DETAILED ACTION

Notice of AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

The present office action is responsive to communications received on 10/9/2020. Applicant cancelled claims 21-30. Claims 1-20 are pending.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 1/11/2021 is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.

Examiner's Notes
Analysis under 35 U.S.C. 101, Double Patenting, and 35 U.S.C. 112 have been conducted, but no issues are found.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have 

Claim 1, 4-5, 12 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Schroff (“FaceNet: A Unified Embedding for Face Recognition and Clustering”, June 17, 2015, listed in IDS) in view of Osaka (WO 2013129580 A1, listed in IDS).

Regarding claim 1, Schroff teaches a system for biometric-based user identification, comprising: ([Abstract] system, called FaceNet, that directly learns a mapping from face images to a compact Euclidean space where distances directly correspond to a measure of face similarity.)
initiate generation of an embedding comprising a biometric data embedding in a non-Hamming distance space; and ([Abstract; p. 3, “3. Method”] learns a mapping from face images to a compact Euclidean space where distances directly correspond to a measure of face similarity. Once this space has been produced, tasks such as face recognition, verification and clustering can be easily implemented using standard techniques with FaceNet embeddings as feature vectors; an embedding f(x), from an image x into a feature space Rd, such that the squared distance between all faces.) Here the non-Hamming distance space is a Euclidean space.
process the embedding to create a processed embedding. ([p. 9, “7.1. Harmonic Triplet Loss”] the harmonic embedding we mix embeddings of v1 together with the embeddings v2, that are being learned.)

Schroff teaches biometric-based user identification, but does not explicitly teach a client device 
However, Osaka in an analogous art explicitly teaches
a client device comprising a processor; and an application executed by the processor, wherein the application causes the client device to at least: ([0015, 0026] computer to process data while using the hardware resources such as the storage device. CPU, a storage device such as a hard disk drive which stores a program indicating the processing procedure for the CPU executes, RAM which provides a work area to the CPU.)
at least one operator that can be used for mapping the non-Hamming distance space to a Hamming distance space. ([0042, 0059, 0097] using a hash function of binary codes describe an overview of a typical Spectral Hashing (SH). SH is a technique that has been said that good performance can be obtained in those using the hash. SH will select a few from the top of the principal components of the data space, carry out the projection of the Hamming space. Component underlying upper converts each sample into a binary code, to select the nearest neighbor candidate by Hamming distance. The Euclidean distance between two points of coordinates of the representative point of the bucket belongs computed. Correlation coefficient of the actual Euclidean distance between the estimated distance when changing the code length. This result indicates whether the estimated distance reflects the degree true distance. Hash structure to be compared SH, BDH, k-means BDH. Estimated distance SH in this experiment is the Hamming distance of binary code.) Here Osaka provides details on mapping the non-Hamming distance space (Euclidean distance) to a Hamming distance space in ¶43 & ¶97.
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the “unified embedding for face recognition and (Osaka [0042]).

Regarding claim 4, Schroff in view of Osaka teaches all the features with respect to claim 1, as outlined above. The combination further teaches wherein the at least one operator comprises at least one of: Locality Sensitive Hashes (LSHs) or a different error correcting mechanism. ([Osaka 0037] Locality Sensitive Hashing (LSH) is one of the most typical technique in the approximate nearest neighbor search method using the hash.) Here Osaka provides details on LSH in ¶37-41.

Regarding claim 5, Schroff in view of Osaka teaches all the features with respect to claim 1, as outlined above. The combination further teaches wherein the non-Hamming distance space is a Euclidean space. ([Schroff p. 3, “3.1. Triplet Loss”] The embedding is represented by f(x) є Rd. It embeds an image x into a d-dimensional Euclidean space.)

Regarding claims 12 and 15, the scope of the claims are similar to that of claims 1 and 4, respectively. Accordingly, the claims are rejected using a similar rationale.

Claim 2 and 13 are rejected under 35 U.S.C. 103 as being unpatentable over Schroff (“FaceNet: A Unified Embedding for Face Recognition and Clustering”, June 17, 2015, listed in IDS) in view of Osaka (WO 2013129580 A1, listed in IDS) and Canetti (“Reusable Fuzzy Extractors for Low-Entropy Distributions”, DOI: 10.1007/978-3-662-49890-3_5, 2016).

