FR3033204A1 - METHOD OF SECURING A SERVICE FOR CONTROLLING MOTOR VEHICLES USING MOBILE TERMINALS - Google Patents

Abstract

The invention relates to a control service enabling a motor vehicle owner equipped with a mobile terminal (20) to access at least one feature of the motor vehicle (10) by means of the mobile terminal, said service being operated at the same time. a server (50) in which are stored records that associate, with each identifier of a motor vehicle, information relating to the owner of the vehicle, including the owner's details. According to the invention, the method comprises steps of: - reception by the server of a request for modifications of the information recorded in a record, - search of a record in the server associated with this request, - reading of the contact details of the owner registered in this registration, and sending to the owner of a validation request message of said request, - in case of reception of a message from the owner validating this request, modification of said registration.

Description

BACKGROUND OF THE INVENTION The present invention generally relates to the control of functionalities of a motor vehicle by means of a mobile terminal. . It relates more particularly to a method of securing a control service enabling a motor vehicle owner equipped with a mobile terminal to access at least one motor vehicle functionality by means of his mobile terminal, said control service being operated using a server in which are stored records that each associated with an identifier, information relating to the owner of said motor vehicle, said information comprising at least contact details of said owner.

The invention applies particularly advantageously in the case where the controlled functionality is the unlocking of the doors of the vehicle or the starting of the vehicle. TECHNOLOGICAL BACKGROUND It has been proposed to control certain functions of a motor vehicle, such as unlocking the doors of the vehicle, by means of a mobile terminal, for example a mobile phone commonly used by the vehicle owner. In order to allow this order only to people actually authorized, virtual keys are used which are stored in the mobile phones of authorized persons and of which an electronic control unit of the vehicle verifies the presence before controlling the unlocking of the doors. The use of such virtual keys does not prevent the use of physical keys (or electronic control cards dedicated to the unlocking of the doors and the starting of the motor vehicle). Thus, in practice, when he buys a motor vehicle, an owner is given by the manufacturer of the vehicle physical keys and information allowing him to register on a server in order to be issued an electronic certificate of ownership and one or more virtual access keys 3033204 2 (as mentioned in the patent application FR1463430 not published at the time of filing of this patent application). A disadvantage of such a solution is that, when the owner of the motor vehicle sells the vehicle to another person (the "new owner"), he can provide him with the physical keys but he can not transmit the electronic certificate of property as well as the associated virtual keys. The risk is then that the original owner fraudulently uses the vehicle, after having sold it, by using the virtual keys stored in his mobile phone. Another disadvantage is that when the owner changes mobile terminal, his new mobile terminal is not registered in the server, so that he can no longer access the motor vehicle other than with his physical keys.

OBJECT OF THE INVENTION In order to overcome the aforementioned drawbacks of the state of the art, the present invention proposes to facilitate and secure the change of information stored in the server. More particularly, it is proposed according to the invention a security method as defined in the introduction, which comprises the following steps: - step a): reception by the server of a request for changes to the information relating to an owner of motor vehicle, comprising an identifier and at least one information item to be modified, - step b): search for a record in the server associated with the identifier, - step c): in the case of a record found, reading the coordinates of contact of the owner registered in the recording, and sending to said owner of a request message for validation of said request, - step d): in the event of reception of a message from said owner validating said request, modification of said record or creation a new record in the server, memorizing each information to be modified. It will be noted here that the "owner" may be a natural person or a legal person, and that he may possibly be represented by a third person to implement the method according to the invention.

