DETAILED ACTION
Examiner's Note:  The Examiner has pointed out particular references contained in the prior art of record within the body of this action for the convenience of the Applicant.  Although the specified citations are representative of the teachings in the art and are applied to the specific limitations within the individual claim, other passages and figures may apply.  Applicant, in preparing the response, should consider fully the entire reference as potentially teaching all or part of the claimed invention, as well as the context of the passage as taught by the prior art or disclosed by the Examiner.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
Applicant’s remarks filed on 03/03/2021 have been fully considered. 
Regarding claim(s) 1 – 3, 13 – 15, 19, 20 that is rejected under 35 U.S.C. 102(a)(2) as anticipated by or, in the alternative, under 35 U.S.C. 103 as obvious over Ebrahimi et al. [US PGPUB # 2019/0149537], applicant’s remarks have been considered but are moot because the new ground of rejection does rely on a different interpretation of the previous reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument. Therefore, see the office action below. 
Regarding claim(s) 5 – 7, 9, 16 - 18, 21 - 23 is/are rejected under 35 U.S.C. 103 as being unpatentable over Ebrahimi et al. [US PGPUB # 2019/0149537] in view of Chiang [US PGPUB # 2017/0230444], applicant’s remarks have been considered but 
The examiner further notes that all other remarks that do not concern the prior art rejections, if any, will be addressed in the office action below. 
Applicant states on page[s] 12 of the remarks as filed: “(1) Ebrahimi fails to teach that “the second service system is configured to share user authentication information registered with the second service system for accessing the second service system with the first service system for user authentication for accessing the first service system” of amended claim 1. Ebrahimi merely discloses that third parties that require certified information from banks may implement the verification process disclosed in Ebrahimi, which does not constitute the above feature of claim 1.”
	In response the examiner isn’t persuaded, the examiner points to the prior art of Ebrahimi. Specifically, at paragraph: 0047, lines 1 – 12, In the case of banking operations, the verification process of the identity platform module [i.e. applicant’s first service system] can be utilized by banks [i.e. applicant’s second service systems – registered user data], as well as users of the bank, or third parties that require certified information from the banks regarding those users.
***The examiner notes of Ebrahimi, a bank or other institution will have registered therein, user data, and have resident thereon or access to the blockchain thru the identity manager/module of the identity management platform. Applicant’s first service system is equated with the institution/bank + identity manager/module + identity management platform [i.e. verification process]. And applicant’s recited second service Thus, applicant’s argued claim invention above or argued claim limitation is an obvious variation of the operation of Ebrahimi. See the combination of paragraphs: 0045,0047,0048,0049 of Ebrahimi. 
Applicant states on page[s] 12 of the remarks as filed: “(2) Ebrahimi fails to teach features of the “computing device” in claim 1, such as “a computing device independent from the first and second service systems; ... the one or more digital abstracts are encrypted from user account information registered with the computing device for accessing the second service system and not for accessing the first service system,... the transaction identification is stored in association with user detail information of the login user at the computing device outside the blockchain; retrieving, from the computing device, the user detail information of the login user according to the transaction identification.”
Office Action at 7-8 quoted para. 47 of Ebrahimi to read on “a computing device independent from the first and second service systems” of claim 1. However, since Examiner identified mapping to the “first service system” and the “second service system” only, it was unclear which device in Ebrahimi Examiner found to teach the Ebrahimi fails to teach “a computing device independent from the first and second service systems.”
The examiner isn’t persuaded, the examiner points to the prior art of Ebrahimi. Specifically, at paragraph: 0047, lines 1 – 12, In embodiments, the messaging and communication functions described herein are provided to enable users to exchange data over communication networks in order to verify identity, or enable or provide access to users to services, goods, or commercial transactions. In the case of banking operations, the verification process can be utilized by banks, as well as users of the bank [i.e. applicant’s computing device], or third parties that require certified information from the banks regarding those users. Where at Figure # 1C and step: 197 and paragraph: 0059, lines 28 – 31, As such, upon successful verification of the UGD and certification record, at operation 197 the presented UGD is trustworthy after going through a verification of the UGD and the certification record of the UGD.
Then at paragraph: 0047, lines 1 – 12, In the case of banking operations, the verification process of the identity platform module [i.e. applicant’s first service system] can be utilized by banks [i.e. applicant’s second service systems – registered user data], as well as users of the bank, or third parties that require certified information from the banks regarding those users.