Regarding claim 2, Schroff in view of Osaka teaches all the features with respect to claim 1, as outlined above. But the combination does not teach start an enrollment session to enroll a user; and create a set of masks and a set of lockers based at least in part on using the at least one operator and a computational reusable fuzzy extractor, wherein at least one of: a secret or a cryptographic key is encrypted in at least one of the set of lockers. This aspect of the claim is identified as a difference.
However, Canetti in an analogous art explicitly teaches
start an enrollment session to enroll a user; and ([p.118, “1 Introduction”] Fuzzy extractors consist of a pair of algorithms: Gen (used once, at “enrollment”) takes a source value w. A fuzzy extractor is reusable if it remains secure even when a user enrolls the same or correlated values multiple times.)
create a set of masks and a set of lockers based at least in part on using the at least one operator and a computational reusable fuzzy extractor, ([p.119, “1.1 Our Contribution”] We construct the first reusable fuzzy extractor whose security holds even if the multiple readings wi used in Gen are arbitrarily correlated, as long as the fuzzy extractor is secure for each wi individually. This construction is the first to provide reusability for a realistic class of correlated readings. Our construction is based on digital lockers; in the most efficient instantiation, it requires only evaluation of cryptographic hash functions and is secure in the random oracle model or under strong computational assumptions on the hash functions. Our construction handles a wider class of sources than prior work. It is secure if the bits of w are partially independent. Namely, we require that, for some known parameter k, the substring formed by the bits at k randomly chosen positions in w is unguessable.) Here reference Canetti discloses parameter k being analogous to claim limitation “masks” and reference Osaka discloses one operator; therefore, the combination discloses the entire limitation.
wherein at least one of: a secret or a cryptographic key is encrypted in at least one of the set of lockers. ([p.125, “3 Tools: Digital Lockers, Point Functions, and Hash Functions”] Our main construction uses digital lockers, which are computationally secure symmetric encryption schemes that retain security even when used multiple times with correlated and weak (i.e., nonuniform) keys. In a digital locker, obtaining any information about the plaintext from the ciphertext is as hard as guessing the key.) Here ciphertext is the encrypted secret in the locker.
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the “unified embedding for face recognition and clustering” concept of Schroff, and the “reusable fuzzy extractors” approach of Canetti. One of ordinary skill in the art would have been motivated to perform such a modification to achieve computational security under assumptions on the security of hash functions or in the random oracle model. It is simple and efficient and tolerates near-linear error rates (Canetti [Abstract]).

Regarding claim 13, the scope of the claim is similar to that of claim 2, respectively. Accordingly, the claim is rejected using a similar rationale.

Claim 3, 14 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Schroff (“FaceNet: A Unified Embedding for Face Recognition and Clustering”, June 17, 2015, listed in IDS) in view of Osaka (WO 2013129580 A1, listed in IDS), Canetti (“Reusable Fuzzy Extractors for Low-Entropy Distributions”, DOI: 10.1007/978-3-662-49890-3_5, 2016) and Beigi (US 20150347734 A1).

