DETAILED ACTION
This Office Action is in response to the communication filed on 12/13/2018. 
Claims 1-29 are pending
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Objections
Claims 7, 12, 16, and 25 are objected to because of the following informalities: 
"more than one cryptography secret share" recited in claim 7 should read "more than one cryptography secret shares."
"the third-party" recited in claim 12 should read " the third-party server."
"the enrollment process" recited in claim 16 should read "the enrollment phase."
"at least one DSM server" recited in line 3 of claim 25 should read "at least one Distributed Security Module (DSM) server."
"at least one MPC module" recited in line 8 of claim 25 should read "at least one Multi-Party Computation (MPC) module."
Appropriate correction is required.
Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f): 
(f) ELEMENT IN CLAIM FOR A COMBINATION.—An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph: 
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art. The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph: 
(A) the claim limitation uses the term "means" or "step" or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 

(C) the term "means" or "step" or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word "means" (or "step") in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function.
Absence of the word "means" (or "step") in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function.

This application includes one or more claim limitations that do not use the word "means," but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitations use a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier. Such claim limitation is: "a user manager" as recited in claim 26.  
Because these claim limitations are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, they are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof. A review of the specification shows that the following appears to be the corresponding structure described in the specification 
If applicant does not intend to have these limitations interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may: (1) amend the claim limitations to avoid them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitations recite sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Claims 1-29 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.

It's unclear whether "the biometric sample" recited in claim 13 refers to "a biometric sample" recited in claim 1, "biometric sample of the user provided by the computerized device" recited in claim 1, or some other biometric sample. For the purpose of examination, "the biometric sample" has been interpreted as a biometric sample. 

There is insufficient antecedent basis for the limitation "the share" as recited in claim 20.
Claim 25 recites the limitation "the biometric sample" in line 10 and lines 14-15, however it's unclear whether they refer to "a biometric sample" recited in line 3 of claim 25, "a biometric sample" in line 9 of claim 25, or some other biometric sample. For the purpose of examination, "the biometric sample" has been interpreted as referring to any biometric sample. 
Claim 25 last line recites the limitation "the split biometric data reference," however it's unclear whether it refers to "a biometric data reference split to shares" recited in line 4 of claim 25, "biometric data reference split to shares" in line 10 of claim 25, or some other split biometric data reference. For the purpose of examination, "the split biometric data reference" has been interpreted as referring to any split biometric data reference. 

Claim 27 recites the limitation "the at least one DSM server," however, it's unclear whether it refers to "at least one DSM server" as recited in line 3 of claim 25, "at least one DSM server" in line 13 of claim 25, or some other DSM server. For the purpose of examination, "the at least one DSM server" has been interpreted as referring to a DSM server. 
The remaining dependent claims are also rejected for inheriting the deficiencies of the claims from which they depend on.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 25, 27-29 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. The claims do not fall within at least one of the four categories of patent eligible subject matter because the claims do not include at least one hardware element in the bodies as required by MPEP 2106(I). Claim 25 recites a system comprising at least one DSM server, at least one secret storage located at the at least one DSM server, and at least one 
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1-3, 13-18, and 21-29 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Kohli (US 2017/0243225).
Claim 1, Kohli teaches: 

receiving a request, by a at least one Distributed Security Module (DSM) server, to compare a biometric sample of a user with a biometric data reference split to shares, wherein said shares are distributed and stored in the computerized device and in the at least one DSM server; (e.g. [0012], "authenticating users that involve obtaining user biometric data of a particular type during an enrollment process, separating the biometric feature data into two or more user biometric feature data portions, and then distributing the biometric feature data portions among two or more separate biometric authentication system computers. The separate biometric authentication system computers each store their respective different user biometric feature data portion for future use to conduct user authentication processing. Thus, when the user then engages in a transaction, in some implementations a biometric authentication service system computer…prompts the user to provide the biometric feature data. Once received, that biometric feature data is separated into the two or more biometric feature data portions and then the biometric authentication service system computer transmits each biometric feature data portion to each of two or more authentication systems for user authentication processing. In particular, each of 
performing a comparison process between the biometric sample of the user provided by the computerized device and the biometric data reference using a Multi-Party Computation (MPC) process between the computerized device and the at least one DSM server; (e.g. [0001], "using multi-party computation for biometric authentication" [0012], "authenticating users that involve obtaining user biometric data of a particular type during an enrollment process, separating the biometric feature data into two or more user biometric feature data portions, and then distributing the biometric feature data portions among two or more separate biometric authentication system computers. The separate biometric authentication system computers each store their respective different user 
performing a security process between the computerized device and DSM server, and the third-party server in case the comparing of the biometric sample of the user provided by the computerized device with the split biometric data reference yields a match. (e.g. [0034], "an example of a business rule is one in which the merchant requires the user to be authenticated via one form of biometric feature data (such as via a facial recognition process) when the total purchase transaction price is greater than $50 but less than $250, but when the purchase transaction price exceeds $250 the user must also provide a second 
Claim 2, Kohli teaches:
wherein the request to compare the biometric sample of the user with the biometric data reference split to shares is received from the third-party server. (e.g. [0035]-[0036])
Claim 3, Kohli teaches:
wherein the request to compare the biometric sample of the user with the biometric data reference split to shares is received from the computerized device. (e.g. [0036])
Claim 13, Kohli teaches:
further comprises capturing the biometric sample by the computerized device. (e.g. [0036])
Claim 14, Kohli teaches:

