DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 04 January 2021 has been entered.
 
Response to Arguments
Applicant's additional arguments filed 04 November 2020 have been fully considered but they are not persuasive.
In response to applicant’s argument that the cited references do not teach “wherein, at the…with the server,” page 10, lines 15-17, the examiner respectfully disagrees.
White (newly cited) teaches a system wherein the user may provide a requested biometric to a Foreign Authentication Server (FAS), wherein the user’s biometrics are not enrolled at the FAS, and the FAS forwards the user’s biometric to a Home 
Combining the references brings about a system wherein, at the time the authentication result is sent to the requestor, the user has still not enrolled in the biometric authentication with the server.  Therefore, the aforementioned limitation is taught by the combination of the cited references.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-23 are rejected under 35 U.S.C. 103 as being unpatentable over White (US 2004/0010697 A1) in view of Harding (US 2016/0226868 A1).
Regarding claim 1, White teaches a method for biometric authentication using one or more third-party external databases, the method comprising:
receiving a request for the biometric authentication of a user from a requestor, i.e. a Partner Application (PA) (Figs. 1, 8, el. 115), e.g. the PA requests the authentication of the user (Para. 129),
wherein the user has not enrolled in biometric authentication with a server, i.e. a Foreign Authentication Server (FAS) (Figs. 1, 8, el. 110), e.g. the FAS is not the Home Authentication Server (HAS) of the user (Para. 55, 58, 132);
sending a notification to a user device, i.e. a client (Figs. 1, 8, el. 105), associated with the user, the notification requesting a biometric image associated with the user, e.g. sending an authentication request to the client, wherein the request specifies which biometric authentication data to capture (Para. 129, 130, 156, 158);
receiving, with the server, the biometric image associated with the user in response to the notification, the biometric image being from the user device, e.g. the user provides a biometric through the client biometric capture device and the biometric is received by the FAS (Para. 130, 131, 140, 147); each biometric capture device may be directly linkable to an authentication server (Para. 115);
sending, with the server, a biometric identifier (ID) of the user to only the one or more third-party external databases, i.e. the Home Authentication Server (HAS) (Figs. 1, 8, el. 110), based on the biometric image, e.g. sending an identity claim and the captured biometric to the HAS (Para. 132, 140, 147);
controlling, with the server, only the one or more third-party external databases to identify a biometric template stored in the one or more third-party external databases that matches the biometric ID, e.g. determining, at the HAS, a match against a locally stored biometric which shares the same claim identifier as that supplied by the user (Para. 133, 134, 140); retrieving the correct enrollment data for the user from the HAS database (Para. 148); the authentication request indicates which algorithm has been used to generate the submitted template (Para. 167); the HAS associates raw biometric data with the user’s IDE and template and is able to quickly find the user’s biometric template (Para. 102, 175);
determining, with the server, an authentication result that is indicative of a match between the biometric image and the biometric template, e.g. determining, at the HAS, a match against a locally stored biometric which shares the same claim identifier as that supplied by the user (Para. 133, 134, 140); comparing, by the FAS, a copy of the biometric identifier returned from the HAS to that supplied by the user (Para. 150); and
sending, with the server, the authentication result to the requestor, e.g. sending the authentication result to the PA (Para. 136, 150, 160),
wherein, at the time the authentication result is sent to the requestor, the user has not enrolled in the biometric authentication with the server, e.g. the FAS is not the HAS of the user (Para. 132),
wherein the requestor is different than the user and the user device, e.g. the PA is separate from the user and the client biometric capture device (Figs, 1, 8, el. 105, 115; Para. 60, 66), and
wherein the requestor authorizes and provides access to a resource based on the authentication result that is indicative of the match between the biometric image and the biometric template, e.g. the PA decides based on the authentication result whether to grant access to the requested resource (Para. 137, 160).
White does not clearly teach sending, with the server, a notification to a user device associated with the user, the notification requesting a biometric image associated with the user.
Harding teaches receiving, with a server, e.g. an identity provider (Fig. 3, el. 320), a request for the biometric authentication of a user from a requestor, i.e. a service provider (Fig. 3, el. 306), e.g. receiving an identity verification request at the identity provider from the service provider (Para. 83); wherein the identity provider may be a server or a single computer (Para. 55),
wherein the user has not enrolled in the biometric authentication with the server, e.g. performing biometric enrollment in order to be able to complete a transaction and make a purchase, for example, after swiping a credit card to purchase an item or service in a store (Para. 64); the service provider requests the enrollment of the user before being able to approve any transaction (Para. 65); denying the user access or services based on the result of the comparison (Para. 83);
sending, with the server, a notification to a user device, i.e. a mobile device (Fig. 3, el. 314), associated with the user, the notification requesting a biometric image associated with the user, e.g. sending, by the IMS of the identity provider, a request to the mobile device, wherein the request is requesting biometric input from the user (Para. 50, 83);
receiving, with the server, the biometric image associated with the user in response to the notification, the biometric image being from the user device, e.g. receiving a captured biometric image from the mobile device (Para. 52, 63, 83);
sending, with the server, a biometric identifier (ID) of the user to only the one or more external databases based on the biometric image, e.g. sending the user’s name, a username, an email, or a phone number to the biometric engine database based on the biometric type (Para. 43, 66, 83); 
controlling, with the server, only the one or more external databases to identify a biometric template stored in the one or more external databases that matches the user profile, e.g. associating a biometric template with the user profile and device employed to log in; identifying the template stored for that user at enrollment (Para. 43, 63, 67, 83); 
determining, with the server, an authentication result that is indicative of a match between the biometric image and the biometric template, e.g. determining an authentication response by comparing the biometric image with a biometric template (Para. 63, 67, 83);
sending, with the server, the authentication result to the requestor, wherein the requestor is different than the user and the user device, e.g. sending the results of the matching process to the service provider (Para. 83); and
wherein the requestor authorizes and provides access to a resource based on the authentication result that is indicative of the match between the biometric image and the biometric template, e.g. the service provider grants or denies access or services to the user depending on the result (Para. 83).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify White to include sending, with the server, a notification to a user device associated with the user, the notification requesting a biometric image associated with the user, using the known method of receiving an identity verification request at the identity provider from the service provider and sending, by the IMS of the identity provider, a request to the mobile device, wherein the request is requesting biometric input from the user, as taught by Harding, in combination with the biometric authentication system of White, for the purpose of offloading the processes to the server, thereby freeing memory and processing time/power at the requestor.