Regarding claim 3, Schroff in view of Osaka and Canetti teaches all the features with respect to claim 2, as outlined above. But the combination does not teach send metadata to a computing device over a network, the metadata comprising the set of lockers, the set of masks, and a personal reliable bit 
However, Beigi in an analogous art explicitly teaches
send metadata to a computing device over a network, the metadata comprising the set of lockers, the set of masks, and a personal reliable bit map. ([0181] FIG. 8 shows the signature process using the above definitions. It is important to note that the Certificate Authority (CA) never sees the raw subscriber ID, S, the biometric models, Bn, or the signed software certificate, CS, unless the hash function is taken to be the identity function. Note that CS may have been signed through an independent certification, or the binary of the software may be hashed directly by the software itself. We are using CS here to mean either the signed certificate due to a code signing process described in Section 2.7, or the digest or hash value of that certificate. The CA only receives an encrypted copy of the hashed data for each i, Zi. It also receives the public encryption key of the registration application on the device, PPDA, such that it can decrypt the data and see the hashed data, Yi. In addition, the credentials of the registration application are sent along much in the same way as a digital certificate is requested from the CA described in X.509. The credentials are used by the CA to decide if it should sign the hashed data for the device or not.) Here device sends Zi, which can be the digital lockers and parameter k (claim limitation “masks”) disclosed by Canetti, as well as personal credentials (analogous to claim limitation “personal reliable bit map”).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the “unified embedding for face recognition and clustering” concept of Schroff, and the “multifactor authentication with multimodal biometrics” approach of Beigi. One of ordinary skill in the art would have been motivated to perform such a modification to securely exchange data between devices by utilizing multifactor authentication to increase the security of the device and to reduce the chance of providing unauthorized access to individuals, as well as to provide methodologies for combining sources of information to reduce the (Beigi [0012, 0017]).

Regarding claim 14, the scope of the claim is similar to that of claim 3, respectively. Accordingly, the claim is rejected using a similar rationale.

Regarding claim 20, Schroff in view of Osaka, Canetti and Beigi teaches a non-transitory computer-readable medium embodying a program executable for biometric-based user identification on a client device, wherein the program, when executed, causes the client device to at least: ([Schroff Abstract] system, called FaceNet, that directly learns a mapping from face images to a compact Euclidean space where distances directly correspond to a measure of face similarity.)
initiate generation of an embedding comprising a biometric data embedding in a non-Hamming distance space; ([Schroff Abstract; p. 3, “3. Method”] learns a mapping from face images to a compact Euclidean space where distances directly correspond to a measure of face similarity. Once this space has been produced, tasks such as face recognition, verification and clustering can be easily implemented using standard techniques with FaceNet embeddings as feature vectors; an embedding f(x), from an image x into a feature space Rd, such that the squared distance between all faces.) Here the non-Hamming distance space is a Euclidean space.
process the embedding ([Schroff p. 9, “7.1. Harmonic Triplet Loss”] the harmonic embedding we mix embeddings of v1 together with the embeddings v2, that are being learned.) to create at least one operator that can be used for mapping the non-Hamming distance space to a Hamming distance space; ([Osaka 0042, 0059, 0097] using a hash function of binary codes describe an overview of a typical Spectral Hashing (SH). SH is a technique that has been said that good performance can be obtained in carry out the projection of the Hamming space. Component underlying upper converts each sample into a binary code, to select the nearest neighbor candidate by Hamming distance. The Euclidean distance between two points of coordinates of the representative point of the bucket belongs computed. Correlation coefficient of the actual Euclidean distance between the estimated distance when changing the code length. This result indicates whether the estimated distance reflects the degree true distance. Hash structure to be compared SH, BDH, k-means BDH. Estimated distance SH in this experiment is the Hamming distance of binary code.) Here Osaka provides details on mapping the non-Hamming distance space (Euclidean distance) to a Hamming distance space in ¶43 & ¶97.
create a set of masks and a set of lockers based at least in part on using the at least one operator and a computational reusable fuzzy extractor, ([Canetti p.119, “1.1 Our Contribution”] We construct the first reusable fuzzy extractor whose security holds even if the multiple readings wi used in Gen are arbitrarily correlated, as long as the fuzzy extractor is secure for each wi individually. This construction is the first to provide reusability for a realistic class of correlated readings. Our construction is based on digital lockers; in the most efficient instantiation, it requires only evaluation of cryptographic hash functions and is secure in the random oracle model or under strong computational assumptions on the hash functions. Our construction handles a wider class of sources than prior work. It is secure if the bits of w are partially independent. Namely, we require that, for some known parameter k, the substring formed by the bits at k randomly chosen positions in w is unguessable.) Here reference Canetti discloses parameter k being analogous to claim limitation “masks” and reference Osaka discloses one operator; therefore, the combination discloses the entire limitation. 
wherein at least one of: a secret or a cryptographic key is encrypted in at least one of the set of lockers; and ([Canetti p.125, “3 Tools: Digital Lockers, Point Functions, and Hash Functions”] Our main construction uses digital lockers, which are computationally secure symmetric encryption schemes that ciphertext is as hard as guessing the key.) Here ciphertext is the encrypted secret in the locker.
send metadata to a computing device over a network, the metadata comprising the set of lockers, the set of masks, and a personal reliable bit map. ([Beigi 0181] FIG. 8 shows the signature process using the above definitions. It is important to note that the Certificate Authority (CA) never sees the raw subscriber ID, S, the biometric models, Bn, or the signed software certificate, CS, unless the hash function is taken to be the identity function. Note that CS may have been signed through an independent certification, or the binary of the software may be hashed directly by the software itself. We are using CS here to mean either the signed certificate due to a code signing process described in Section 2.7, or the digest or hash value of that certificate. The CA only receives an encrypted copy of the hashed data for each i, Zi. It also receives the public encryption key of the registration application on the device, PPDA, such that it can decrypt the data and see the hashed data, Yi. In addition, the credentials of the registration application are sent along much in the same way as a digital certificate is requested from the CA described in X.509. The credentials are used by the CA to decide if it should sign the hashed data for the device or not.) Here device sends Zi, which can be the digital lockers and parameter k (claim limitation “masks”) disclosed by Canetti, as well as personal credentials (analogous to claim limitation “personal reliable bit map”).

