ELECTRONIC DEVICE AND METHOD FOR AUTHENTICATING A USER BASED ON BIOMETRIC INFORMATION

Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION The present office action is responsive to communications received on 03/07/2024. Information Disclosure Statement The information disclosure statements (IDS) submitted on 03/07/2024, 12/10/2024 and 08/27/2025 are in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. Status of Claims Claims 1-20 are pending. Claim Objections Claim 3 and 15 is objected to because of the following informalities: the claim recites “after the first value and the second value based on the image are stored” the claim seems to be missing a comma or needs better clarification. Appropriate correction is required. Allowable Subject Matter Claims 6-10 and 18 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. The following is a statement of reasons for the indication of allowable subject matter: In interpreting the currently amended claims, in light of the specification, the Examiner finds the claimed invention to be patentably distinct from the prior art of record. Okuyama (US 20230164142 A1) ¶230 “the authentication system may determine an ID (identifier) that uniquely determines the system user. For example, in the user registration phase, the authentication server 10 acquires biological information (a face image or feature values) of a user. The authentication server 10 may generate an ID based on the biological information. For example, the authentication server 10 may calculate a hash value from feature values of a face image and may use the calculated hash value in place of the user ID and the password. Feature values of a face image differ depending on the user, and a hash value generated from these feature values also differs depending on the user. Thus, the hash value can be used as the ID of the system user.” Liao (US 20210142034 A1) ¶90 “the processor 101 decrypts ciphertext of step S405a by the second private key to obtain finger vein data, and finally stores the finger vein data in the fingerprint storage region R1 in step S409a. Moreover, in step S407b, the processor 101 decrypts ciphertext of step S405b by the first private key to obtain fingerprint data, and finally stores the fingerprint data in the finger vein storage region R2 in step S409b.” The prior art of record fails to teach or suggest, individually or in combination, each and every limitation of the claimed invention as a whole. For example, the prior art above individually or in combination do not disclose claims 6 and 18 “wherein the first private key includes information on first coordinates converted from the first feature values based on the first public key to move to the first coordinates, and wherein the second private key includes information on second coordinates converted from the second feature values based on the second public key to move to the second coordinates.” And claim 7 “and in response to identifying the first public key with respect to the at least part in the server, identify a third private key converted from the first feature values based on the first public key.” And Claim 10 “generate the first value hashed based on the first feature values and identification information of the software application, wherein the first value represents a password of the user for the software application, wherein the second value represents an identity (ID) of the user for the software application, and wherein the identification information includes at least one from among domain information of the external electronic device providing the software application or package information of the software application.” within the context of the claimed invention as a whole. Thus, the Examiner finds that the prior art does not provide sufficient teaching or motivation for anticipating or rendering obvious, within the claimed invention as a whole, without the usage of impermissible hindsight reasoning. Claim Rejections - 35 USC § 102 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention. Claim(s) 1-5, 11-17 and 19-20 is/are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Mathieu (US 20230246839 A1) hereinafter referred to as Mathieu. With respect to claim 1, Mathieu discloses: An electronic device comprising, memory, comprising one or more storage mediums, storing instructions; a camera; a communication circuit; (Mathieu ¶52 discloses biometric capture device comprising camera and circuit). and at least one processor comprising processing circuitry, wherein the instructions, when executed by the at least one processor individually or collectively, cause the electronic device to: obtain an image including a body portion of a user through the camera based on execution of a software application, (Mathieu ¶50 discloses obtaining features from biometric and physical data images such as “iris, facial, fingerprint, fluid, and gaseous”). obtain feature values for the body portion identified based on the image, (Mathieu Figs. 25 and 36, plus ¶50 discloses obtaining features values from biometric and physical data such as “iris, facial, fingerprint, fluid, and gaseous”). generate a first value hashed based on first feature values representing at least one part of the body portion from among the feature values, (Mathieu ¶50, “feature vectors may comprise data points to be used in a validity mask … That validity mask may then be utilized with the captured biometric data to generate a repeatable registration code (e.g., a hashed biometric code) that is capable of being compared on a bit-wise basis with later-captured comparison data.” Explained in more details in Mathieu ¶200 teaches obtaining different features such as first features, eyebrows, or second features such as cheeks or any other “Region of Interest (ROI)” and generating a hash from facial features illustrated in Mathieu figs. 25 and 30). generate a second value hashed based on second feature values representing at least another part of the body portion from among the feature values, (Similar to mapping above; Mathieu ¶50, “feature vectors may comprise data points to be used in a validity mask … That validity mask may then be utilized with the captured biometric data to generate a repeatable registration code (e.g., a hashed biometric code) that is capable of being compared on a bit-wise basis with later-captured comparison data.” Explained in more details in Mathieu ¶200 teaches obtaining different features such as first features, eyebrows, or second features such as cheeks or any other “Region of Interest (ROI)” and generating a hash from facial features illustrated in Mathieu figs. 25 and 30). and transmit, through the communication circuit, the first value and the second value to an external electronic device providing the software application. (Mathieu ¶50 teaches sending to a memory, which is interpreted as external from the camera module, the encrypted and hashed biometric information for storage to be used for registration [enroll] of the user for later authentication. Another interpretation could be that it is sent for registration/enrollment to another device(s) [possibly a server] disclosed by Mathieu ¶237). Claims 13 and 19 recite method and non-transitory computer-readable storage mediums respectively while they might have slight variations in language but they recite similar limitations as claim 1 and therefore rejected based on the same rationale. With respect to claim 2, Mathieu discloses: The electronic device of claim 1, wherein the first value and