To illustrate the invention, we can first consider the case where the owner has changed mobile terminal. Then, the owner sends a request to the server, so that the latter takes into account this new mobile terminal. Step c) above will then ask the owner 5 if he is the origin of this request. Thus, the new mobile terminal will be taken into account by the server only after the owner has validated that he was the origin of this request. To illustrate the invention, one can also consider the case where the owner of the vehicle sells his vehicle to a new owner. Then either of the old and the new owner issues a request to the server, so that the server registers this change of ownership. This request will usually be issued by the new owner. Step c) above will then ask the original owner if he has actually sold his vehicle. Then, if this is the case, the server may overwrite or block the old electronic property certificate attached to the motor vehicle, before issuing another to the new owner of the vehicle. The risk that remains is that the new owner, not informed or not interested in the possibility of being issued an electronic certificate of ownership and virtual keys, does not make itself known to the server. In this case, the former owner remains free to use the vehicle fraudulently. Then, preferably, the mobile terminal being adapted to communicate with the server, after each access of a user to the functionality of the motor vehicle through a mobile terminal, there is provided a step of transmission by said mobile terminal to the server of information relating to the identity of said user and when said access has taken place. The information stored in the server can thus prove the fraudulent use of the vehicle by its former owner. To further reduce the risk of fraudulent use of the vehicle by the former owner, it may be provided to incite, or to force the new owner to declare himself as such to the server. Thus, advantageously, when the identifier of any owner is unchanged in the server for a duration greater than a predetermined threshold, there is provided a verification step of the identity of the owner of the motor vehicle 3033204 whose identifier is associated with said identifier. In addition or alternatively, each record storing (in addition to the identifier or as an identifier of the owner) a name or a pseudonym of said owner, it is expected to display frequently on the display screen 5 in the vehicle a message mentioning the name or pseudonym of said owner. Thus, if the new owner repeatedly sees the name of the previous owner, he will be prompted to declare himself as the owner of the server.

Other advantageous and non-limiting features of the method according to the invention are the following: the information relating to the owner furthermore comprising an identification number of said mobile terminal, in step a), the information to be modified has an identification number of a new mobile terminal, and in step d), the identification number of said new mobile terminal is stored in the server; the information relating to the owner furthermore including an identifier of the owner, in step a), the information to be modified comprises an identifier of a new owner having bought the motor vehicle from the initial owner, as well as the contact details of the new owner, and in step d), the identifier and the contact information of the new owner are stored in the server; in step d), the identifier of the initial owner is deactivated; the mobile terminal of the initial owner storing at least one virtual key for access to the motor vehicle functionality, when the initial owner identifier is deactivated, said virtual key is blocked and / or the automatic updating of said key virtual is suspended; said server record memorizing the contact details of at least one other user of the motor vehicle equipped with another mobile terminal storing at least one other virtual key for access to the functionality of the motor vehicle, when the identifier of the initial owner is disabled, said other virtual key is blocked and / or the automatic update of said other virtual key is suspended, and an end-of-validity information message of said other virtual key is sent to said other user, by means of said contact coordinates 3033204 stored in the record; after said step d), the server transmits to the mobile terminal of the new owner a virtual key to access the functionality of the motor vehicle; 5 - there is provided a step of detecting an action of the new owner on a physical object related to the motor vehicle, and said step d) is further conditioned by said detection; the physical object is a physical key capable of controlling the unlocking of the doors of the motor vehicle; 10 - the information relating to the owner having an identifier of the owner, when an identifier stored in the server is unchanged for a duration greater than a predetermined threshold, there is provided a step of verification of the identity of said owner; - the owner information with a name or pseudonym of the owner, and the motor vehicle is equipped with a display screen, it is expected to frequently display on said display screen a message mentioning the name or the pseudonym of said owner; the contact details stored in each record of the server comprise an e-mail address and / or a telephone number; the mobile terminal being adapted to communicate with the server, after each access of the owner to the functionality of the motor vehicle by means of a mobile terminal, there is provided a step of transmission by said mobile terminal to the server of information relating to the moment when said access has taken place; 25 - the server stores, in the record associated with said motor vehicle, a log in which are stored, since a specific date, information relating to the identity of each user accessing the motor vehicle and at the time of each access to the feature the motor vehicle; - after each access of a user to the functionality of the motor vehicle with a mobile terminal, a control unit of the motor vehicle stores information relating to the identity of the user and when said access has occurred. DETAILED DESCRIPTION OF AN EXEMPLARY EMBODIMENT The following description with reference to the accompanying drawings, given as non-limiting examples, will make it clear what the invention consists of and how it can be achieved. In the accompanying drawings: FIG. 1 represents an exemplary context in which the invention may be implemented, notably comprising a vehicle and a mobile terminal; FIG. 2 diagrammatically represents components useful for understanding the invention, the vehicle and the mobile terminal of FIG. 1; and FIG. 3 shows the main steps of a registration process, following the purchase of a second-hand vehicle, to a vehicle function control service by means of the mobile terminal. FIG. 1 represents an example of context in which the invention can be implemented.