These citations meets applicant argument of: “However, since Examiner identified mapping to the “first service system” and the “second service system” only, it was unclear which device in Ebrahimi Examiner found to teach the “computing device” in claim 1.”
verifier 30 obtains the seal record 120 (e.g., using txn-ID [i.e. applicant’s transaction identification] for the blockchain) to obtain the data stored in the blockchain 50 (e.g., <signed.hash.UGD> and public key of user 5) to verify the raw data (UGD). At block 180, operations are performed to verify the data. 
This meets applicant’s argument of: “2) Ebrahimi fails to teach features of the ……….the transaction identification is stored in association with user detail information of the login user at the computing device outside the blockchain; retrieving, from the computing device, the user detail information of the login user according to the transaction identification.”
	Thus, applicant’s argued claim invention is an obvious variation of identified operation of Ebrahimi. 
Applicant states on page[s] 12 of the remarks as filed: “Office Action at 12 and 13 quoted para. 159 of Ebrahimi to read on “the transaction identification is stored in association with user detail information of the login user at the computing device outside the blockchain.” However, para. 159 of Ebrahimi merely discloses that storing data or a hash of the data to blockchain, while separately storing a copy of the data to a different device. However, this does not constitute the above feature of claim 1.”
The examiner isn’t persuaded, the examiner points to the prior art of Ebrahimi. Specifically, at Figure # 13, paragraph: 0159, lines 1 – 8, The data for the transaction being written to the blockchain may or may not fit in a single transaction. If it does not fit, a hash of the entire data is made and the hash is written to the blockchain 980. The data is then stored on a different device that may or may not be shared. To access the However, para. 159 of Ebrahimi merely discloses that storing data or a hash of the data to blockchain, while separately storing a copy of the data to a different device. However, this does not constitute the above feature of claim 1.”
Applicant states on page[s] 12 of the remarks as filed: “Office Action at 12 quoted para. 170 and 175 of Ebrahimi to read on “retrieving, from the computing device, user detail information of the login user according to the transaction identification.” As Examiner quoted, Ebrahimi discloses obtain data from blockchain according to a transaction ID. However, as recited in claim 1 and discussed above, “the transaction identification is stored in association with user detail information of the login user at the computing device outside the blockchain.” Let alone the transaction identification is obtained from the result of the comparison. Thus, Ebrahimi cannot possibly teach this feature of claim 1.”
In response the examiner isn’t persuaded, the examiner points to the prior art of Ebrahimi. Specifically, at Figure # 1C and paragraph: 0058, lines 1 – 6, At operations 170 and 175, verifier 30 obtains the seal record 120 (e.g., using txn-ID [i.e. applicant’s transaction identification] for the blockchain) to obtain the data stored in the blockchain 50 (e.g., <signed.hash.UGD> and public key of user 5) to verify the raw data (UGD). At block 180, operations are performed to verify the data. This meets applicant’s argument of: “…………………Ebrahimi discloses obtain data from blockchain according to a transaction ID. However, as recited in claim 1 and discussed above, “the transaction identification is stored in association with user detail information of the login user at the computing device outside the blockchain.” Let alone the transaction identification is obtained from the result of the comparison. Thus, Ebrahimi cannot possibly teach this feature of claim 1.”
	Thus, applicant’s argued claim invention is an obvious variation of identified operation of Ebrahimi.
Applicant states on page[s] 13 of the remarks as filed: “(3) Ebrahimi fails to teach “the login user is not registered with the first service system” of claim 1. However, “login ... without the user of usernames or passwords” used by Examiner’s argument at Office Action at 10 does not constitute the absence of registration. For example, Ebrahimi at Fig. 4D and corresponding paragraphs describe how to use QR code, biometrics, PIN to replace password for authenticating user. This does not obviate the registration of the user in Ebrahimi.
Further, Ebrahimi requires registration throughout its disclosure. Ebrahimi requires registration at the web service to be visited by the user. For example, “FIG. 1A illustrates a data flow 100A for registering data in a blockchain, such as for registering user identification, in accordance with one embodiment of the present disclosure” Ebrahimi at 51. “the user must have previously been registered with the sendee provider.” Ebrahimi at 90. “[Registration is performed for securely registering new users to a website of a service provider. For illustration, FIGS. 6A-6D are diagrams illustrating a process for Ebrahimi at 97.
“As previously introduced, the process outlined in FIGS. 4A-4D and 7A-7C assumes that the user is already registered with the service provider (e.g., web server 320), and that the service provider maintains at least the following record on the user: a user identification, such as a name or a username (optional), and a public key of the user that matches the private key maintained by the user in his or her identity management application.” Ebrahimi at 102, “In one embodiment registration (e.g., of a user) (also referred to as validation) is implemented with an identity manager using a blockchain. Further, a certification process may be processed for certifying the registration and/or validation. In one embodiment, to register a user, some form of user identification (e.g., a driver's license or passport) is scanned. One or more fields are extracted, such as your name, license number, passport number, date of birth (or other data), etc.” Ebrahimi at 38.”