Claim 6, 10-11, 16 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Schroff (“FaceNet: A Unified Embedding for Face Recognition and Clustering”, June 17, 2015, listed in IDS) in view of Osaka (WO 2013129580 A1, listed in IDS) and Beigi (US 20150347734 A1).

Regarding claim 6, Schroff in view of Osaka teaches all the features with respect to claim 1, as outlined above. But the combination does not teach generate at least one of: a secret or a cryptographic key; and send at least one of: the at least one of the secret or the cryptographic key, or a second cryptographic key to a computing device over a network. This aspect of the claim is identified as a difference.
However, Beigi in an analogous art explicitly teaches
generate at least one of: a secret or a cryptographic key; and ([0181] It also receives the public encryption key of the registration application on the device, PPDA.) 
send at least one of: the at least one of the secret or the cryptographic key, or a second cryptographic key to a computing device over a network. ([0181] It also receives the public encryption key of the registration application on the device, PPDA, such that it can decrypt the data and see the hashed data, Yi.)
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the “unified embedding for face recognition and clustering” concept of Schroff, and the “multifactor authentication with multimodal biometrics” approach of Beigi. One of ordinary skill in the art would have been motivated to perform such a modification to securely exchange data between devices by utilizing multifactor authentication to increase the security of the device and to reduce the chance of providing unauthorized access to individuals, as well as to provide methodologies for combining sources of information to reduce the chance of fraud. In addition, security can be enhanced by utilizing multimodal biometrics (Beigi [0012, 0017]).

Regarding claim 10, Schroff in view of Osaka teaches all the features with respect to claim 1, as 
in response to receiving a request to perform a liveness challenge, capture at least one of a video or a voice; and ([Beigi 0126-0129] It is important to make sure that the user of the device is not using a prerecorded message captured from the authorized user of the phone to spoof the speaker recognition engine. To do this, a challenge may be used that would test the liveness of the individual using the phone. Basically, these are some methods for doing such a liveness test. A phrase is prompted or a question is asked. The user responds to the question or repeats the phrase. The audio is used to do the verification. In this case, the response to the challenge may be combined with the phrase so that the content of the phrase being said may be decoded using a speech recognizer and the content may be matched against the expected the challenge response. Most other biometric verification is quite similar to the speaker verification methodology given above.)
wherein the embedding is based on the at least one of the video or the voice. ([Schroff p. 5, “4.3. Academic Datasets”] Youtube Faces DB is a new dataset that has gained popularity in the face recognition community. The setup is similar to LFW, but instead of verifying pairs of images, pairs of videos are used.)