Regarding claim 2, White in view of Harding teaches wherein determining the authentication result that is indicative of the match between the biometric image and the biometric template further includes sending only the biometric image to the one or more third-party external databases in association with the biometric ID, e.g. sending an identity claim and the captured biometric to the HAS (White-Para. 132, 140, 147); the HAS associates raw biometric data with the user’s IDE and template and is able to quickly find the user’s biometric template (White-Para. 102, 175); associating a biometric template with the user profile and device employed to log in; identifying the template stored for that user at enrollment (Harding-Para. 43, 63, 66, 67, 83); and 
receiving the authentication result from only the one or more third-party external databases, e.g. the HAS returns the authentication result data set to the FAS (White-Para. 134, 135, 140, 156); associating a biometric template with the user profile and device employed to log in; identifying the template stored for that user at enrollment; determining an authentication response by comparing the biometric image with a biometric template (Harding-Para. 43, 63, 66, 67, 83).

Regarding claim 3, White in view of Harding teaches wherein determining the authentication result that is indicative of the match between the biometric image and the biometric template further includes receiving the biometric template from only the one or more third-party external databases, e.g. receiving, by the FAS from the HAS, user enrollment data that includes the biometric component (White-Para. 148, 149); the HAS associates raw biometric data with the user’s IDE and template and is able to quickly find the user’s biometric template (White-Para. 102, 175); and 
comparing, with the server, the biometric image to the biometric template to determine the authentication result, e.g. comparing, at the FAS, the returned copy of the biometric and the biometric captured by the biometric capture device (White-Para. 145, 150); determining an authentication response by comparing the biometric image with a biometric template (Harding-Para. 63, 67, 83).

Regarding claim 4, White in view of Harding teaches further comprising converting the biometric image into a format suitable for matching to the biometric template after receiving the biometric image associated with the user and prior to the step of determining the authentication result, e.g. converting the biometric probe into a biometric template for comparison with the stored biometric template (Harding-Para. 63).

Regarding claim 5, White in view of Harding teaches further comprising selecting one of the one or more third-party external databases based upon a type of biometric templates stored in the one or more third-party external databases, the type of biometric templates being one selected from a group consisting of:  fingerprint biometric templates, facial biometric templates, iris biometric templates, and retina biometric templates, e.g. the user may enroll more than one biometric type at an HAS and/or may enroll one or more biometric types at different HAS servers, such as fingers and iris data, (White-Para. 102, 108, 128); routing the requests to the appropriate HAS (White-Para. 162, 164, 165); routing the requests based on the biometric type (Harding-Para. 42, 43).

wherein the biometric image further includes a fingerprint image, e.g. a fingerprint (White-Para. 64, 108, 128); a fingerprint (Harding-Para. 27, 63).

Regarding claim 7, White in view of Harding teaches wherein the biometric image further includes a facial image, e.g. a face (White-Para. 128); a face (Harding-Para. 27, 63).

Regarding claim 8, White in view of Harding teaches wherein the biometric ID further includes an identifying label selected from a group consisting of:  a social security number, a driving license number, a tax ID, and a passport number, e.g. the identity data element may comprise a social security number or passport identification (White-Para. 62, 105).

Regarding claim 9, White in view of Harding teaches wherein the notification further includes a request for a specific type of the biometric image, e.g. informing the user of the type of biometric sample that is required for the service (White-Para. 156); requesting the user to submit two or more biometric samples, either of the same biometric type or of different biometric types (White-Para. 158, 162, 164); determining what biometric modalities are supported by the client and sending the request based on the determination; requiring more than one biometric modality for authentication (Harding-Para. 50, 51, 83).

