output device connected to the audio output unit 104.

The display unit 105 is a video output device such as a CRT (Cathode Ray Tube) display, a liquid crystal display, or an organic EL (Electro Luminescence) display. The display unit 105 may be an interface for connecting a video output device to the vehicle-mounted device 100. In this case, the display unit 105 generates a video signal from the video data and outputs the video signal to the video output device connected to the display unit 105.

The card input/output unit 106 has a card slot into which the card 107 is inserted. The card input/output unit 106 acquires and registers information for the card 107 inserted in the card slot. Note that in the example of FIG. 3, the card input/output unit 106 has one card slot into which one card 107 is inserted. However, the configuration may be different from that shown in FIG. 3. For example, the number of card slots provided in the card input/output unit 106 may be two or more.

Card 107 is a card for settling tolls using the ETC system. Card 107 is inserted into a card slot provided in card input/output unit 106 for use. Information recorded on card 107 includes unique identification information for each card 107, and pre-recorded information indicating the organization that issues card 107 (specifically, a credit card company or an institution affiliated with a credit card company) or the type of service provided to the user of card 107. In addition to the card information, card 107 also records information on the entrance toll gate where the user began using the road and the exit toll gate where the user finished using the road.

Figure 4 is a schematic block diagram showing the functional configuration of the mobile terminal 500. The mobile terminal 500 is configured using an information processing device such as a tablet computer, a personal computer, or a smartphone. The mobile terminal 500 includes a short-range wireless communication unit 501, an input/output control unit 502, a display unit 503, and an input unit 504. The mobile terminal 500 includes a network interface, a CPU, a memory, an auxiliary storage device, and the like, all connected via a bus. The mobile terminal 500 is owned, for example, by a person riding in a vehicle.

The short-distance wireless communication unit 501 is a network interface for communication by the mobile terminal 500. The short-distance wireless communication unit 501 is a communication unit for short-distance wireless communication for communication with the entrance/exit roadside device 200. The communication method may be Bluetooth, wireless LAN, NFC, etc.

The input/output control unit 502 executes input/output processing to receive authentication from the entry/exit management device 400. The input/output control unit 502 transmits input information to the entry/exit management device 400 via the entry/exit roadside device 200.

The display unit 503 is a video output device such as a CRT display, a liquid crystal display, or an organic EL display. The display unit 503 may be an interface for connecting a video output device to the mobile terminal 500. In this case, the display unit 503 generates a video signal from the video data and outputs the video signal to the video output device connected to the display unit 503.

The input unit 504 is configured using an existing input device such as a touch panel, a button, or a switch. The input unit 504 may be an interface for connecting the input device to the mobile terminal 500. In this case, the input unit 504 generates input data from an input signal input to the input device and inputs the input data to the mobile terminal 500. The input unit 504 transmits the input signal to the entrance/exit roadside unit 200. When the input unit 504 is configured using a touch panel, the input unit 504 and the display unit 503 may be configured as one unit.

Next, the operation will be described. FIG. 5 is a sequence diagram showing the flow of processing of the entry/exit system 1 in the first embodiment. As a preliminary preparation, the vehicle-mounted device user notifies the vehicle-mounted device ID matching device 300 of the vehicle-mounted device ID and the mobile terminal ID. The vehicle-mounted device user may also transmit the vehicle-mounted device ID and the mobile terminal ID from the vehicle-mounted device 100 to the vehicle-mounted device ID matching device 300. The vehicle-mounted device user may also transmit the vehicle-mounted device ID and the mobile terminal ID from the mobile terminal 500 to the vehicle-mounted device ID matching device 300 (step S101). Next, the vehicle-mounted device ID matching device 300 executes a registration process of the received vehicle-mounted device ID and the mobile terminal ID. Specifically, the vehicle-mounted device ID matching device 300 registers the vehicle-mounted device ID and the mobile terminal ID in the vehicle-mounted device ID table 311 in association with each other (step S102). The vehicle-mounted device ID matching device 300 transmits the mobile terminal ID to the entry/exit management device 400 (step S103). The vehicle-mounted device user transmits the mobile device PIN that he/she has determined to the entry/exit management device 400. The vehicle-mounted device user may also transmit the mobile device PIN from the mobile device 500 to the entry/exit management device 400 (step S104). The facility variable PIN generating unit 405 generates the facility variable PIN. The entry/exit management device 400 registers the received mobile device ID, mobile device authentication information, and facility variable authentication information in the authentication information table 411 in association with each other (step S105). This completes the advance preparation.