In this context, a motor vehicle 10 comprises an electronic control unit 11 (or ECU for "Electronic Control Unit") which can communicate via a wireless link with a mobile terminal 20, for example a mobile phone (or telephone cellular), possibly of the "smart phone" or "smartphone" type, commonly used, in order to exchange data with this mobile terminal 20, for example with a view to controlling the functionalities of the motor vehicle 10 at the same time. means of the mobile terminal 20 (such a functionality can be for example the unlocking of the doors of the motor vehicle 10 or the starting of the vehicle engine).

Alternatively, it could for example be a connected watch, a pair of glasses connected, or a tablet computer. The wireless link used to communicate between the electronic control unit 11 and the mobile terminal 20 is for example of the Bluetooth type. The mobile terminal 20 is furthermore designed to connect to a mobile telephone network 30 which notably comprises a base station 32 in communication via a radio link with the mobile terminal 20 and a gateway 34 for connection to a public network 40. for example the Internet network. A server 50 is also connected to the public network 40 so that the mobile terminal 20 and the server 50 can communicate and exchange data via the mobile telephone network 30 and the public network 40. The server 50 is here managed. by the manufacturer of the electronic control unit 11. FIG. 2 schematically represents components useful for understanding the invention of the motor vehicle 10 and the mobile terminal 20. The motor vehicle 10 comprises in particular the electronic unit 11 already mentioned, an actuator 15 (designed here to allow the unlocking of the doors of the motor vehicle 10), an actuator 17 (designed to allow the vehicle to start), a wireless communication module 10 16 and a user interface 18 The electronic control unit comprises a processor 12 and a storage unit 14, for example a rewritable non-volatile memory or a Hard disk. The storage unit 14 stores, in particular, computer programs comprising instructions, the execution of which by the processor 12 enables the control electronics 11 to implement the methods described below. An identifier (here a VID identification number) is assigned to the motor vehicle 10. Another identifier (here a serial number N) is assigned to the electronic control unit 11. The association between the identification number VID of a motor vehicle 10 and the serial number N of the electronic control unit 11 which equips this motor vehicle 10 is stored in a database D managed by the server 50. It will be considered here more specifically that the base of Data D of the server 50 stores a plurality of records, each of which records is associated with one of the registered motor vehicles and stores a plurality of data, including the VID identification number assigned to the motor vehicle 10. mobile terminal 20 comprises a processor 22, a memory 24 (for example a non-volatile memory rewritable), a wireless communication module 26, a module 28 communication on the mobile telephone network 30, and a display screen 27 (here a touch screen). The memory 24 allows in particular the mobile terminal 20 to store a user application, intended to facilitate the control of the functions of the vehicle 3033204 8 by means of this mobile terminal 20. It is also adapted to store a virtual key VK, which will allow the electronic control unit 11 to authenticate the mobile terminal 20 to allow access to the functionalities of the motor vehicle 10 if it is authorized. Here, for greater security, it will be considered that this virtual key VK has a limited validity period, and that it will have to be regularly updated by the server 50. It will then be considered that the server 50 also stores in each registration associated with a motor vehicle 10: - the UID of the registered owner, 10 - the virtual key VK issued to the owner for this vehicle, - contact details of the owner. These contact details will preferably include the telephone number of the mobile terminal 20 to which the virtual key VK has been issued (that is to say the number which has been assigned to the mobile terminal 20 at the time of subscription to the service of the mobile terminal. mobile telephony, it is for example a number MSISDN). Alternatively or additionally, the contact information may include the owner's email address or the owner's mailing address. It should be noted here that the contact details of the owner could serve as an identifier for the owner. Still alternatively, the identifier of the mobile terminal 20 of the owner (generally called IMEI number) could act as an identifier for the owner. Here, as will be well described later in this presentation, we will consider that the owner will be identified by a set of information.

