Access control for rental cars

US 7,366,677 B1
Filed: 08/31/2000
Issued: 04/29/2008
Est. Priority Date: 08/31/2000
Status: Expired due to Term

First Claim

Patent Images

1. A car rental system comprising:

a fleet of cars, each having an in-car access controller which is operable only when a valid digital key is presented to the car;

a management system for handling reservation and car return, said management system including a reservation server and key generation system for generating digital keys for users of the car rental system, said key generation system storing a digital key on a portable storage device provided to a user of the car rental system, the digital key specifying a starting date and time of a rental transaction and identifying the car the digital key is for and personal information identifying the user;

said information being digitally signed using a private key of the reservation server as a digital signature of the reservation server;

the in-car access controller including means for reading the digital key on the portable storage device and verifying the digital signature of the reservation server and input means for receiving information identifying the user and comparing entered personal information with personal information identifying the user of the digital key, the in-car access controller further including means for invalidating the digital key if the entered personal information does not match the personal information identifying the user of the digital key but, otherwise, activating instruments which the user is authorized to have access to, the in-car access controller being responsive to a request from the user to return the car and including means for obtaining car status information, including fuel level, mileage, current time and car ID, and generating a return packet by combining car status information and current digital key and signing the return packet using a private key of the in-car access controller as a digital signature and saving the return packet on the portable storage device; and

a key return system for processing digital keys returned by renters, the key return system invalidating the current digital key and printing a receipt for the user.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Cars of a car rental system are made operable by having a renter present a digital key issued from the car rental system. The digital key specifies the starting date and time of a given rental transaction, and the identification of the car the key is for. The digital key is further signed by the car rental system for authenticity. A prospective renter makes online reservation over the Web and downloads into a portable storage device a digital key which can be used to operate the reserved car on the day the reservation is made for. On the pickup day, the renter goes to the car and inserts the portable storage device into a slot on the car. Upon successful verification of the digital key, the car is enabled and the renter can keep the car until he or she wants to return the car. The return process starts by having the renter obtain a invalidated digital key from the car. Once the rental car invalidates the digital key provided by the renter, the renter can no longer operate the rental car. Since the in-car controller is able to decipher the given authorization information, there is no need to re-program the in-car controller for each renter. The renter will be held liable for the rental car until he or she presents the invalidated digital key to the central station of the car rental system. To prevent a lost digital key from being used by unauthorized parties, a digital key can contain information such as a personal identification number (PIN) or a hash of the PIN of the authorized renter. For extra protection, the renter can opt to include his or her PIN in the digital key when the key is created by the car rental system. The parking lot of the car rental system can be operated without security personnel checking for proper authorization.

55 Citations

View as Search Results

16 Claims

1. A car rental system comprising:
- a fleet of cars, each having an in-car access controller which is operable only when a valid digital key is presented to the car;
  
  a management system for handling reservation and car return, said management system including a reservation server and key generation system for generating digital keys for users of the car rental system, said key generation system storing a digital key on a portable storage device provided to a user of the car rental system, the digital key specifying a starting date and time of a rental transaction and identifying the car the digital key is for and personal information identifying the user;
  
  said information being digitally signed using a private key of the reservation server as a digital signature of the reservation server;
  
  the in-car access controller including means for reading the digital key on the portable storage device and verifying the digital signature of the reservation server and input means for receiving information identifying the user and comparing entered personal information with personal information identifying the user of the digital key, the in-car access controller further including means for invalidating the digital key if the entered personal information does not match the personal information identifying the user of the digital key but, otherwise, activating instruments which the user is authorized to have access to, the in-car access controller being responsive to a request from the user to return the car and including means for obtaining car status information, including fuel level, mileage, current time and car ID, and generating a return packet by combining car status information and current digital key and signing the return packet using a private key of the in-car access controller as a digital signature and saving the return packet on the portable storage device; and
  
  a key return system for processing digital keys returned by renters, the key return system invalidating the current digital key and printing a receipt for the user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The system in claim 1, further comprising a parking lot guarded by a security gate, said fleet of cars being parked within confines of said parking lot when not rented by a renter of the car rental system, said security gate only opening when a valid digital pass is presented by a renter of the car rental system.
  - 3. The system in claim 2, wherein the management system is accessed by a user over a network and the user is given a digital key to operate a particular car and a digital pass to open the gate of the parking lot where said particular car is parked, after the user completes a reservation for said particular car, said digital key and digital pass being effective starting from the time specified by said reservation.
  - 4. The system in claim 3, wherein the user accesses the management system at a kiosk located in the parking lot where the particular car is parked.
  - 5. The system in claim 3, wherein the user accesses the management system over the Internet.
  - 6. The system in claim 3, wherein the key generation system stores a digital key on a portable storage device provided by the user.
  - 7. The system in claim 6, wherein the storage device is a smart card.
  - 8. The system in claim 6, wherein the digital key comprises car and user identification (ID) signed by the management system to authenticate the digital key.
  - 9. The system in claim 1, wherein the key return system updates the car status stored at the reservation server.