Next, the information control unit 102 acquires the vehicle-mounted device ID from the vehicle-mounted device information storage unit 103 and transmits it to the entry/exit roadside device 200 via the communication unit 101 (step S201).

The vehicle-mounted device communication unit 201 notifies the vehicle-mounted device ID to the communication control unit 205. The communication control unit 205 executes encryption processing of the vehicle-mounted device ID in the encryption processing unit 202. The encryption processing unit 202 generates an encrypted vehicle-mounted device ID from the vehicle-mounted device ID (step S202). The communication control unit 205 transmits the encrypted vehicle-mounted device ID to the vehicle-mounted device ID matching device 300 via the IP communication unit 204 (step S203).

The IP communication unit 301 notifies the information control unit 303 of the encrypted vehicle-mounted device ID. The information control unit 303 executes a decryption process of the encrypted vehicle-mounted device ID in the decryption processing unit 304. The decryption processing unit 304 generates a vehicle-mounted device ID from the encrypted vehicle-mounted device ID (step S204). The information control unit 303 identifies a vehicle-mounted device ID record with a matching vehicle-mounted device ID from the vehicle-mounted device ID table 311 in the device information storage unit 302 (step S205). If the vehicle-mounted device IDs match (step S205-YES), the information control unit 303 acquires the value of the mobile terminal ID (step S206). If the vehicle-mounted device IDs do not match (step S205-NO), the vehicle-mounted device ID matching device 300 ends the process (step S207). The information control unit 303 transmits the mobile terminal ID to the entry/exit management device 400 via the IP communication unit 301 (step S208).

The IP communication unit 401 notifies the authentication control unit 402 of the mobile terminal ID. The authentication control unit 402 obtains the value of the facility variable secret from the authentication information record that matches the mobile terminal ID from the authentication information table 411 in the authentication information storage unit 403 (step S209). The authentication control unit 402 transmits the value of the facility variable secret to the vehicle-mounted device 100 via the IP communication unit 401 and the entrance/exit roadside unit 200 (steps S210 to S211).

The information control unit 102 speaks the value of the facility variable PIN via the voice output unit 104. The information control unit 102 displays the value of the facility variable PIN via the display unit 105 (step S212).

The input unit 504 receives matching information through the operation of a person in the vehicle (step S213). The person in the vehicle may be, for example, the on-board device user or the vehicle driver. The input unit 504 notifies the input/output control unit 502 of the matching information. The input/output control unit 502 transmits the matching information to the entry/exit management device 400 via the short-range wireless communication unit 501 and the entry/exit roadside device 200 (steps S214 to S215).

The IP communication unit 401 notifies the authentication control unit 402 of the matching information. The authentication control unit 402 executes authentication processing of the matching information in the authentication processing unit 404. Specifically, the authentication processing unit 404 compares the matching information received from the mobile terminal 500 with the matching information stored in the authentication information record, and if a predetermined authentication condition is met (e.g., they match), the authentication processing unit 404 determines that the vehicle-mounted device 100 is a device with legitimate authority. On the other hand, if the predetermined condition is not met (e.g., they do not match), the authentication processing unit 404 determines that the vehicle-mounted device 100 is a device without legitimate authority (step S216). The authentication control unit 402 transmits the authentication processing execution result to the entrance/exit roadside unit 200 (step S217).

The IP communication unit 204 notifies the entry/exit control unit 206 of the result of the authentication process. The entry/exit control unit 206 executes processing based on the result of the authentication process (step S218). If the result of the authentication process is successful (step S218-YES), the entry/exit control unit 206 sends an instruction to open the gate to the entry/exit inhibitor 600 via the entry/exit communication unit 207 (step S219). On the other hand, if the result of the authentication process is not successful (step S218-NO), the entry/exit control unit 206 ends the processing (step S220).