The server 50 may also store, in each record associated with a motor vehicle 10: the identifier of the other users of the vehicle (family, friends, renter, etc.), the contact details of these other users, and the virtual keys VK delivered to the mobile terminals of these other users. The wireless communication module 26 of the mobile terminal 20 makes it possible to establish a wireless link (here Bluetooth type as already indicated) with the wireless communication module 16 of the motor vehicle 10 through which the processor 12 of the unit The control electronics 11 and the processor 22 of the mobile terminal 20 can exchange data, especially as discussed further. The communication module 28 enables the mobile terminal 20 (and more specifically the processor 22 equipping this mobile terminal 20) to exchange data already indicated with other devices connected to the mobile telephone network 30 or to the public network 40. in particular embodiments with the server 50. In some embodiments, the communication module may comprise a smart card which stores connection data associated with a subscription to the mobile telephony service and making it possible to establish the connection 10 on the telephony network. As discussed above, the server 50 will provide users with access service to one or more features of the registered motor vehicles by means of their mobile terminals. The commanded functionality may be for example the unlocking of the doors of the vehicle or the starting of the vehicle. The user may be the owner of the vehicle, or any other person authorized by the latter and registered in the server 50. This service must then be secured to prevent unauthorized persons from accessing the features of the motor vehicles. The subject of the present disclosure then relates more specifically to a method of securing this service when the owner of a motor vehicle 10 wishes to modify one of the information stored in the server 50. It may be noted, in a preliminary manner, that this The method will systematically comprise four main steps, namely: a step of reception by the server 50 of a request for modifications of the information relating to the owner of a motor vehicle 10, comprising an identifier (for example that of the vehicle) and at least one information to be modified, 30 - a step of searching for a record in the server 50 associated with the identifier VID, - in case of registration found, a step of reading the contact details of the owner registered in the record, and sending to said owner of a request message for validation of said request, and 3033204 10 - in case of receipt of a message from the owner said request validating said request, a step of modifying the record (or alternatively of creating a new record in the server) so that it stores each information to be modified.

In order to understand the present invention, two cases can be envisaged, that in which the owner of the vehicle changes (the information to be modified in the server 50 then including in particular the first and last names as well as the contact details of the owner), and that where the owner changes the mobile terminal (the information to be modified in the server 50 then including the IMEI number of the mobile terminal, and possibly the telephone number associated with this mobile terminal). Consider first the case of a sale or an assignment of the motor vehicle 10 by its "former owner" (or "original owner") to a "new owner".

FIG. 3 then presents in detail the main steps of a registration process (or enrollment) of the new owner on the server 50, so that he can access the service of control of the motor vehicle functionalities by means of his mobile terminal 20. It is noted that prior to the implementation of such a method, the mobile terminal 20 of the new owner is not specifically prepared for the control of the motor vehicle functionalities 10 and does not include any data associated with the motor vehicle 10. It may be for example the mobile phone commonly used by the new owner of the motor vehicle 10.

Similarly, before the implementation of the method, the mobile terminal 20 of the new owner is unknown to the motor vehicle 10 which is therefore not aware of any data associated with this mobile terminal 20. On the other hand, it will be considered here that the the former owner had identified himself with the server 50, so that the database D includes, in a record D1 associated with the motor vehicle 10, information relating to this former owner (for example an identifier, a telephone number associated with his mobile terminal, his name and surname, ...). It will be noted here that the mobile terminal of the former owner will be referenced 20 'in FIG. 3. It is considered that, for the implementation of the method of FIG. 3, the new owner has access to the motor vehicle 10 by means of conventional means, for example by a physical key that the former owner gave him. In the embodiment described here, the new owner carries and uses the mobile terminal 20 which, as described above, is in communication on the one hand with the electronic control unit 11 via a wireless link (e.g. of the Bluetooth type) and on the other hand with the server 50 via a radio link to the base station 31, then via the mobile telephone network 30 and the public network 40.

The mobile terminal 20 can thus be used, in the embodiment described here, as a gateway for data exchange between the electronic control unit 11 of the motor vehicle 10 and the server 50, as described below. Alternatively, other communication means could be used between the vehicle and the server 50, for example a communication module (sometimes referred to as a "Telematic Control Unit") fitted to the vehicle and designed to establish a (direct) communication between the vehicle and the server 50. vehicle and the mobile phone network. The process of FIG. 3 starts in step E1 at which the new owner declares himself to the server 50 as the new owner of the motor vehicle 10. For this purpose, he can first install himself in the motor vehicle 10, and wait for a Bluetooth link to be established conventionally between its mobile terminal 20 and the electronic control unit 11 of the motor vehicle 10.