Regarding claim 10, White teaches a biometric authentication server for biometric authentication, i.e. a Foreign Authentication Server (FAS) (Figs. 1, 8, el. 110; Para. 58), using one or more third-party external databases, i.e. a Home Authentication Server (HAS) (Figs. 1, 8, el. 110; Para. 55), the biometric authentication server comprising: 
a user device interface configured to communicate with a user device, e.g. the user provides a biometric through the client biometric capture device and the biometric is received by the FAS (Para. 130, 131, 140, 147); each biometric capture device may be directly linkable to an authentication server (Para. 115); 
a database interface configured to communicate with only the one or more third-party external databases, e.g. authentication servers may communicate with one another over a network (Para. 117-120); 
an electronic processor, Note: an authentication server inherently has an electronic processor (Figs. 1, 8, el. 110); and 
a memory communicatively coupled to the electronic processor and storing machine readable instructions that, when executed by the electronic processor, Note: an authentication server inherently has memory for executing instructions (Figs. 1, 8, el. 110), perform a set of operations including 
receiving a request for biometric authentication of a user from a requestor, i.e. a Partner Application (PA) (Figs. 1, 8, el. 115), e.g. the PA requests the authentication of the user (Para. 129),
wherein the user has not enrolled in the biometric authentication with the biometric authentication server, e.g. the FAS is not the Home Authentication Server (HAS) of the user (Para. 55, 58, 132); 
sending, by the PA, a notification to a user device, i.e. a client (Figs. 1, 8, el. 105), associated with the user, the notification requesting a biometric image associated with the user, e.g. sending an authentication request to the client, wherein the request specifies which biometric authentication data to capture (Para. 129, 130, 156, 158);
receiving the biometric image associated with the user in response to the notification, the biometric image being from the user device, e.g. the user provides a biometric through the client biometric capture device and the biometric is received by the FAS (Para. 130, 131, 140, 147); each biometric capture device may be directly linkable to an authentication server (Para. 115);
sending a biometric identifier (ID) of the user to only the one or more third-party external databases, i.e. the Home Authentication Server (HAS) (Figs. 1, 8, el. 110), based on the biometric image, e.g. sending an identity claim and the captured biometric to the HAS (Para. 132, 140, 147);
controlling only the one or more third-party external databases to identify a biometric template stored in the one or more third-party external databases that matches the biometric ID, e.g. determining, at the HAS, a match against a locally stored biometric which shares the same claim identifier as that supplied by the user (Para. 133, 134, 140); retrieving the correct enrollment data for the user from the HAS database (Para. 148); the authentication request indicates which algorithm has been used to generate the submitted template (Para. 167); the HAS associates raw biometric data with the user’s IDE and template and is able to quickly find the user’s biometric template (Para. 102, 175);
determining an authentication result that is indicative of a match between the biometric image and the biometric template, e.g. determining, at the HAS, a match against a locally stored biometric which shares the same claim identifier as that supplied by the user (Para. 133, 134, 140); comparing, by the FAS, a copy of the biometric identifier returned from the HAS to that supplied by the user (Para. 150); and
sending the authentication result to the requestor, e.g. sending the authentication result to the PA (Para. 136, 150, 160),
wherein, at the time the authentication result is sent to the requestor, the user has not enrolled in the biometric authentication with the server, e.g. the FAS is not the HAS of the user (Para. 132),
wherein the requestor is different than the user and the user device, e.g. the PA is separate from the user and the client biometric capture device (Figs, 1, 8, el. 105, 115; Para. 60, 66), and
wherein the requestor authorizes and provides access to a resource based on the authentication result that is indicative of the match between the biometric image and the biometric template, e.g. the PA decides based on the authentication result whether to grant access to the requested resource (Para. 137, 160).