The communication unit 601 notifies the entrance/exit control unit 602 of the gate opening instruction. Upon receiving the gate opening instruction, the entrance/exit control unit 602 executes the gate opening process of the entrance/exit suppression unit 603 (step S221).

In the process flow of FIG. 5, the matching information acquired in step S213 may be encrypted in the encryption processing unit 202. In this case, when the matching information is transmitted from the entrance/exit roadside unit 200 to the entrance/exit management unit 400 in step S215, it is possible to prevent eavesdropping of the matching information. As a result, more secure entrance/exit management is possible compared to the case where the matching information is transmitted without encryption.

Second Embodiment
First, an outline of the entry/exit system 2 in the second embodiment will be described. The second embodiment is used in cases where a business operator installs the entry/exit roadside device 200a at two or more locations. For example, when vehicle management is performed within the premises of a construction site, the construction company performs linking between the vehicle-mounted device 100 and the entry/exit roadside device 200a. Therefore, when there are multiple construction sites, the linking is a heavy burden on the construction company. Therefore, the entry/exit system 2 reduces the burden of this linking. Specifically, the vehicle-mounted device ID matching device 300a is registered in association with the vehicle-mounted device ID, the facility ID, and the mobile terminal ID. The facility ID is an identifier that identifies the entry/exit roadside device 200a. The facility ID may be any value as long as it does not overlap with other facility IDs. The facility ID may be, for example, the name of the facility or an arbitrary character string. The vehicle-mounted device ID matching device 300a identifies the mobile terminal ID using the vehicle-mounted device ID and facility ID received from the entry/exit roadside device 200a. If at least one of the on-board device ID and the facility ID is different, the vehicle equipped with the on-board device 100 is deemed to be attempting to enter the unauthorized entry/exit roadside device 200a. Therefore, the vehicle cannot enter the construction site. With this configuration, the construction company does not need to perform linking for each construction site. Therefore, the burden of linking on the construction company is reduced.

The entry/exit system 2 will be described in detail below with reference to FIG. 6. FIG. 6 is a system configuration diagram showing the system configuration of the entry/exit system 2 in the second embodiment. The entry/exit system 2 in the second embodiment differs from the first embodiment in that a facility ID is newly used. Only the differences from the first embodiment will be described below. The entry/exit system 2 differs from the entry/exit system 1 in the first embodiment in that it has an entry/exit roadside device 200a instead of the entry/exit roadside device 200 and an on-board device ID matching device 300a instead of the on-board device ID matching device 300, but has the same configuration as the entry/exit system 1 in other respects.

The entry/exit roadside device 200a includes an encryption processing unit 202a that performs encryption processing on the vehicle-mounted device ID and the facility ID, instead of the encryption processing unit 202 that performs encryption processing on the vehicle-mounted device ID. The entry/exit roadside device 200a includes a communication control unit 205a that controls the authentication processing of the vehicle-mounted device 100 using the vehicle-mounted device ID and the facility ID, instead of the communication control unit 205 that controls the authentication processing of the vehicle-mounted device 100 using the vehicle-mounted device ID. The entry/exit roadside device 200a further includes an installer information storage unit 208a that stores the facility ID. In other respects, the entry/exit roadside device 200a has the same configuration as the entry/exit roadside device 200.

The vehicle-mounted device ID matching device 300a includes a device information storage unit 302a that stores a facility ID instead of the device information storage unit 302 that stores the vehicle-mounted device ID and the mobile terminal ID. The vehicle-mounted device ID matching device 300a includes an information control unit 303a that controls the process of identifying the mobile terminal ID from the vehicle-mounted device ID and the facility ID instead of the information control unit 303 that controls the process of identifying the mobile terminal ID from the vehicle-mounted device ID. The vehicle-mounted device ID matching device 300a includes a decryption processing unit 304a that performs the decryption process of the encrypted vehicle-mounted device ID and the encrypted facility ID instead of the decryption processing unit 304 that performs the decryption process of the encrypted vehicle-mounted device ID. The vehicle-mounted device ID matching device 300a has the same configuration as the vehicle-mounted device ID matching device 300 in other respects.