In response the examiner isn’t persuaded, the examiner points to the prior art of Ebrahimi. Specifically, at paragraph: 0038, lines 1 – 10, In one embodiment, registration (e.g., of a user) (also referred to as validation) is implemented with an identity manager [i.e. applicant’s first service system] of the identity management platform using a blockchain. Further, a certification process may be processed for certifying the registration and/or validation. In one embodiment, to register a user, some form of user identification (e.g., a driver's license or passport) is scanned. One or more fields are extracted, such as your name, license number, passport number, date of birth (or other data) [i.e. applicant’s authentication information], etc. Also, that identifying information can be gathered individually. Further, the identifying information can be gathered manually.
Where at paragraph: 0049, lines 1 – 6, In still other embodiments, code plug-ins can be integrated into commercial websites, which may use identity verification for different reasons or functions. For example, banks can install plug-in applications, code, or programs that can execute part or all of the verification processing to seal information and/or to certify information regarding identity.
Where at paragraph: 0048, In some embodiments, the verification systems can be embodied in an application, such as those that can be installed on mobile devices (e.g., Apps). By way of example, users wishing to have their identity verified can use an application to seal information regarding their identity. Once the data has been sealed (e.g., encrypted data has been stored to the blockchain), this data (e.g., raw data) can be used for later certification by another party. The other party may also be utilizing a corresponding App, which enables efficient reading of the data, code, QR code, message, or notification, to validate the identity of the user.
	This meets applicant’s argument of: “(3) Ebrahimi fails to teach “the login user is not registered with the first service system” of claim 1.”
Applicant states on page[s] 14 of the remarks as filed: “(4) Ebrahimi fails to teach “the obtained result comprises a transaction identification of a blockchain transaction stored to the blockchain comprising the one digital abstract,” of claim 1. Examiner referred to operation 165 in FIG. 1C of Ebrahimi to read on this feature. However, 
Independent claims 9 and 15 each recite similar features as claim 1. Dependent claims depending from any of the independent claims include all limitations thereof. For all of the above reasons, Ebrahimi fails to teach each and every element of the independent claims, and a prima facia case of obviousness is not established. Thus, Applicant respectfully requests reversal of the rejection of claims 1-3, 13-15, 19, and 20 under 35 U.S.C. § 102.”
In response, the examiner has withdrawn the previously issued anticipatory rejection on claim[s] 1-3, 13-15, 19, and 20, see the office action below. However, the examiner has issued a new obviousness rejection to make obvious applicant’s newly added claim amendments and argued claim limitation above. 
Further in response the examiner isn’t persuaded, the examiner points to the prior art of Ebrahimi. Specifically, at Figure # 1C and paragraph: 0058, lines 1 – 6, At operations 170 and 175, verifier 30 obtains the seal record 120 (e.g., using txn-ID [i.e. applicant’s transaction identification] for the blockchain) to obtain the data stored in the blockchain 50 (e.g., <signed.hash.UGD> and public key of user 5) to verify the raw data (UGD). At block 180, operations are performed to verify the data. 

Applicant states on page[s] 14 of the remarks as filed: “Applicant respectfully traverses the rejection of claims 5-7, 9, 16-18, and 21-23 under 35 U.S.C. 103 as allegedly being unpatentable over Ebrahimi and Chiang. A prima facie case of obviousness has not been established.
Claims 5-7, 9, 16-18, and 21-23 depend from amended claim 1, 13, or 19 and thus include all elements thereof. In the Office Action, the Office alleged Chiang discloses various elements of claims 5-7, 9, 16-18, and 21-23. Applicant respectfully disagrees. Even assuming that the Office’s characterization of Chiang is correct, which Applicant does not concede, Chiang fails to cure the deficiencies of Ebrahimi discussed above with respect to claims 1, 13, and 19. Thus, the rejection of claims 5-7, 9, 16-18, and 21-23 under 35 U.S.C. § 103 is improper. Applicant respectfully requests the rejection be withdrawn.”
In response the examiner isn’t persuaded, the examiner points out that applicant's arguments fail to comply with 37 CFR 1.111(b) because they amount to a general allegation that the claims define a patentable invention without specifically pointing out how the language of the claims patentably distinguishes them from the references.
Response to Amendment
Status of the instant application:
Claim[s] 4, 8, 10 – 12 have been previously cancelled. 