He can also download the user application made available by the manufacturer of the motor vehicle. This user application can for example be downloaded to the "online store" associated with the operating system embedded on its mobile terminal 20. In practice, if it has an iPhone®, the user can download this user application 30 on the Apple store®. Once this link has been established and this user application has been downloaded and installed on its mobile terminal 20, in step E1, the new owner communicates to the server 50 a request for a change of ownership of the motor vehicle 10 here comprising a user identifier U1D1, the identifier 3033204 12 VID of the motor vehicle 10, and the telephone number associated with the mobile terminal 20 used. In one conceivable embodiment, it uses for this the user application, the latter being programmed to ask the new owner to enter the aforementioned identifiers UlD1, VID and to transmit them to the server 50. In another conceivable embodiment, the new owner connects to the server 50 by entering the http address of the server 50 in a browser executed by the processor 22 of the mobile terminal 20, and for example enters the aforementioned identifiers UlD1, VID and its telephone number in a form then transmitted to the server 50. The user ID UlD1 of the new owner may come in different forms. It could for example include the last name and first name (s) of the new owner, and / or his pseudonym and / or his date of birth and / or his email address and / or his telephone number and / or an identifier of the mobile terminal. 20 (such as the number 'MEI). It will be considered later in this presentation that this identifier will include the surname and first name (s) of the new owner, as well as his phone number. The VID identifier of the vehicle is for example of the "Vehicle Identification Number" type. It will have been provided by the former owner to the new owner, along with the vehicle papers. However, it would be possible alternatively to use another identifier associated with the motor vehicle 10, in particular the serial number N of the electronic control unit 11 of the motor vehicle 10. The user identifier UlD1 and the vehicle identifier VID considered in association form a electronic certificate of ownership of the vehicle for the proposed service. The server 50 receives the user identifier UlD1 and the vehicle identifier VID in step E2 and stores these identifiers, at this stage, in an area dedicated to vehicles for which the registration to the vehicle function control service by means of of the mobile terminal is in progress.

In the next step E3, the server 50 will check whether the motor vehicle 10 is already registered in the database D or if it is a new motor vehicle to be recorded in it. It goes for that search in its database D a record in which the vehicle identifier VID would be stored.

In the context of the present invention, it will be considered here that a record D1 is found, so that the method continues in a step E5. If no registration was found, the motor vehicle 10 would be considered never to have been registered in the database D. The process would then continue to E4 operations during which not only the new owner but also the vehicle should enlist with the server. Steps E5 and following will then be implemented by the server 50 so that the latter can ensure that the person who transmitted the request for change of ownership is the new owner of the motor vehicle 10. These steps will consist of to check with the former owner that the latter is no longer the legal owner of the motor vehicle 10, then possibly to identify the new owner (the latter being considered as such if he has a particular physical object - here the physical key). For this, the server 50 read in step E5 the phone number of the old owner, which is stored in the D1 record of the database D. In the next step E6, the server sends to the terminal 20 'mobile 20' of the former owner a message asking him if he actually sold his vehicle. This message may be transmitted for example as a short message or SMS (for "Short Message System"). Alternatively, it could be an email or even a physical mail.

The message then appears on the touch screen 27 of the mobile terminal 20 (step E7). It will be considered here that this message includes two http links, one to validate that the motor vehicle 10 has actually been sold, the other to answer that the former owner still owns the vehicle. The former owner may then choose not to answer or reply that he is still the owner of the vehicle, in which case the process is interrupted (step E0). On the contrary, it can validate that the motor vehicle 10 has actually been sold, in which case a favorable response message is transmitted from the mobile terminal 20 'of the former owner to the server 50.

Upon receipt of this message, the new owner could be directly registered in the server 50. However, here, for greater security, steps E8 and later will be undertaken before validating the registration of the new owner in the server 5. 50. The server 50 then triggers the continuation of the registration process by sending to the electronic control unit 11 of the motor vehicle 10 an INS instruction for checking the presence of the new owner in the motor vehicle 10 (step E8) .