The vehicle-mounted device ID table 311a differs from the vehicle-mounted device ID table 311 in the first embodiment in that it further includes a column for facility IDs, but otherwise has the same configuration as the vehicle-mounted device ID table 311.

In the example shown in FIG. 6, the topmost vehicle-mounted device ID record a in the vehicle-mounted device ID table 311a indicates that when the vehicle-mounted device ID received by the vehicle-mounted device ID matching device 300a is "XXX" and the facility ID is "AAA", the information control unit 303a obtains the mobile terminal ID as "xxx@xxx". Note that the vehicle-mounted device ID table 311a shown in FIG. 6 is merely one specific example. Therefore, the vehicle-mounted device ID table 311a may be configured in a manner different from that shown in FIG. 6. For example, the vehicle-mounted device ID table 311a may register the timestamp at which the vehicle-mounted device ID record a was generated.

Figure 7 is a sequence diagram showing the flow of processing until the operator links and registers the vehicle-mounted device ID, facility ID, and mobile terminal ID in the entrance/exit system 2 in the second embodiment. In the entrance/exit system 2, multiple entrance/exit roadside devices 200a are installed. Therefore, the operator decides which entrance/exit roadside device 200a the vehicle-mounted device user will enter and exit. For this purpose, the operator uses the vehicle-mounted device ID use consent. The vehicle-mounted device ID use consent indicates which entrance/exit roadside device 200a the vehicle-mounted device user can enter and exit. The operator obtains the vehicle-mounted device user's approval for the vehicle-mounted device ID use consent. After that, the operator registers the contents of the vehicle-mounted device ID use consent in the vehicle-mounted device ID matching device 300a. After registration, the vehicle-mounted device user can enter and exit the entrance/exit roadside device 200a indicated in the vehicle-mounted device ID use consent.

First, the vehicle-mounted device user performs a user registration process for the vehicle-mounted device ID and the mobile terminal ID. The user registration process may be performed, for example, on a web page for user registration (step S301).

Next, the operator creates an on-board device ID usage consent. The on-board device ID usage consent contains the "on-board device user name", "on-board device ID", "license expiration date", "mobile terminal ID", and "facility ID". Note that the items in this on-board device ID usage consent are merely one specific example. Therefore, the on-board device ID usage consent may be composed of items different from those in this on-board device ID usage consent. For example, the on-board device ID usage consent may have an item for the facility name. The on-board device ID usage consent may also be an electronic medium such as a web form (step S302).

The operator sends the vehicle-mounted device ID use consent to the vehicle-mounted device user (step S303). The vehicle-mounted device user executes the approval process of the vehicle-mounted device ID use consent. Specifically, the approval process is performed by the vehicle-mounted device user signing the vehicle-mounted device ID use consent. The approval process may also be an electronic signature. The vehicle-mounted device ID use consent that has been approved is treated as an approved vehicle-mounted device ID use consent (step S304). The vehicle-mounted device user sends the approved vehicle-mounted device ID use consent to the operator (step S305). The operator transmits the approved vehicle-mounted device ID use consent to the vehicle-mounted device ID matching device 300a. The operator may also send the approved vehicle-mounted device ID use consent to the management organization of the vehicle-mounted device ID matching device 300a (step S306).

The vehicle-mounted device ID matching device 300a generates a vehicle-mounted device ID table 311a (step S307). The vehicle-mounted device ID matching device 300a generates a vehicle-mounted device ID record a in which the "vehicle-mounted device ID", "facility ID", and "mobile terminal ID" written in the approved vehicle-mounted device ID usage consent are registered (step S308).

Figure 8 is a sequence diagram showing the processing flow of the entry/exit system 2 in the second embodiment. First, the information control unit 102 acquires the vehicle-mounted device ID from the vehicle-mounted device information storage unit 103, and transmits it to the entry/exit roadside device 200a via the communication unit 101 (step S201).