Claim[s] 1 – 3, 5 – 7, 9, 13 – 23 are currently pending in the instant application. 
Regarding claim[s] 1 – 3, 5 – 7, 9, 13 – 23 under the various obviousness/anticipatory rejections, applicant’s claim amendments have been considered, therefore, the rejections are withdrawn. However, there are new rejections on the claims to address applicant’s newly added claim amendments. See the office action below. 
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 02/08/2021 was filed after the mailing date of the non – final rejection on 12/03/2020.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –



The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or non-obviousness.
Claim(s) 1 – 3, 13 – 15, 19, 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Ebrahimi et al. [US PGPUB # 2019/0149537]
As per claim 1. Ebrahimi does teach a computer-implemented method for data management, implementable by a first service system [paragraph: 0007, lines 1 – 7, In one embodiment, a method for authentication being performed at a web server providing web access is disclosed. For example, the method is performed when implementing a login process to a web portal of a web server. The method includes comprising:
obtaining, by a first service system from a login user, authentication information of the login user for accessing the first service system [paragraph: 0038, lines 1 – 10, In one embodiment, registration (e.g., of a user) (also referred to as validation) is implemented with an identity manager [i.e. applicant’s first service system] of the identity management platform using a blockchain. Further, a certification process may be processed for certifying the registration and/or validation. In one embodiment, to register a user, some form of user identification (e.g., a driver's license or passport) is scanned. One or more fields are extracted, such as your name, license number, passport number, date of birth (or other data) [i.e. applicant’s authentication information], etc. Also, that identifying information can be gathered individually. Further, the identifying information can be gathered manually.
Where at paragraph: 0049, lines 1 – 6, In still other embodiments, code plug-ins can be integrated into commercial websites, which may use identity verification for different reasons or functions. For example, banks can install plug-in applications, code, or programs that can execute part or all of the verification processing to seal information and/or to certify information regarding identity.
Where at paragraph: 0048, In some embodiments, the verification systems can be embodied in an application, such as those that can be installed on mobile devices (e.g., Apps). By way of example, users wishing to have their identity verified can use an application to seal information regarding their identity. Once the data has been sealed , this data (e.g., raw data) can be used for later certification by another party. The other party may also be utilizing a corresponding App, which enables efficient reading of the data, code, QR code, message, or notification, to validate the identity of the user.];
generating, by the first service system, a digital abstract of the authentication information of the login user [paragraph: 0038, lines 8 – 9, The data is then processed to produce a hash of the data on the blockchain by the identity manager of the identity management platform [i.e. applicant’s generating, by the first service system a digital abstract of authentication information of login user]. 
Where at paragraph: 0048, The other party may also be utilizing a corresponding App, which enables efficient reading of the data, code, QR code, message, or notification, to validate the identity of the user [i.e. applicant’s digital abstract of authentication information of the login user]. 
Where at paragraph: 0039, The user can then provide the raw data with a public key and a pointer to that record on the blockchain of the in order to allow verification of the data by a third party. In particular, this provides a correlation between the data (e.g., the raw data) that the user has on the mobile device and what's on the blockchain. That is, the raw data that is newly presented may be verified using the data on the blockchain.]; 
transmitting, by a first service system, the digital abstract of the authentication information of the login user to one or more nodes of a blockchain, wherein the blockchain is accessible to the first service system, a second service system [paragraph: 0038, lines 18 – 19, The signed hash value and optionally the public key of the user are stored to the blockchain. Where at paragraph: 0049, lines 1 – 6, In still other embodiments, code plug-ins [i.e. applicant’s first service system] can be integrated into commercial websites [i.e. applicant’s one or more nodes of a blockchain], which may use identity verification for different reasons or functions. For example, banks can install plug-in applications, code, or programs that can execute part or all of the verification processing to seal information and/or to certify information regarding identity. Where at Figure # 3, and components: 5, 11, 12, 310 – applicant’s computing device and at paragraph: 0039, The user can then provide the raw data with a public key and a pointer to that record on the blockchain of the in order to allow verification of the data by a third party. In particular, this provides a correlation between the data (e.g., the raw data) that the user has on the mobile device [i.e. applicant’s computing device] and what's on the blockchain. That is, the raw data that is newly presented may be verified using the data on the blockchain.], and a computing device independent from the first and second service systems [paragraph: 0047, lines 1 – 12, In embodiments, the messaging and communication functions described herein are provided to enable users to exchange data over communication networks in order to verify identity, or enable or provide access to users [i.e. applicant’s login user] to services, goods, or commercial transactions. In the case of banking operations, the verification process can be utilized by banks, as well as users of the bank [i.e. applicant’s first service system], or third parties [i.e. applicant’s second service system] that require certified information from the banks regarding those users. In the case of 