On receipt of this INS instruction, the electronic control unit 11 controls in step E9 the generation by the user interface 18 of an indication asking the new owner to perform one or more action (s) ACT. This indication may be a visual indication (e.g., a light signal or display on a screen of the user interface 18) and / or sound (e.g., a particular sound or voice message). The action or actions requested preferably include the use of the physical key (for example, the support, possibly simultaneous, on one or more buttons of the physical key, or the start and / or stop of the engine with the physical key). Alternatively, it (s) may comprise an action of the new owner on the motor vehicle 10, for example a button press of the user interface 18, an opening and / or a door closure (in these variants, these actions can only be implemented if the new owner actually has the physical key).

The new owner performs the action (s) requested ACT (s) in step E9. The electronic control unit 11 detects in step El 0 whether the action performed by the new owner corresponds to the requested action ACT (leaving for example a predetermined duration to the new owner to perform the action). In case of failure (that is to say if the new owner does not perform the requested actions within the allotted time), the electronic control unit 11 proceeds to the step El 1 which ends the registration process. An error message may further be displayed on the motor vehicle user interface 10. On the other hand, if the new owner correctly performs the requested ACT actions within the allotted time, it is considered that all the requirements to perform its registration in the database D are completed 5 and that the vehicle function control service by means of the mobile terminal can be started. Then, during a step E12, the electronic control unit 11 of the motor vehicle transmits to the server 50 an authentication message of the new owner.

On receipt of this message, the server 50 deactivates the UIDO identifier of the former owner, as well as all the rights attached (step E1). Here, the UIDO identifier of the old owner is erased from the record D1 of the database D. It can then be archived in another database.

Alternatively, the entire record D1 could be deleted or archived. In any event, the server 50 then ceases the updates of the virtual keys VK (which are reminded that they have a limited validity period) attached to the electronic certificate of ownership of the former owner of the automobile vehicle 10. Alternatively, the server 50 can transmit to all the mobile terminals 20 stored in the record D1 associated with the motor vehicle 10 a request to erase the virtual keys that these mobile terminals 20 store.

In both of these cases, the server 50 erases all the virtual keys VK that were recorded in the record D1. Simultaneously, it may be provided that the server 50 controls the sending to the mobile terminals that used these virtual keys VK a message warning them that they can no longer benefit from access to the motor vehicle 10 using their terminals mobile 20.

Then, during a step E14, the server 50 proceeds to the registration of the identifier U1D1 of the new owner in the record D1 of the database D, as well as to the registration of its number of phone. Alternatively, this registration could be made in a new record of the database, in association with the VID 3033204 16 of the motor vehicle 10. Once this registration completed, the server 50 generates a new virtual key VK he stores in the D1 record and transmits it to the mobile terminal 20 of the new owner (step E15).

This step of transmission of the virtual key VK is not the subject of the present invention, it will not be described here in detail. It can simply be explained that it is initiated by sending a short message to the mobile terminal 20, using the telephone number stored in the record D1 of the database D.

At the end of this step, the mobile terminal 20 benefits from a virtual key VK (step E16) which allows the new owner to have access to the functionalities of his vehicle by means of his mobile terminal 20. Once the key virtual VK issued, the enrollment process of the new owner is completed.

Consider now the case where the new owner of the motor vehicle 10 does not register with the server 50. It may indeed happen that the new owner does not wish to benefit from the access service to the vehicle by means of a mobile terminal. or that he is not informed of the possibility of benefiting from this service.

It will be understood that in this case, the former owner remains free to fraudulently use the motor vehicle 10 by using the virtual keys VK which he still has in his mobile terminal 20 '. It is then expected to store in the server 50 information to prove a posteriori the fraudulent use of the vehicle by its former owner. For this, the user application registered in each mobile terminal 20 is programmed to transmit to the server 50, whenever the mobile terminal 20 is used to unlock the doors or to start the vehicle engine, information relating to the identity of its owner and at the time said access occurred. This information can be directly transmitted to the server, or can be transmitted later if the mobile terminal 20 does not have access to the mobile network. Thus, each record D1 of the database D stored in the server 50 stores a log in which are listed all these accesses.