The vehicle-mounted device communication unit 201 notifies the communication control unit 203a of the vehicle-mounted device ID. The communication control unit 205a acquires the facility ID stored in the installer information storage unit 208a. The communication control unit 205a executes encryption processing of the vehicle-mounted device ID and the facility ID in the encryption processing unit 202a. The encryption processing unit 202a generates an encrypted vehicle-mounted device ID from the vehicle-mounted device ID. The encryption processing unit 202a generates an encrypted facility ID from the facility ID (step S202a). The communication control unit 205a transmits the encrypted vehicle-mounted device ID and the encrypted facility ID to the vehicle-mounted device ID matching device 300a via the IP communication unit 204 (step S203a).

The IP communication unit 301 notifies the information control unit 303a of the encrypted vehicle-mounted device ID and the encrypted facility ID. The information control unit 303a executes a decryption process of the encrypted vehicle-mounted device ID and the encrypted facility ID in the decryption processing unit 304a. The decryption processing unit 304a generates a vehicle-mounted device ID from the encrypted vehicle-mounted device ID. The decryption processing unit 304a generates a facility ID from the encrypted facility ID (step S204a). The information control unit 303a identifies a vehicle-mounted device ID record in which the vehicle-mounted device ID and the facility ID match from the vehicle-mounted device ID table 311a in the device information storage unit 302a (step S205a). If the vehicle-mounted device ID and the facility ID match (step S205a-YES), the information control unit 303 acquires the value of the mobile terminal ID (step S206). If the vehicle-mounted device ID does not match (step S205a-NO), the vehicle-mounted device ID matching device 300a terminates the process (step S207). The information control unit 303a transmits the mobile terminal ID to the entrance/exit management device 400 via the IP communication unit 301 (step S208).

The IP communication unit 401 notifies the authentication control unit 402 of the mobile terminal ID. The authentication control unit 402 obtains the value of the facility variable secret from the authentication information record that matches the mobile terminal ID from the authentication information table 411 in the authentication information storage unit 403 (step S209). The authentication control unit 402 transmits the value of the facility variable secret to the vehicle-mounted device 100 via the IP communication unit 401 and the entrance/exit roadside unit 200a (steps S210 to S211).

The information control unit 102 speaks the value of the facility variable PIN via the voice output unit 104. The information control unit 102 displays the value of the facility variable PIN via the display unit 105 (step S212).

The input unit 504 receives the matching information through the operation of a person in the vehicle (step S213). The input unit 504 notifies the input/output control unit 502 of the matching information. The input/output control unit 502 transmits the matching information to the entry/exit management device 400 via the short-range wireless communication unit 501 and the entry/exit roadside device 200a (steps S214 to S215).

The IP communication unit 401 notifies the authentication control unit 402 of the matching information. The authentication control unit 402 executes authentication processing of the matching information in the authentication processing unit 404. Specifically, the authentication processing unit 404 compares the matching information received from the mobile terminal 500 with the matching information stored in the authentication information record, and if a predetermined authentication condition is met (e.g., they match), the authentication processing unit 404 determines that the vehicle-mounted device 100 is a device with legitimate authority. On the other hand, if the predetermined condition is not met (e.g., they do not match), the authentication processing unit 404 determines that the vehicle-mounted device 100 is a device without legitimate authority (step S216). The authentication control unit 402 transmits the authentication result to the entrance/exit roadside unit 200a (step S217).

The IP communication unit 204 notifies the entry/exit control unit 206 of the result of the authentication process. The entry/exit control unit 206 executes processing based on the result of the authentication process (step S218). If the result of the authentication process is successful (step S218-YES), the entry/exit control unit 206 sends an instruction to open the gate to the entry/exit inhibitor 600 via the entry/exit communication unit 207 (step S219). On the other hand, if the result of the authentication process is not successful (step S218-NO), the entry/exit control unit 206 ends the processing (step S220).

The communication unit 601 notifies the entrance/exit control unit 602 of the gate opening instruction. Upon receiving the gate opening instruction, the entrance/exit control unit 602 executes the gate opening process of the entrance/exit suppression unit 603 (step S221).