Regarding claim 11, Schroff in view of Osaka and Beigi teaches all the features with respect to claim 10, as outlined above. The combination further teaches 
perform a text extraction on the at least one of the video or the voice; and ([Beigi 0110] Speech may be used to provide voice biometrics about the user. Therefore speaker recognition by itself is a biometric (Factor 3), however, speech may also convey content in the form of a predetermined or preselected text (Factors 2+3).)
send the response to a computing device over a network for determining whether the response matches with the liveness challenge and determining whether the response arrives to the computing device within a defined threshold of time, wherein the response comprises the text extraction. ([Beigi 0110] Using speech to convey prompted content would provide a liveness test, hence producing Factors 3+4. In another usage, speech may be used to answer specific question related to the situation at hand. For example, a question may be posed about the local weather, the response to which should be befitting the question. Another example would be a question about the color of an object, the answer to which would require presence in the locality of interest at that specific moment. Depending on the capabilities of the natural language processing and understanding systems being used, in conjunction with the speech recognition capabilities, more or less complex questions may be asked by the system to assess liveness. These examples provide Factors 3+4. In fact, the queries may be formed in such an interactive way that would require Factors 2+3+4. In this case, the person's response would contain information about preselected or known facts, as well as prompts relating to the current state to ensure liveness. [0234] A predefined threshold is used for making a hard binary decision of whether to authenticate user or not, based on where the score lies with respect to this threshold. This threshold and the comparison, take into account the relative score of the user against competing models.) Here Beigi discloses examples of comparing score to threshold (analogous to claim limitation “determining whether the response arrives to the computing device within a defined threshold of time”) to determine allowable action and Beigi explicitly recites “There may also be other thresholds based on the description of Section 4.2.6” (¶78). Moreover, Beigi discloses various biometrics details in ¶60-63, such as speaker recognition, face recognition, and audio and video of the individual being recorded while he/she reads the provided reference text.

Regarding claims 16 and 19, the scope of the claims are similar to that of claims 6 and 10-11, respectively. Accordingly, the claims are rejected using a similar rationale.

Allowable Subject Matter
Claims 7-9 and 17-18 are objected to over prior art as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
The following is an examiner's statement of reasons for allowance: Claims 7 and 17 define the distinct features, start an authentication session to verify the at least one of: the secret or the cryptographic key; and determine whether applying a set of masks to the processed embedding extracts the at least one of: the secret or the cryptographic key, wherein the at least one of: the secret or the cryptographic key is encrypted in at least one of a set of lockers, wherein the set of masks and the set of lockers are based at least in part on using a computational reusable fuzzy extractor and the at least one operator.

In interpreting the claim, in light of the specification, the examiner finds the claimed invention to be patentably distinct from the prior art of record.

Beigi (US 20150347734 A1) teaches authentication procedure (¶172-¶181).

Canetti (“Reusable Fuzzy Extractors for Low-Entropy Distributions”, DOI: 10.1007/978-3-662-49890-3_5) teaches applying masks to processed embedding, secret being encrypted in lockers, wherein the masks and lockers are based on using a computational reusable fuzzy extractor.



Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
US 20190020472 A1, "Practical reusable fuzzy extractor based on the learning-with-error assumption and random oracle", by Cho, teaches a system for biometric authentication. The system converts biometric data into a cryptographic key r′ using a reusable fuzzy extractor process having an underlying hash function modeling a random oracle model. The system allows access to secured services when a comparison of r′ to a previously computed cryptographic key r shows a match.
WO 2022015948 A1, "Privacy-preserving fuzzy query system and method", by Boldyreva, teaches to provide the private querying of a biometric scan, such as a person's photo, against a private database such that the client issuing the private query learns only the identity of the query if it is in the database while the server performing the processing learns nothing of the biometric scan. The exemplary system and method conduct privacy-preserving searches over fuzzy databases via a fuzzy labeled set intersection (FLPSI) .

Any inquiry concerning this communication or earlier communications from the examiner should be directed to HAN YANG whose telephone number is (408)918-7638.  The examiner can normally be reached on Monday to Friday, 9:00-5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on 571-272-3862.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/HAN YANG/Examiner, Art Unit 2493