the second value are stored in the external electronic device, to enroll the user for the software application. (Mathieu ¶50 teaches sending to a memory, which is interpreted as external from the camera module, the encrypted and hashed biometric information for storage to be used for registration [enroll] of the user for later authentication or other device/server as disclosed by Mathieu ¶237 for user enrollment/registration). Claims 14 and 20 recite method and non-transitory computer-readable storage mediums respectively while they might have slight variations in language but they recite similar limitations as claim 2 and therefore rejected based on the same rationale. With respect to claim 3, Mathieu discloses: The electronic device of claim 2, wherein the instructions, when executed by the at least one processor individually or collectively, cause the electronic device to: obtain another image including the body portion through the camera based on execution of the software application after the first value and the second value based on the image are stored; obtain feature values based on the another image; (Mathieu Fig. 6, explained in Mathieu ¶183-184, illustrates “enrollment/registration mode” and then followed by “identification/authentication/verification mode”. In the later portion biometric data is captured [obtained] and features are extracted in step 2238 from another image which is different from the time of registration). generate the first value hashed based on third feature values representing the at least part of the body portion from among the feature values obtained based on the another image; generate the second value hashed based on fourth feature values representing the at least another part of the body portion from among the feature values obtained based on the another image; and transmit, to the external electronic device, the first value and the second value based on the another image. (Mathieu Fig. 6, explained in Mathieu ¶183-184 explain generating a hash from the gathered other images and send [transmit] them for verification to compare with prior stored registered images by comparing the hashes). Claim 15 recites a method while it might have slight variations in language but it recites similar limitations as claim 3 and therefore rejected based on the same rationale. With respect to claim 4, Mathieu discloses: The electronic device of claim 3, wherein the instructions, when executed by the at least one processor individually or collectively, cause the electronic device to: execute a designated function through the software application, based on the first value and the second value based on the image corresponding to the first value and the second value based on the another image. (Given BRI having a match in hash as illustrated in Fig. 6, and explained in Mathieu ¶183-184 would allow the system to execute a subsequent function if there is a match in the verification step biometric hash when compared with the enrolled biometric feature(s) vector(s) hash). Claim 16 recites a method while it might have slight variations in language but it recites similar limitations as claim 4 and therefore rejected based on the same rationale. With respect to claim 5, Mathieu discloses: The electronic device of claim 1, wherein the instructions, when executed by the at least one processor individually or collectively, cause the electronic device to: generate a first private key for generating the first value and a first public key for generating the first private key from the first feature values; store the first public key with respect to the at least part of the body portion in the electronic device or a server associated with an account of the electronic device; generate a second private key for generating the second value and a second public key for generating the second private key from the second feature values; and store the second public key with respect to the at least another part of the body portion in the electronic device or the server. (Mathieu ¶210 discloses “key generation program 3104” for generating and storing keys wherein the keys “biometric capture 3112 is used to acquire biometric data that is then used to generate the private and public keys. The biometric data is processed by a biometric hash algorithm 3114 to generate the public code 3116 (or, in the instance of an asymmetric encryption to generate a private and/or public key, the biometric hash algorithm 3114 accesses the public data 3116) and the biometric hash 3118. The biometric hash 3118 is then used as the input to the key generation program 3120 to create the private key 3124 and public key 3122. In this manner, the biometric hashes generated in accordance with the present disclosure can be used to generate and distribute both private and public asymmetric keys based on a user's biometric data.” Which implicitly are stored on the device as they are generated there). Claim 17 recites a method while it might have slight variations in language but it recites similar limitations as claim 5 and therefore rejected based on the same rationale. With respect to claim 11, Mathieu discloses: The electronic device of claim 1, wherein the body portion includes a face of the user, wherein the at least part of the body portion includes an iris of the face, and wherein the at least another part includes the face. (Mathieu ¶50 discloses obtaining features from biometric and physical data images such as “iris, facial, fingerprint, fluid, and gaseous”). With respect to claim 12, Mathieu discloses: The electronic device of claim 1, wherein the instructions, when executed by the at least one processor individually or collectively, cause the electronic device to: receive, from another external electronic device connected to the electronic device, a request signal for the first value and the second value, and in response to receiving the request signal, transmit, to the another external electronic device, a response signal including the first value and the second value generated based on the image, and wherein the response signal is used to authenticate the user for the software application in the another external electronic device. (Mathieu ¶210 discloses the biometric capture device receiving signal to transmit the feature values to the “key generation program 3104” for generating and storing keys wherein the keys “biometric capture 3112 is used to acquire biometric data that is then used to generate the private and public keys. The biometric data is processed by a biometric hash algorithm 3114 to generate the public code 3116 (or, in the instance of an asymmetric encryption to generate a private and/or public key, the biometric hash algorithm 3114 accesses the public data 3116) and the biometric hash 3118. The biometric hash 3118 is then used as the input to the key generation program 3120 to create the private key 3124 and public key 3122. In this manner, the biometric hashes generated in accordance with the present disclosure can be used to generate and distribute both private and public asymmetric keys based on a user's biometric data.” Which is sent to server for authentication as understood by the examiner). Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to HANY S GADALLA whose telephone number is (571)272-2322. The examiner can normally be reached Mon to Fri 8:00AM - 4:00PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached at (571) 272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /HANY S. GADALLA/Primary Examiner, Art Unit 2493