3033204 17 This journal can thus in practice store the phone number or the IMEI code of the mobile terminal 20 used, as well as the date and time of access to the motor vehicle 10. In this way, in case of dispute, this newspaper may serve as evidence 5 concerning the people who have used the motor vehicle 10. Advantageously, a peer newspaper is held by the electronic control unit 11 of the motor vehicle 10. Thus, at each access to one of the functionalities of the motor vehicle by a user, the electronic control unit 11 stores in its storage unit 14 information relating to the identity of the user (for example the IMEI number of his mobile terminal 20) and at the moment when said access has been location. In this way, when the mobile terminal 20 does not have access to the server 50, the vehicle log is still updated. Thus, subsequently, when a mobile terminal (the same or another) having access to the server 50 is used by a user to access the vehicle, this mobile terminal serves as a gateway to allow the information contained in the vehicle log. One advantage is that even if the server log is not up to date and the motor vehicle has been stolen and then found, it is possible to analyze the vehicle log to check all the information. access to the vehicle. To further reduce the risk of fraudulent use of the motor vehicle 10 by its former owner, it may be provided to incite, or to force the new owner to declare himself as such to the server 50. This incentive may take the form of messages posted on the user interface 18 of the motor vehicle 10. Thus, the electronic control unit 11 may be provided to control the display, at regular intervals, the surname and first name of the owner of the vehicle registered in the server 50 (for example at each start of the motor vehicle 10).

Thus, by seeing first and last names that are not his, the new owner of the vehicle will be encouraged to declare himself as such to the server 50. Alternatively, it can be expected that the electronic certificate of ownership of each motor vehicle has a limited period of validity and that the owner of the vehicle is forced to update it at regular intervals. In this variant, the date of creation of the electronic property certificate can be stored in each record of the database. So, for example, on each anniversary of this date of creation, we can force the owner to update his electronic property certificate. This update may for example be performed by asking the owner to use his physical key, to enter his last name and first name on the user interface 18 of the motor vehicle 10 and connect his mobile terminal 20 to the electronic control unit 11 in Bluetooth.

Then, these first and last names and the identifier of the mobile terminal 20 will be compared by the server 50 with those stored in the corresponding record of the database D. If they correspond, the validity of the electronic certificate of ownership will be extended. one year.

In the opposite case (in case the owner of the vehicle has changed), the new owner will be forced to enlist with the server, according to the method described above. We can now consider the second example of implementation of the invention, the one where the owner of the vehicle has changed mobile terminal 20 and wishes to record this new terminal 20 in the server 50. In this second example not shown in the figures , the owner initiates the registration process of this new mobile terminal 20 in the server 50 by communicating to the server 50 a mobile terminal change request.

For this, he begins by downloading the user application made available by the manufacturer of the motor vehicle, then he chooses in this application the menu allowing him to issue such a request. In this menu, the owner enters information, including an identifier allowing the server 50 to find the record D1 corresponding to the vehicle 30 of the owner. This identifier will preferably be the VID identifier of the motor vehicle 10. Alternatively, it could be the UID identifier of the vehicle owner.

When receiving this information, the server 50 searches in its database D for a record in which the vehicle identifier VID would be stored. It will be considered here in the context of the present invention that a D1 record is found. The following steps will then be implemented by the server 50 so that the latter can ensure that the person who transmitted the request for change of mobile terminal is the owner of the motor vehicle 10.

For this purpose, the server 50 reads the telephone number stored in the record D1 of the database D, then sends to this telephone number a message asking the owner whether he has indeed changed his mobile terminal. This message may be transmitted for example in the form of a short message or SMS (for "Short Message System"). In a variant or in the absence of a response (particularly in the case where the owner has also changed his telephone number), the message may be transmitted in the form of an electronic mail or a paper mail. As soon as the owner validates the received message, the IMEI number of the mobile terminal 20 is registered in the server 50 as a new identifier of the mobile terminal of the owner of the motor vehicle 10. Here again, for further security, other steps could be taken. be undertaken before validating the registration of the IMEI number of the new mobile terminal in the server. The owner could thus be asked to validate this registration, by performing one or more ACT action (s) of the type described above.