White does not clearly teach sending a notification to the user device associated with the user, the notification requesting a biometric image associated with the user.
Harding teaches a biometric authentication server, e.g. an identity provider (Fig. 3, el. 320), for biometric authentication using one or more external databases, the biometric authentication server comprising:
a user device interface configured to communicate with a user device, i.e. a mobile device (Fig. 3, el. 314); i.e. an interface for communicating with other devices (Fig. 4, el. 406; Para. 69);
a database interface configured to communicate with the one or more external databases, i.e. an interface for communicating with the biometric engine databases (Fig. 4, el. 406; Para. 69);
an electronic processor, i.e. a CPU (Fig. 4, el. 412); and
a memory, i.e. a memory (Fig. 4, el. 408), communicatively coupled to the electronic processor and storing machine readable instructions that, when executed by the electronic processor, perform a set of operations including
receiving a request for biometric authentication of a user from a requestor, i.e. a service provider (Fig. 3, el. 306), e.g. performing biometric enrollment in order to be able to complete a transaction and make a purchase, for example, after swiping a credit card to purchase an item or service in a store (Para. 64); the service provider requests the enrollment of the user before being able to approve any transaction (Para. 65); receiving an identity verification request at the identity provider from the service provider (Para. 83),
wherein the user has not enrolled in the biometric authentication with the biometric authentication server, e.g. performing biometric enrollment in order to be able to complete a transaction and make a purchase, for example, after swiping a credit card to purchase an item or service in a store (Para. 64); the service provider requests the enrollment of the user before being able to approve any transaction (Para. 65); denying the user access or services based on the result of the comparison (Para. 83);
sending a notification to the user device associated with the user, the notification requesting a biometric image associated with the user, e.g. sending a request to the mobile device, wherein the request is requesting biometric input from the user (Para. 50, 83);
receiving the biometric image associated with the user in response to the notification, the biometric image being from the user device, e.g. receiving a captured biometric image from the mobile device (Para. 52, 63, 83);
sending a biometric identifier (ID) of the user to the one or more external databases based on the biometric image, e.g. sending the user’s name, a username, an email, or a phone number to the biometric engine database (Para. 43, 66, 83); 
controlling only the one or more external databases to identify a biometric template stored in the one or more external databases that matches a user profile, e.g. associating a biometric template with the user profile and device employed to log in; identifying the template stored for that user at enrollment (Para. 43, 63, 67, 83); wherein the request is sent to the biometric engine database based on the biometric type (Para. 43);
determining an authentication result that is indicative of a match between the biometric image and the biometric template, e.g. determining an authentication response by comparing the biometric image with a biometric template (Para. 63, 67, 83);
sending the authentication result to the requestor, wherein the requestor is different than the user and the user device, e.g. sending the results of the matching process to the service provider (Para. 83); and
wherein the requestor authorizes and provides access to a resource based on the authentication result that is indicative of the match between the biometric image and the biometric template, e.g. the service provider grants or denies access or services to the user depending on the result (Para. 83).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify White to include sending a notification to the user device associated with the user, the notification requesting a biometric image associated with the user, using the known method of receiving an identity verification request at the identity provider from the 