obtaining, by a first service system from the one or more nodes of the blockchain a result of a comparison between the digital abstract of the authentication information of the login user and one or more digital abstracts stored on the blockchain [paragraph: 0047, lines 1 – 12, In embodiments, the messaging and communication functions described herein are provided to enable users to exchange data over communication networks in order to verify identity, or enable or provide access to users to services, goods, or commercial transactions. In the case of banking operations, the verification process can be utilized by banks, as well as users of the bank [i.e. applicant’s computing device], or third parties that require certified information from the banks regarding those users. Where at Figure # 1C and step: 197 and paragraph: 0059, lines 28 – 31, As such, upon successful verification of the UGD and certification record, at operation 197 the presented UGD is trustworthy after going through a verification of the UGD and the certification record of the UGD.], wherein:
the comparison is performed by the one or more nodes of the blockchain [paragraph: 0055, In block 140, operations are performed for verifying the UGD. In particular, the data stored in the blockchain 50 is extracted, namely the signed hash For purposes of illustration only, in the verification process, hash values of the UGD newly generated and based on the <signed.hash.UGD> (e.g., using the public key), may be compared, and is verified when the hash values match.],
the one or more digital abstracts are encrypted from user account information registered with the computing device for accessing the second service system [paragraph: 0048, lines 3 – 8, Once the data has been sealed (e.g., encrypted data has been stored to the blockchain), this data (e.g., raw data) can be used for later certification by another party], and
the one or more digital abstracts are stored on the blockchain after consensus verification by a plurality of nodes of the blockchain [paragraph: 0055, In block 140, operations are performed for verifying the UGD. In particular, the data stored in the blockchain 50 is extracted, namely the signed hash value (<signed.hash.UGD>). In addition, the newly presented UGD is hashed using the same hash algorithm that was performed when registering the data.]; and
the login user is not registered with the first service system [paragraph: 0035, lines 4 – 6, In particular, embodiments of the present invention allow users to 
authenticating, by a first service system, the login user for accessing the first service system in response to the digital abstract of the authentication information being the same as one of the one or more digital abstracts stored on the blockchain according to the obtained result [paragraph: 0055, In block 140, operations are performed for verifying the UGD. In particular, the data stored in the blockchain 50 is extracted, namely the signed hash value (<signed.hash.UGD>). In addition, the newly presented UGD is hashed using the same hash algorithm that was performed when registering the data. Verification of the raw data (UGD) is performed by performing a verification process on input data including the newly generated hash value, the public key of the user, and the <signed.hash.UGD> stored on the blockchain 50. For purposes of illustration only, in the verification process, hash values of the UGD newly generated and based on the <signed.hash.UGD> (e.g., using the public key), may be compared, and is verified when the hash values match. Then at paragraph: 0042, Thus, embodiments of the present invention provide for being able to authenticate the user whenever the user does any kind of transaction, such as logging into a website, calling a call center, authenticating a transaction. In particular, the systems, methods, and technical operations described herein, and based on the identity management platform providing for registration and/or certification of data, can be implemented with the confidence of knowing who the user really is, and enabling this verification process in a timely manner.], abstracts stored on the blockchain according to the obtained result, wherein the obtained result comprises a transaction identification of a blockchain transaction stored to the blockchain comprising the one digital abstract [Figure # 1C, and paragraph: 0057, In particular, FIG. 1C illustrates a data flow 100C for verifying the registered data, and for verifying the certification of the registered data [i.e. applicant’s obtained result], in accordance with one embodiment of the present disclosure. For example, at operation 165 the user 5 may present the raw UGD (and other information) to a third party, along with registration and certification record information, so that the third party may verify the UGD using multiple factors (e.g., registration and/or certification). That is, data may be combined for presentation, and includes one or more of the raw UGD, public key of the user 5, seal 120 of the UGD (e.g., seal txn-ID, pointer to the blockchain), the certification signature (as the raw data of the certification record), the certification record seal (e.g., certification seal txn-ID [i.e. applicant’s transaction identification], pointer to blockchain), public key of certifier, etc. For purposes of illustration, the third party is verifier 30. ], the transaction identification matches the digital abstract of the authentication information [Figure # 1C and paragraph: 0058, lines 1 – 6, At operations 170 and 175, verifier 30 obtains the seal record 120 (e.g., using txn-ID [i.e. applicant’s transaction identification] for the blockchain) to obtain the data stored in the blockchain 50 (e.g., <signed.hash.UGD> and public key of user 5) to verify the raw data (UGD). At block 180, operations are performed to verify the data. ], and 
the transaction identification is stored in association with user detail information of the login user at the computing device outside the blockchain [Figure # 13, paragraph: 0159, lines 1 – 8, The data for the transaction being written to the blockchain may or may not fit in a single transaction. If it does not fit, a hash of the entire data is made and the hash is written to the blockchain 980. The data is then stored on a different device that may or may not be shared. To access the certification record on the blockchain, the data associated with that hash may have to be accessed and verified that it matches the same hash.]; 