Claims (15)

REVENDICATIONS1. Method for securing a control service enabling a motor vehicle owner (10) equipped with a mobile terminal (20) to access at least one feature of the motor vehicle (10) by means of the mobile terminal (20) , said control service being operated by means of a server (50) in which are stored records which each associate to an identifier (VID; UID), information relating to the owner of said motor vehicle (10), said information comprising at least contact details of said owner, characterized in that it comprises the following steps: a) reception by the server (50) of a request for modifications of information relating to a motor vehicle owner (10), comprising an identifier (VID; UID) and at least one information to be modified, b) search for a record in the server (50) associated with the identifier (VID; UID), c) in case of registration found reading the contact details of the owner registered in said record, and sending said owner a request message for validation of said request, d) if receiving a message from said owner validating said request, modifying said record or creation a new record in the server (50), so that the server (50) stores each information to be modified. The method of securing according to claim 1, wherein, the owner information further comprising an identification number of said mobile terminal (20), in step a), the information to be modified includes a number for identifying a new mobile terminal (20), and - in step d), the identification number of said new mobile terminal (20) is stored in the server (50). 3. Securing method according to claim 1, wherein said identifier (VID) characterizing the motor vehicle (10), the information relating to the owner having an identifier (UIDO) of the owner, - in step a), the information to be modified comprises an identifier (UID1) of a new owner 3033204 21 having bought the motor vehicle (10) from the original owner, as well as the contact details of the new owner, and - in step d), the identifier ( UID1) and the contact details of the new owner are saved in the server. 5 4. Securing method according to claim 3, wherein in step d), the identifier (UIDO) of the original owner is disabled. The security method according to claim 4, wherein the mobile terminal (20 ') of the initial owner storing at least one virtual key (VK) for access to the functionality of the motor vehicle (10), when the identifier ( UIDO) 10 of the original owner is disabled, said virtual key (VK) is blocked and / or the automatic update of said virtual key (VK) is suspended. 6. Securing method according to claim 5, wherein, said record of the server (50) storing the contact coordinates of at least one other user of the motor vehicle (10) equipped with another mobile terminal storing at least one another virtual key to access the functionality of the motor vehicle (10), when the identifier (UIDO) of the initial owner is disabled, said other virtual key is blocked and / or the automatic update of said other virtual key is suspended and an end-of-validity information message of said other virtual key is sent to said other user, by means of the contact coordinates stored in the record. 7. Securing method according to one of claims 3 to 6, wherein, after said step d), the server (50) transmits to the mobile terminal (20) of the new owner a virtual key (VK) access to the functionality of the motor vehicle (10). 8. Securing method according to one of claims 3 to 7, comprising a step of detecting an action of the new owner on a physical object related to the motor vehicle (10), wherein said step d) is further conditioned by said detection. 9. Securing method according to claim 8, wherein the physical object is a physical key capable of controlling the unlocking of the doors of the motor vehicle (10). The security method according to one of the preceding claims, wherein, the owner information including an owner identifier (UID), when an owner identifier (UID) stored in the server (50) is unchanged. since a duration greater than a predetermined threshold, there is provided a step of verifying the identity of said owner. 11. Securing method according to one of the preceding claims, wherein, the owner information having a name or a pseudonym of the owner, and the motor vehicle (10) being equipped with a display screen (18). it is intended to display frequently on said display screen (18) a message mentioning the name or pseudonym of said owner. 12. The security method according to one of the preceding claims, wherein, wherein the contact details stored in each record of the server (50) include an e-mail address and / or a telephone number. 13. Securing method according to one of the preceding claims, wherein, the mobile terminal (20) being adapted to communicate with the server (50), after each access of the owner to the functionality of the motor vehicle (10) through a mobile terminal (20), there is provided a step of transmission by said mobile terminal (20) to the server (50) of information relating to the moment when said access has taken place. 14. Securing method according to the preceding claim, wherein the server (50) stores, in the record associated with said motor vehicle (10), a log in which are stored, since a given date, information relating to the identity of each user accessing the motor vehicle (10) and at the time of each access to the functionality of the motor vehicle (10). 25 15. Securing method according to one of the preceding claims, wherein after each access of a user to the functionality of the motor vehicle (10) through a mobile terminal (20), a control unit (11) of the motor vehicle (10) stores information relating to the identity of the user and when said access occurred. 30