DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given by Ryan Davis (Reg. No. 68,412) on March 23, 2021.

Claims
The application has been amended as follows: 

Regarding claim 2: (Currently Amended) A mobile virtual network operator (“MVNO”)-hosted mobile authentication platform comprising:
one or more processors; and
at least one non-transitory computer-readable storage medium having stored therein instructions which, when executed by the one or more processors, cause the one or more processors to:

determine that the access request is received from a member of the enterprise network;
gather device data and authentication factor data for the registered mobile device;
assign a network address for accessing the enterprise network over a dedicated connection for the enterprise network through the MVNO-hosted mobile authentication platform based on the device data and the authentication factor data to the registered mobile device; [[and]]
control access of the registered mobile device to the enterprise network over the dedicated connection based on the network address assigned to the registered mobile device;
inspect subsequent requests from the registered mobile device to access one or more resources of the enterprise network including one or more access-restricted enterprise resources of the enterprise network using the dedicated connection;
look up user permissions of a user of the registered mobile device; and
control access of the registered mobile device to access the one or more resources for the subsequent requests based on the user permissions and the network address assigned to the registered mobile device.

Regarding claim 3: (Currently Cancelled)

Regarding claim 4: (Currently Amended) The MVNO-hosted mobile authentication platform of claim 2[[3]], wherein the instructions which, when executed by 

Regarding claim 7: (Currently Canceled)

Regarding claim 12: (Currently Amended) A computer-implemented method comprising:
receiving, from a registered mobile device of a MVNO-hosted mobile authentication platform, an access request to access an enterprise network associated with the MVNO;
determining that the access request is received from a member of the enterprise network;
gathering device data and authentication factor data for the registered mobile device;
assigning, by the MVNO-hosted mobile authentication platform, a network address for accessing the enterprise network over a dedicated connection for the enterprise network through the MVNO-hosted mobile authentication platform based on the device data and the authentication factor data to the registered mobile device; [[and]]
controlling, by the MVNO-hosted mobile authentication platform, access of the registered mobile device to the enterprise network over the dedicated connection based on the network address assigned to the registered mobile device;
inspecting subsequent requests from the registered mobile device to access one or more resources of the enterprise network including one or more access-restricted enterprise resources of the enterprise network using the dedicated connection;
looking up user permissions of a user of the registered mobile device; and
controlling access of the registered mobile device to access the one or more resources for the subsequent requests based on the user permissions and the network address assigned to the registered mobile device.
	
Regarding claim 13: (Currently Canceled)

Regarding claim 17: (Currently Canceled)

Regarding claim 21: (Currently Amended) A system comprising:
one or more servers configured to host a mobile virtual network operator (“MVNO”)-hosted mobile authentication platform for an enterprise network;
a non-transitory computer-readable medium storing instructions that, when executed by one or more computer processors of a server, cause the MVNO-hosted mobile authentication platform to:
receive, from a registered mobile device of the MVNO-hosted mobile authentication platform, an access request to access an enterprise network associated with the MVNO;
determine that the access request is received from a member of the enterprise network;
gather device data and authentication factor data for the registered mobile device;

control access of the registered mobile device to the enterprise network over the dedicated connection based on the network address assigned to the registered mobile device;
inspect subsequent requests from the registered mobile device to access one or more resources of the enterprise network including one or more access-restricted enterprise resources of the enterprise network using the dedicated connection;
look up user permissions of a user of the registered mobile device; and
control access of the registered mobile device to access the one or more resources for the subsequent requests based on the user permissions and the network address assigned to the registered mobile device.

Regarding claim 22: (Currently New) The computer-implemented method of claim 12, wherein the device data includes a unique subscriber identification module (“SIM”) number.

Regarding claim 23: (Currently New) The system of claim 21, wherein the instructions that, when executed by the one or more computer processors of the server, further cause the MVNO-hosted mobile authentication platform to control access of the registered mobile device to the one or more resources over the dedicated connection using the network address assigned to the registered mobile device and based on whether one or 

Regarding claim 24: (Currently New) The system of claim 23, wherein the one or more additional authentication factors include first location data and the one or more authentication factors of the authentication factor data includes second location data and the instructions that, when executed by the one or more computer processors of the server, further cause the MVNO-hosted mobile authentication platform to control access of the registered mobile device to the enterprise network based on whether the first location data matches the second location data.

Regarding claim 25: (Currently New) The system of claim 24, wherein the first location data includes a baseband-derived location identification and the second location data includes an application layer-derived device location identification.	


Terminal Disclaimer 
The terminal disclaimer filed on 23 March 2021 disclaiming the terminal portion of any patent granted on this application which would extend beyond the expiration date of U.S. Patent 10063998 has been reviewed and is accepted. The terminal disclaimer has been recorded. 



Reasons for Allowance
The following is an examiner’s statement of reasons for allowance: 
Claims 2, 4-6, 8-12, 14-16 and 18-25 are considered allowable.

The Prior Art Mottes US Patent Application Publication No. 2004/0162058 teaches a method and a wireless device and a system and an entity which enables an End User to use and or subscribe to several service providers and or Mobile Virtual Network Operators (MVNOs), the various End User profiles and or subscriptions will be managed by the system. Enabling End Users to develop rules for moving between various service providers and or various MVNOs.
The Prior Art Krishnaswamy et al. US Patent Application Publication No. 2010/0017861 teaches a method and apparatus facilitating access to a communication session for a client. The method may comprise receiving, at a mobile virtual network operator (MVNO), an access request from a client, wherein the MVNO is associated with a set of mobile network operators (MNOs), receiving, from the client, client connection parameters associated with at least one of the set of MNOs, formulating at least one option for a communication session over a network associated with at least one of the set of MNOs, the at least one option based on the client connection parameters and MVNO-connection parameters associated with the set of MNOs, and establishing a selected communication session based on the at least one option.
The Prior Art SU US Patent Application Publication No. 2015/0094021 teaches a device receives location information associated with a user of a user device. The location information includes location coordinates associated with the user device over time, and 
The instant application is allowable over Mottes, Krishnaswamy et al. and SU described above, either singularly or in combination, due to the instant application teaching a different and detailed systems, methods and non-transitory computer-readable storage media for using mobile network authentication factors to authenticate a mobile device.
The prior art of record does not disclose, teach, or suggest neither singly nor in combination the claimed limitations of “[A] mobile virtual network operator (“MVNO”)-hosted mobile authentication platform; assign a network address for accessing the enterprise network over a dedicated connection for the enterprise network through the MVNO-hosted mobile authentication platform based on the device data and the authentication factor data to the registered mobile device; inspect subsequent requests from the registered mobile device to access one or more resources of the enterprise network including one or more access-restricted enterprise resources of the enterprise network using the dedicated connection; look up user permissions of a user of the registered mobile device; and control access of the registered mobile device to access the one or more resources for the subsequent requests 
Therefore the claims of the instant application are allowable over the cited prior art.
[AltContent: textbox ()]Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Fahimeh Mohammadi whose telephone number is (571)270-7857.  The examiner can normally be reached on Monday - Friday 9:00 - 5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on 5712705002.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published 






/FAHIMEH MOHAMMADI/    Examiner, Art Unit 2439                                                                                                                                                                                                        


/LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439