obtaining, by the first service system from the login user a request to perform a transaction operation [paragraph: 0035, lines 4 – 6, In particular, embodiments of the present invention allow users to login to websites, services and other portals without the use of usernames or passwords. Where at paragraph: 0042, Thus, embodiments of the present invention provide for being able to authenticate the user whenever the user does any kind of transaction, such as logging into a website, calling a call center, authenticating a transaction. In particular, the systems, methods, and technical operations described herein, and based on the identity management platform [i.e. applicant’s first service system] providing for registration and/or certification of data, can be implemented with the confidence of knowing who the user really is, and enabling this verification process in a timely manner.]; 
retrieving, by the first service system from the computing device, user detail information of the login user according to the transaction identification [Figure # 1C and paragraph: 0058, lines 1 – 6, At operations 170 and 175, verifier 30 obtains the seal record 120 (e.g., using txn-ID [i.e. applicant’s transaction identification] for the blockchain) to obtain the data stored in the blockchain 50 of the identity management platform [i.e. applicant’s first service system] (e.g., <signed.hash.UGD> and public key of user 5) to verify the raw data (UGD). At block 180, operations are performed to verify the data.]; and
executing, by the first service system [paragraph: 0035, lines 4 – 6, In particular, embodiments of the present invention allow users to login to websites, services and other portals without the use of usernames or passwords. Where at paragraph: 0042, Thus, embodiments of the present invention provide for being able to authenticate the user whenever the user does any kind of transaction, such as logging into a website, calling a call center, authenticating a transaction. In particular, the systems, methods, and technical operations described herein, and based on the identity management platform [i.e. applicant’s first service system] providing for registration and/or certification of data, can be implemented with the confidence of knowing who the user really is, and enabling this verification process] the transaction based at least on the user detail information of the login user [paragraph: 0009, lines 3 – 17,  For example, the method may be performed by an authenticating entity of a web server, such as when authenticating a user (e.g., to control access to products and/or services). The method includes receiving from a device of a user a user envelope of data that includes user data and a unique session ID issued by the server and a first signature of a hash of the user data signed and the session ID by a private key of the user, wherein the user data includes a user ID, newly created biometric data, newly presented original biometric data associated with the newly created biometric data, validating seal [i.e. applicant’s transaction identifier] associated with the original biometric data including a first transaction number of a first blockchain, and a certifying seal [i.e. applicant’s transaction identifier] associated with the original biometric data including a second transaction number of a second blockchain. Then at paragraph: 0042, Thus, embodiments of the present invention provide for being able to authenticate the user whenever the user does any kind of transaction, such as logging into a website, calling a call center, authenticating a transaction.].
While Ebrahimi does not clearly teach and the second service system is configured to share user authentication information registered with the second service system for accessing the second service system with the first service system for user authentication for accessing the first service system.
However, Ebrahimi does disclose and the second service system is configured to share user authentication information registered with the second service system for accessing the second service system with the first service system for user authentication for accessing the first service system [paragraph: 0047, lines 1 – 12, In the case of banking operations, the verification process of the identity platform module [i.e. applicant’s first service system] can be utilized by banks [i.e. applicant’s second service systems], as well as users of the bank, or third parties [i.e. applicant’s second service systems] that require certified information from the banks [first service system] regarding those users] 
It would have been obvious to one ordinary skilled in the art before the effective filing date of the claimed invention to solve the problem well known in the industry of Identity theft which causes tens of billions of dollars in losses every year by having a more secure system and method for managing the identity of users and of identifying users to third parties, such as when performing login or user authentication, for 
As per claim 2. Ebrahimi does teach the method of claim 1, wherein:
the authentication information comprises at least one of: an account identification associated with the login user or a password associated with the account identification [Ebrahimi, Figures: 4A – 4C and paragraph: 0098, In another embodiment, the authentication and login process outlined in FIGS. 4A-4C can be modified and/or applied to a use case where a user is securely associated with an existing account or user registration in a system of a service provider. In particular, a user visits Service Provider's website and logs in using conventional methods, specific to provider's site. The user navigates to a special page, for example on his profile or setting page and is presented with a form. The form has a QR Code or other similar graphics which user can scan with his personal mobile device. As a result of this action the Verifier is notified of the request. Verifier validates user data against 3rd party services, publicly available information and other sources of data. Verifier will produce a verification record which can be used by the Certifier to generate a certification record. Service Provider uses this record and user's data to derive information necessary to associate this user's identity with an existing account
As per claim 3. Ebrahimi does teach the method of claim 1, wherein: the digital abstract of the authentication information comprises a hash value representing a result of hashing the authentication information through SHA-256 [Ebrahimi, paragraph: 0053, lines 1 – 7, The value field written to the blockchain is for registration and/or validation of the original, raw data only. The user 5 is expected to securely hold onto that data (e.g., through encryption) and only share it when the user chooses to. Hence, the data is first hashed in operation 110 so the UGD becomes <hash.UGD>. In embodiments, any number of hashing algorithms can be used, such as SHA256].