10. A method for operating a car rental system comprising the steps of:
- accessing a reservation server by a user of the car rental system to reserve a car;
  
  authenticating the user by the reservation server and, upon the reservation server successfully authenticating the user, prompting the user for the date, time, and location for pickup and return, and a requested type of car;
  
  checking by the reservation server an availability of the requested type of car and, if the requested type of car is available, creating by the reservation server a digital key for a car, the digital key specifying a starting date and time of a rental transaction and information identifying the car that the digital key is for and personal information identifying the user, said information on the digital key being signed using a private key of the reservation server as a digital signature of the reservation server;
  
  downloading the digital key to a portable storage device, the portable storage device being used to gain access to a rental car;
  
  detecting by an in-car access controller insertion of the portable storage device in a slot for receiving the portable storage device;
  
  reading by the in-car access controller the digital key stored on the portable storage device and, if the digital key is not yet invalidated, verifying by the in-car access controller the digital signature of the reservation server on the digital key, and if the digital signature of the reservation server is verified by the in-car access controller, prompting by the in-car access controller the user to enter personal information identifying the user;
  
  checking by the in-car access controller the personal information identifying the user entered by the user against the personal information identifying the user of the digital key and, if the personal information identifying the user entered by the user does not match the personal information identifying the user of the digital key, invalidating the digital key by the in-car access controller, but if the personal information identifying the user entered by the user matches the personal information identifying the user of the digital key, activating by the in-car access controller instruments which the user is authorized to have access to;
  
  upon receiving a request from the user to return the car, obtaining by the in-car access controller car status information, including fuel level, mileage, current time and car ID, and creating by the in-car access controller a return packet by combining car status information and current digital key and signing the return packet using a private key of the in-car access controller as a digital signature, and saving by the in-car access controller the return packet on the portable storage device; and
  
  invalidating the current digital key and printing a receipt for the user.
- View Dependent Claims (11, 12, 13, 14, 15, 16)
- - 11. The method in claim 10, wherein the step of accessing the reservation server is performed via a network.
  - 12. The method in claim 11, wherein the network is the Internet.
  - 13. The method in claim 10, wherein the step of authenticating a user includes the steps of:
    - prompting the user to enter a personal identification number (PIN); and
      
      comparing an entered PIN with a valid PIN for the user stored in the reservation server.
  - 14. The method of claim 13, wherein the step of creating a digital key comprises the steps of:
    - computing a hash of the user'"'"'s valid PIN;
      
      combining car and renter identification with the hashed PIN; and
      
      digitally signing the combined information by said reservation server.
  - 15. The method in claim 10, further comprising the steps of:
    - upon receiving by the car rental system a request by the user to return a car, retrieving the return packet from the portable storage device;
      
      verifying a signature on the return packet; and
      
      updating the car status stored at the reservation server and printing a receipt for the user.
  - 16. The method in claim 10, wherein the portable storage device is a smart card.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
International Business Machines Corporation
Inventors
Liu, Te-Kai, Greenwood, Michael C.
Primary Examiner(s)
Zeender; F.
Assistant Examiner(s)
Frenel; Vanel

Application Number

US09/652,159
Time in Patent Office

2,798 Days
Field of Search

705/13, 705 5- 6, 705/8, 705/10, 705/4, 701/201, 380/49, 382/115, 382/255, 713/200, 235/384, 709/204, 340/5.72, 340/5.6, 340/5.25, 340/5.62
US Class Current

705/5
CPC Class Codes

B60R 25/00   Fittings or systems for pre...

G06Q 10/02   Reservations, e.g. for tick...

H04L 63/0823   using certificates cryptogr...

H04L 63/083   using passwords cryptograph...

H04L 63/0853   using an additional device,...

Access control for rental cars

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

55 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Access control for rental cars

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

55 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links