Claim 15, Kohli teaches:
wherein the biometric data reference is associated with said user. (e.g. [0012])
Claim 16, Kohli teaches:
further comprises an enrollment phase between the computerized device and the least one DSM server, wherein the enrollment process comprises creating a biometric data reference split to shares and distributing between the computerized device and the least one DSM server. (e.g. fig. 3, [0012])
Claim 17, Kohli teaches:
wherein the enrollment phase further comprises storing at least one share of the biometric data reference shares in the least one DSM server. (e.g. fig. 3, [0012], [0031])
Claim 18, Kohli teaches:
wherein the enrollment phase further comprises storing one share of the biometric data reference shares in the computerized device. (e.g. fig. 3, [0012], [0031])

wherein all the shares of the split biometric data reference are distributed and stored in more than one DSM server. (e.g. [0012])
Claim 22, Kohli teaches:
wherein the shares of the split biometric data reference are utilized in an MPC process which compares the shares of biometric data reference distributed and stored in more than one DSM server, with a biometric data sample of a user provided by the computerized device. (e.g. fig. 5, [0012])
Claim 23, Kohli teaches:
wherein the biometric data reference is stored as a whole in a DSM server. (e.g. fig. 5, [0012])
Claim 24, Kohli teaches:
wherein the biometric data reference stored as a whole in a DSM server is utilized in an MPC process which compares the biometric data reference with a biometric data sample provided by the computerized device. (e.g. fig. 5, [0012])
Claim 25, Kohli teaches:
A system for conducting security processes between a computerized device and a third-party server, comprising:

at least one secret storage located at the at least one DSM server designed to store shares of biometric data references; (e.g. [0012], "authenticating users that involve obtaining user biometric data of a particular type during an enrollment process, separating the biometric feature data into two or more user biometric feature data portions, and then distributing the biometric feature data portions among two or more separate biometric authentication system computers. The separate biometric authentication system computers each store their respective different user biometric feature data portion for future use to conduct user authentication processing. Thus, when the user then engages in a transaction, in some implementations a biometric authentication service system computer…prompts the user to provide the biometric feature data. Once received, that biometric feature data is separated into the two or more biometric 
at least one MPC module located at the at least one DSM server designed to perform an MPC comparison process with said computerized device to compare a biometric sample of a user with biometric data reference split to shares, wherein the biometric sample is provided by said computerized device; (e.g. [0001], "using multi-party computation for biometric authentication" [0012], "authenticating users that involve obtaining user biometric data of a particular type during an enrollment process, separating the biometric feature data into two or more user biometric feature data portions, and then distributing the biometric feature data portions among two or more separate biometric authentication system computers. The separate biometric authentication system computers each store their respective different user biometric feature data portion for future use to conduct user authentication processing. Thus, when the user then engages in a 
and wherein the at least one DSM server is further configured to perform a security process between the computerized device and at least one DSM server, and the third-party server in case the MPC comparison process between the biometric sample of a user and the split biometric data reference, yields a match. (e.g. [0034], "an example of a business rule is one in which the merchant requires the user to be authenticated via one form of biometric feature data (such as via a facial recognition process) when the total purchase transaction price is greater than $50 but less than $250, but when the purchase transaction price exceeds $250 the user must also provide a second form of biometric feature data for authentication (for example, voice data so that a voice recognition process must 
Claim 26, Kohli teaches:
further comprises a user manager to associate the users with the biometric data references. (e.g. fig. 5, [0012], [0015], [0031])
Claim 27, Kohli teaches:
further comprises a second MPC module to perform an MPC process between the at least one DSM server and the computerized device. (e.g. figs. 1, 5, [0012])
Claim 28, Kohli teaches:
wherein the computerized device further comprises a device for capturing a biometric data from a user. (e.g. [0036])
Claim 29, Kohli teaches:
wherein said shares of biometric data references are associated with users utilizing the computerized device. (e.g. [0012])
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 4-5, 7-8, 10, 12, and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Kohli (US 2017/0243225) in view of Tuyls et al. (US 2015/0288519).
Claim 4, Kohli teaches the security process between the computerized device and DSM server (see above) and does not appear to explicitly teach but Tuyls teaches: 
further requires a cryptography secret. (e.g. [0024]-[0025], [0030]-[0031])