As per data management system claim 13 that includes the same or similar claim limitations as method claim 1, and is similarly rejected. 
***The examiner further notes that applicant’s recited “non – transitory computer readable storage medium,” and “instructions,” “one or more processors,” are taught by the prior art of Ebrahimi, at paragraph: 0176, 0174, 0168. 
As per data management system claim 14 that includes the same or similar claim limitations as method claim 2, and is similarly rejected. 

As per data management system claim 15 that includes the same or similar claim limitations as method claim 3, and is similarly rejected. 

As per non – transitory computer readable storage medium claim 19 that includes the same or similar claim limitations as method claim #1, and is similarly rejected. 
***The examiner further notes that applicant’s recited “non – transitory computer readable storage medium,” and “instructions,” “one or more processors,” are taught by the prior art of Ebrahimi, at paragraph: 0176, 0174, 0168. 
As per non – transitory computer readable storage medium claim 20 that includes the same or similar claim limitations as method claim #2, and is similarly rejected. 

Claim[s] 5 – 7, 9, 16 - 18, 21 - 23 is/are rejected under 35 U.S.C. 103 as being unpatentable over Ebrahimi et al. [US PGPUB # 2019/0149537] in view of Chiang [US PGPUB # 2017/0230444].
As per claim 5. Ebrahimi does teach what is taught in the rejection of claim # 1 above. 
Ebrahimi does not clearly teach the method of claim 1, before obtaining the authentication information of the login user, further comprising:
receiving, by the second service system, a registration request for registering with the second service system;
forwarding, by the second service system, the registration request to the computing device;
obtaining, by the second service system, a redirect address from the computing device;
rendering, by the second service system, a registration page corresponding to the redirect address; and
wherein the redirect address enables the computing device to obtain the authentication information through the registration page without storing the authentication information at the second service system. 
However, Chiang does teach the method of claim 1, before obtaining the authentication information of the login user, further comprising:
receiving, by the second service system, a registration request for registering with the second service system [paragraph: 0017, lines 1 – 3, When the user inputs the registration request [i.e. applicant’s registration request] on the cloud service page, the cloud service page enables the user device 300 to transmit the registration request to the cloud service server 200 [i.e. applicant’s second service system]];
forwarding, by the second service system, the registration request to the computing device [paragraph: 0021, lines 1 – 5, In one of the embodiments, the network storage server 400 can allow the user device 300 to register the cloud service page of the cloud service server [i.e. applicant’s second service system] with the network storage server 400 [i.e. applicant’s computing device] through the registration page [i.e. applicant’s registration request] after the user identity of the user device 300 is verified];
obtaining, by the second service system, a redirect address from the computing device [paragraph: 0018, lines 3 – 9, Namely, the user needs to input the address of the registration page of the network storage server 400  on the column of the cloud service page of the cloud service server [i.e. applicant’s second service system], and the user device 300 needs to transmit the address [i.e. applicant’s obtaining] of the registration page to the cloud service server 200, such that the cloud service server 200 network storage server 400 [i.e. applicant’s computing device]];
rendering, by the second service system, a registration page corresponding to the redirect address [paragraph: 0019, Next, the processor 206 produces the redirect command according to the address of the registration page included in the registration request, and transmits the redirect command by the communication device 202 to the user device 300, such that the user device 300 can switch to the registration page of the network storage server 400 from the cloud service page of the cloud service server [i.e. applicant’s second service system] in response to the redirect command, so as to perform the registration operation.]; and
wherein the redirect address enables the computing device to obtain the authentication information through the registration page without storing the authentication information at the second service system [paragraph: 0020, lines  - 9, In one of the embodiments, when the processor 206 transmits the redirect command to the user device 300 by the communication device 202, the processor 206 can enable the communication device 202 to transmit a registration return address of the cloud service server 200 to the user device 300. Therefore, the user of the user device 300 can input the information related to the cloud service page on the registration page of the network storage server 400 to register the cloud service page with the network storage server 400]. 