Third Embodiment
First, an outline of the entrance/exit system 3 in the third embodiment will be described. The third embodiment assumes an entrance/exit system that allows entry and exit with a simple configuration without using a mobile terminal 500 in a place such as an apartment parking lot where high security such as identity verification is not required. For this purpose, the following process is executed.

In the first embodiment, the authentication process is performed using the facility variable PIN and the mobile terminal PIN transmitted from the mobile terminal 500, but in the third embodiment, the authentication process is performed using only the mobile terminal ID without using these two pieces of information. Also, in the first embodiment, the mobile terminal ID is transmitted from the mobile terminal 500 to the entry/exit management device 400, but in the third embodiment, it is transmitted from the vehicle-mounted ID matching device 300 to the entry/exit management device 400 without going through the mobile terminal 500. With this configuration, in the third embodiment, it becomes possible to realize entry and exit without using the mobile terminal 500.

The entrance/exit system 3 will be described in detail below with reference to FIG. 9. FIG. 9 is a system configuration diagram showing the system configuration of the entrance/exit system 3 in the third embodiment. The entrance/exit system 3 in the third embodiment differs from the first embodiment in that it does not use a mobile terminal 500. Only the differences from the first embodiment will be described below.

The ingress/egress roadside device 200b does not have a terminal communication unit 203. In other respects, the ingress/egress roadside device 200b has the same configuration as the ingress/egress roadside device 200.

The entrance/exit management device 400b has an authentication control unit 402b instead of the authentication control unit 402. The entrance/exit management device 400b has an authentication information storage unit 403b that stores a mobile terminal ID instead of the authentication information storage unit 403 that stores matching information. The entrance/exit management device 400b has an authentication processing unit 404b that performs authentication processing using a mobile terminal ID instead of the authentication processing unit 404 that performs authentication processing using matching information. The entrance/exit management device 400b does not have a facility variable PIN generation unit 405. The entrance/exit management device 400b has the same configuration as the entrance/exit management device 400 in other respects.

The authentication information storage unit 403b stores the authentication information table 411b. The authentication information record b has a mobile terminal ID. In the example shown in FIG. 9, the authentication information record b at the top of the authentication information table 411b has a mobile terminal ID of "xxx@xxx". When the mobile terminal ID received from the vehicle-mounted device ID matching device 300 is "xxx@xxx", the authentication processing unit 404b determines that authentication has been successful. Note that the authentication information table 411b shown in FIG. 9 is merely one specific example. Therefore, the authentication information table 411b may be configured in a manner different from that shown in FIG. 9. For example, the authentication information table 411b may have the date and time when the mobile terminal ID was registered.

Figure 10 is a sequence diagram showing the flow of processing until the use of the vehicle-mounted device ID and the mobile terminal ID is started in the entrance/exit system 3 in the third embodiment. First, the vehicle-mounted device user transmits the vehicle-mounted device ID and the mobile terminal ID to the vehicle-mounted device ID matching device 300. The transmission may be from a web page. The transmission may be sent to the management organization of the vehicle-mounted device ID matching device 300 (step S401). Next, the vehicle-mounted device ID matching device 300 executes a registration process of the vehicle-mounted device ID and the mobile terminal ID. Specifically, the vehicle-mounted device ID matching device 300 generates a vehicle-mounted device ID record in the vehicle-mounted device ID table. The vehicle-mounted device ID matching device 300 registers the vehicle-mounted device ID and the mobile terminal ID in the vehicle-mounted device ID record (step S402).

The vehicle-mounted device user notifies the business operator (e.g., a condominium management organization, etc.) of the vehicle-mounted device ID and permission to use the vehicle-mounted device ID (step S403). When the business operator receives the vehicle-mounted device ID and permission to use the vehicle-mounted device ID, the business operator transmits the vehicle-mounted device ID to the vehicle-mounted device ID matching device 300. The transmission may be performed for each vehicle-mounted device user. The transmission may be performed after receiving the vehicle-mounted device IDs of all vehicle-mounted device users and then transmitting them all at once. The transmission may be performed from a web page. The transmission may be performed to the management organization of the vehicle-mounted device ID matching device 300 (step S404). The vehicle-mounted device ID matching device 300 uses the vehicle-mounted device ID to identify the mobile terminal ID (step S405). The vehicle-mounted device ID matching device 300 transmits the mobile terminal ID to the entry/exit management device 400b (step S406). The entry/exit management device 400b registers the mobile terminal ID in the authentication information table 411b (step S407). Now, the entry/exit system 3 starts using the vehicle-mounted device ID and mobile terminal ID.