Regarding claim 11, the claim is analyzed with respect to claim 4.

Regarding claim 12, the claim is analyzed with respect to claim 2.
 
Regarding claim 13, the claim is analyzed with respect to claim 3.

Regarding claim 14, the claim is analyzed with respect to claim 4.

Regarding claim 15, the claim is analyzed with respect to claims 1 and 10.

Regarding claim 16, the claim is analyzed with respect to claim 8.

Regarding claim 17, the claim is analyzed with respect to claim 5.

Regarding claim 18, the claim is analyzed with respect to claim 2.

Regarding claim 19, the claim is analyzed with respect to claim 3.

Regarding claim 20, the claim is analyzed with respect to claim 4.

Regarding claim 21, White in view of Harding teaches wherein the notification is configured to cause the user device to execute an authentication application, and request a capture of the biometric image of the user with the authentication application, e.g. presenting a GUI interface that informs the user of the type of biometric sample that is required for the service that they wish to avail of (White-Para. 156); receiving a notification for using a biometric authentication application on the mobile device and requesting the capture of the biometric probe via the application (Harding-Para. 74, 75).

Regarding claim 22, White in view of Harding teaches wherein the authentication application is part of a resource application that is associated with the resource, e.g. a service provider application (Harding-Para. 56).

Regarding claim 23, White in view of Harding teaches further comprising:  receiving, with the server, a login identifier (ID) associated with the user in response to the notification, wherein the biometric ID of the user is based on the biometric image and the login ID, e.g. receiving a username in response to logging-in to the application (Harding-Para. 43, 74, 75. 80).

Conclusion
The following prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Peirce (US 7,690,032)—Peirce discloses utilizing remote external databases to perform biometric authentication (Figs. 1, 2; Col. 3, lines 45-62).

Ortiz (US 7,921,297)—Ortiz discloses utilizing a biometric broker for biometric authentication, wherein the broker may obtain biometric data from a variety of biometric databases operated by different entities (Fig. 1; Col. 8, lines 56-67).

Any inquiry concerning this communication or earlier communications from the examiner should be directed to JEREMY DUFFIELD whose telephone number is (571)270-1643.  The examiner can normally be reached on Monday - Friday, 7:00 AM - 3:00 PM (ET).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on (571) 272-8878.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





12 March 2021
/Jeremy S Duffield/Primary Examiner, Art Unit 2498