Claim 5, Kohli teaches the at least one DSM server (see above) and does not appear to explicitly teach but Tuyls teaches:
wherein the cryptography secret is stored in at least one server. (e.g. [0024]-[0025], [0030]-[0031])
Same motivation as presented in claim 4 would apply.  
Claim 7, Kohli does not appear to explicitly teach but Tuyls teaches:
wherein the cryptography secret is split to more than one cryptography secret share. (e.g. [0024]-[0025], [0030]-[0031])
Same motivation as presented in claim 4 would apply.  
Claim 8, Kohli teaches the at least one DSM server (see above) and does not appear to explicitly teach but Tuyls teaches:

Same motivation as presented in claim 4 would apply.  
Claim 10, Kohli teaches the computerized device (see above) and does not appear to explicitly teach but Tuyls teaches:
wherein at least one of the cryptography secret shares is stored in a computerized device. (e.g. [0024]-[0025], [0030]-[0031])
Same motivation as presented in claim 4 would apply.  
Claim 12, Kohli teaches the computerized device and the at least one DSM server preforming another MPC process with the third-party (e.g. fig. 5, [0034]-[0036]) and does not appear to explicitly teach but Tuyls teaches:
utilizing the cryptography secret in a security process. (e.g. [0024]-[0025], [0030]-[0031])
Same motivation as presented in claim 4 would apply.  
Claim 19, Kohli teaches wherein the enrollment phase further comprises at least one share of the biometric data reference shares stored in the least one DSM server (e.g. fig. 3, [0012]) and does not appear to explicitly teach but Tuyls teaches: 

It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings described by Tuyls into the invention of Kohli. The motivation for such an implementation would be for the purpose of authenticating a user without leaking any information about the biometric feature of the user and reducing the computational and communication load of the biometric sensor (Tuyls [0012]-[0013], [0016]).
Claim 20, Kohli teaches wherein the enrollment phase further comprises the share of the biometric data reference shares stored in the computerized device (e.g. fig. 3, [0012]) and does not appear to explicitly teach but Tuyls teaches: 
encryption of share of biometric data reference shares. (e.g. [0011])
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings described by Tuyls into the invention of Kohli. The motivation for such an implementation would be for the purpose of authenticating a user without leaking any information about the biometric feature of the user and reducing the .
Claims 6, 9, and 11 are rejected under 35 U.S.C. 103 as being unpatentable over Kohli (US 2017/0243225) in view of Tuyls et al. (US 2015/0288519) further in view of Ryhorchuk et al. (US 2015/0254463).
Claim 6, Kohli-Tuyls combination teaches the cryptography secret stored in the at least one DSM server (see above) and does not appear to explicitly teach but Ryhorchuk teaches:
a cryptography secret is encrypted. (e.g. [0021], [0060], [0093], [0135])
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings described by Ryhorchuk into the invention of Kohli-Tuyls combination. The motivation for such an implementation would be for the purpose of protecting the privacy of persons represented within sensor data collected and whose identity may be discovered by accessing the sensor data (Ryhorchuk [0017], [0020]-[0021]).
Claim 9, Kohli-Tuyls combination teaches the at least one of the cryptography secret shares stored in the at least one DSM server (see above) and does not appear to explicitly teach but Ryhorchuk teaches:

It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings described by Ryhorchuk into the invention of Kohli-Tuyls combination. The motivation for such an implementation would be for the purpose of protecting the privacy of persons represented within sensor data collected and whose identity may be discovered by accessing the sensor data (Ryhorchuk [0017], [0020]-[0021]).
Claim 11, Kohli-Tuyls combination teaches at least one of the cryptography secret shares stored in the computerized device (see above) and does not appear to explicitly teach but Ryhorchuk teaches:
at least one of cryptography secret shares is encrypted. (e.g. [0021], [0060], [0093], [0135])
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings described by Ryhorchuk into the invention of Kohli-Tuyls combination. The motivation for such an implementation would be for the purpose of protecting the privacy of persons represented within sensor data collected and whose .
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. The following reference is cited but not been replied upon for this Office action: 2016/0191513 discloses a system for binding a data transaction to a person's identity using biometrics comprising the generation of data which includes information associated with a transaction, or an encrypted transaction, between a server and a client device associated with a user, generating authentication data providing an irrevocable binding of the information to biometric characteristics of the user, by capturing biometric input by the user of said authentication data or information associated with the transaction, wherein this information is implanted into the captured data. A predetermined minimum number of quorum portions may be generated from a portion of the data generated or processed by the method, wherein at least a predetermined minimum number of received quorum data portions are required to reconstruct the data portion.

Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, GELAGAY SHEWAYE can be reached on 5712724219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service 






/AMIE C. LIN/Examiner, Art Unit 2436