Figure 11 is a sequence diagram showing the processing flow of the entry/exit system 3 in the third embodiment. First, the information control unit 102 acquires the vehicle-mounted device ID from the vehicle-mounted device information storage unit 103, and transmits it to the entry/exit roadside device 200b via the communication unit 101 (step S201).

The vehicle-mounted device communication unit 201 notifies the vehicle-mounted device ID to the communication control unit 205. The communication control unit 205 executes encryption processing of the vehicle-mounted device ID in the encryption processing unit 202. The encryption processing unit 202 generates an encrypted vehicle-mounted device ID from the vehicle-mounted device ID (step S202). The communication control unit 205 transmits the encrypted vehicle-mounted device ID to the vehicle-mounted device ID matching device 300 via the IP communication unit 204 (step S203).

The IP communication unit 301 notifies the information control unit 303 of the encrypted vehicle-mounted device ID. The information control unit 303 executes a decryption process of the encrypted vehicle-mounted device ID in the decryption processing unit 304. The decryption processing unit 304 generates a vehicle-mounted device ID from the encrypted vehicle-mounted device ID (step S204). The information control unit 303 identifies a vehicle-mounted device ID record with a matching vehicle-mounted device ID from the vehicle-mounted device ID table 311 in the device information storage unit 302 (step S205). If the vehicle-mounted device IDs match (step S205-YES), the information control unit 303 acquires the value of the mobile terminal ID (step S206). If the vehicle-mounted device IDs do not match (step S205-NO), the vehicle-mounted device ID matching device 300 ends the process (step S207). The information control unit 303 transmits the mobile terminal ID to the entry/exit management device 400b via the IP communication unit 301 (step S208).

The IP communication unit 401 notifies the authentication control unit 402b of the mobile terminal ID. The authentication control unit 402b causes the authentication processing unit 404b to execute authentication processing of the mobile terminal ID. Specifically, the authentication processing unit 404b compares the mobile terminal ID received from the vehicle-mounted device ID matching device 300 with the mobile terminal ID registered in the authentication information record b, and if a predetermined authentication condition is met (for example, they match), the authentication processing unit 404b determines that the vehicle-mounted device 100 is a device with legitimate authority. On the other hand, if the predetermined condition is not met (for example, they do not match), the authentication processing unit 404b determines that the vehicle-mounted device 100 is a device without legitimate authority (step S216b). The authentication control unit 402b transmits the authentication processing execution result to the entrance/exit roadside unit 200 (step S217).

The IP communication unit 204 notifies the entry/exit control unit 206 of the result of the authentication process. The entry/exit control unit 206 executes processing based on the result of the authentication process (step S218). If the result of the authentication process is successful (step S218-YES), the entry/exit control unit 206 sends an instruction to open the gate to the entry/exit inhibitor 600 via the entry/exit communication unit 207 (step S219). On the other hand, if the result of the authentication process is not successful (step S218-NO), the entry/exit control unit 206 ends the processing (step S220).

The communication unit 601 notifies the entrance/exit control unit 602 of the gate opening instruction. Upon receiving the gate opening instruction, the entrance/exit control unit 602 executes the gate opening process of the entrance/exit suppression unit 603 (step S221).

According to at least one of the embodiments described above, by having an authentication processing function for authentication information and a mobile terminal ID, it is possible to identify people inside the vehicle with higher accuracy.

Although several embodiments of the present invention have been described, these embodiments are presented as examples and are not intended to limit the scope of the invention. These embodiments can be implemented in various other forms, and various omissions, substitutions, and modifications can be made without departing from the gist of the invention. These embodiments and their modifications are within the scope of the invention and its equivalents as set forth in the claims, as well as the scope and gist of the invention.