It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Ebrahimi and 
As per claim 6. Ebrahimi as modified does teach the method of claim 5, wherein the redirect address enables the computing device to obtain a permission for the first service system to use the authentication information to authenticate the user for registration for accessing one or more other service systems including the first service system [Chiang, paragraph: 0028, lines 1 – 20, More specifically, the processor 406 can enable the communication device 402 to provider the registration page and/or the authentication page to the web browser of the user device 300 in response to the HTTP request produced by the redirect command executed by the user device 300 , in which the HTTP request can be the HTTP request of the registration page, the registration page can be arranged to receive a registration return address [i.e. applicant’s redirect address] of a cloud service server 200, and the authentication page can be arranged to receive the user account and the user password and confirm whether the user password and the user account are correct [i.e. applicants authentication information to authenticate the user]. The network storage server 400 can transmit the registration page to the web browser when the user account and the user password are correct. After the user inputs the registration information of the cloud service page on the registration page [i.e. applicant’s …for registration for accessing 
As per claim 7. Ebrahimi as modified does teach the method of claim 5, wherein the redirect address enables the computing device to obtain the user detail information of the user for registration [Chiang, paragraph: 0028, lines 1 – 11, More specifically, the processor 406 can enable the communication device 402 to provider the registration page and/or the authentication page to the web browser of the user device 300 in response to the HTTP request produced by the redirect command executed by the user device 300, in which the HTTP request can be the HTTP request of the registration page, the registration page can be arranged to receive a registration return address of a cloud service server 200, and the authentication page can be arranged to receive the user account and the user password and confirm whether the user password and the user account are correct ] and store the user detail information in the computing device [Chiang, paragraph: 0028, lines 21 – 23,  Moreover, the processor 406 can also store the authorization token into the system block 410 of the storage device 404. ].  
As per claim 9. Ebrahimi does teach the method of claim 1, after obtaining from the login user the request to perform the transaction operation and before retrieving, from the computing device, the user detail information of the login user according to the transaction identification, further comprising:
authenticating, by the first service system, the login user for executing the transaction operation based on another round of comparison between the digital abstract of the authentication information of the login user [Ebrahimi, paragraph: 0047, lines 1 – 12, In embodiments, the messaging and communication functions described herein are provided to enable users to exchange data over communication networks in order to verify identity, or enable or provide access to users to services, goods, or commercial transactions [i.e. applicant’s for the transaction operation]. In the case of banking operations, the verification process of the identity service platform [i.e. applicant’s first service system] can be utilized by banks, as well as users of the bank, or third parties that require certified information from the banks regarding those users [i.e. applicant’s another round of comparison…etc.]] and the one or more digital abstracts stored on the blockchain [Ebrahimi, paragraph: 0055, In block 140, operations are performed for verifying the UGD. In particular, the data stored in the blockchain 50 is extracted, namely the signed hash value (<signed.hash.UGD>). In addition, the newly presented UGD is hashed using the same hash algorithm that was performed when registering the data. Verification of the raw data (UGD) is performed by performing a verification process on input data including the newly generated hash value, the public key of the user, and the <signed.hash.UGD> stored on the blockchain 50. For purposes of illustration only, in the verification process, hash values of the UGD newly generated and based on the <signed.hash.UGD> (e.g., using the public key), may be compared, and is verified when the hash values match.].
As per system claim 16 that includes the same or similar claim limitations as method claim 5, and is similarly rejected. 
As per system claim 17 that includes the same or similar claim limitations as method claims 7, and is similarly rejected. 
As per system claim 18, which includes the same or similar claim limitations as method claim 9 and is similarly rejected. 
As per storage medium claim 21 that includes the same or similar claim limitations as method claim 5, and is similarly rejected. 
As per storage medium claim 22 that includes the same or similar claim limitations as method claim 7, and is similarly rejected. 
As per storage medium claim 23 that includes the same or similar claim limitations as method claim 18, and is similarly rejected. 
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
US PGPUB # 2019/0312877
US PGPUB # 2018/0294966
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DANT B SHAIFER HARRIMAN whose telephone number is (571)272-7910.  The examiner can normally be reached on M - F: 8am to 5pm.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on 571- 272- 3811.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/DANT B SHAIFER HARRIMAN/Primary Examiner, Art Unit 2434