1...entrance/exit system, 2...entrance/exit system, 3...entrance/exit system, 10...facility, 100...vehicle-mounted device, 101...communication unit, 102...information control unit, 103...vehicle-mounted device information storage unit, 104...audio output unit, 105...display unit, 106...card input/output unit, 107...card, 200...entrance/exit roadside device, 201...vehicle-mounted device communication unit, 202...encryption processing unit, 203...terminal communication unit, 204...IP communication unit, 205...communication control unit, 206...entrance/exit control unit, 207...entrance/exit communication unit, 300...vehicle-mounted device ID matching device, 301...IP communication unit, 302...device information storage unit, 303...information control unit, 304...decryption processing unit, 311...vehicle-mounted device ID table, 400...entrance/exit management device, 401...IP communication unit, 402...authentication control unit, 403...authentication information storage unit, 40 4...Authentication processing unit, 405...Facility variable password information generation unit, 411...Authentication information table, 500...Mobile terminal, 501...Short-range wireless communication unit, 502...Input/output control unit, 503...Display unit, 504...Input unit, 600...Entry/exit suppressor, 601...Communication unit, 602...Entry/exit control unit, 603...Entry/exit suppression unit, 200a...Entry/exit roadside device, 202a...Encryption processing unit, 205a...Communication control unit, 208a...Installer information storage unit, 300a...Vehicle-mounted device ID matching device, 302a...Device information storage unit, 303a...Information control unit, 304a...Decryption processing unit, 311a...Vehicle-mounted device ID table, 200b...Entry/exit roadside device, 400b...Entry/exit management device, 402b...Authentication control unit, 403b...Authentication information storage unit, 404b...Authentication processing unit, 411b...Authentication information table

Claims (9)

a device information storage unit that stores a record in which an in-vehicle device ID, which is identification information of the in-vehicle device, is associated with user information that can uniquely identify a user of the in-vehicle device;
a communication unit that receives information indicating an on-board device ID received from an on-board device of a vehicle by an entrance/exit roadside device provided near a facility to be managed;
an acquisition unit that acquires the user information related to a record stored in the device information storage unit when the record matches the vehicle-mounted device ID indicated by the received information;
and an authentication processing unit that, after receiving the information, receives matching information from the user and performs authentication processing based on the acquired user information and the received matching information. The user identification system according to claim 1 , wherein the matching information is information for identifying the user by matching with the user information. The user identification system of claim 1, wherein the matching information includes a secret code that is generated periodically. The user identification system of claim 1, wherein the matching information includes a secret code preset by the user. The record stored in the device information storage unit further includes a facility ID of the facility to be managed,
The user identification system according to claim 1 , wherein the communication unit receives the facility ID. The communication unit receives the encrypted vehicle-mounted device ID as information indicating the vehicle-mounted device ID,
The user identification system according to any one of claims 1 to 5, wherein the acquisition unit decrypts the encrypted vehicle-mounted device ID, and if a record matching the vehicle-mounted device ID obtained by decryption is stored in the device information storage unit, acquires the user information related to the record. The user identification system according to any one of claims 1 to 6, further comprising an entry/exit control unit that determines whether to open or close an entry/exit prevention unit that prevents entry into or exit from the managed facility based on the result of the execution of the authentication process. The user identification system of claim 7, wherein the entry/exit control unit does not open the entry/exit restriction unit if a record matching the vehicle-mounted device ID indicated by the received information is not stored in the device information storage unit. A user identification method performed by a user identification system including a device information storage unit that stores a record that associates an on-board device ID, which is identification information of an on-board device, with user information that can uniquely identify a user of the on-board device, and one or more information processing devices, comprising:
a receiving step in which the information processing device receives, from an entrance/exit roadside device provided near a facility to be managed, information indicating an on-board device ID received by the entrance/exit roadside device from an on-board device of a vehicle;
an information acquisition step of the information processing device acquiring the user information related to a record stored in the device information storage unit when the record matches the vehicle-mounted device ID indicated by the received information;
and an authentication processing step of receiving matching information from the user after receiving the information , and performing authentication processing based on the acquired user information and the received matching information.

Images