DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application is being examined under the pre-AIA  first to invent provisions 
This communication is in response to Applicant’s response on March 18, 2021 to Examiner's Non-Final communication on December 18, 2020.
This communication is further in response to the multiple telephone and E-mail communications with Applicant’s representative, Noble C. Woo, on May 17 and 20, 2021. An interview summary form is attached herewith.  
As a result of the communications with Applicant’s representative, the following claims have been amended and are hereby entered by Examiner amendments. 
Claims 1, 3-7, 10-12, 14-18, 21-24 have been examined in this Application.
Claims 2, 8-9, 13, 19-20 has been cancelled.
No new information disclosure statement has been submitted.

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Final authorization for this examiner’s amendment was given in an interview with Noble C. Woo on May 20, 2021. The amendments are based on the latest claims filed on March 18, 2021.
The application has been amended as follows: 
Please replace all previous claims with attached amended claims, wherein:
Claims 1, 3-7, 10-12, 14-18, 21-24 are pending.
Claims 2, 8-9, 13, 19-20 are cancelled. 

Final Claims

(Currently Amended) A method for securing transactions between a user device comprising a transaction application uploaded to the user device and a service provider interface using a credential issued to a user associated with the user device
capturing, by the transaction application uploaded to the user device, user biometric data
comparing, by the transaction application uploaded to the user device, the captured biometric data and prior user data stored on the credential issued to  the user;
in response to the comparing and successful verification of the user, establishing an encrypted communications tunnel between the service provider interface and the user device comprising the transaction application
transmitting, by the transaction application uploaded to the user device, to a trusted server configured to operate separately from the service provider interface;
receiving, by the transaction application uploaded to the user device, 
in response to receiving the verification data, authenticating, by the transaction application uploaded to the user device, the service provider  interface and the user with the trusted server;
establishing, by the transaction application uploaded to the user device, an encrypted session between the service provider interface and the transaction application;
in response to the established encrypted session, receiving, by the transaction application uploaded to the user device, an encrypted session key generated and sent from the trusted server; and
authenticating using the encrypted session key, by the transaction application uploaded to the user device, 

(Cancelled)

(Previously Presented) The method of claim 1, wherein the prior user data comprises user information captured from a driver’s license, a passport, or other user- provided identification document.

(Currently Amended) The method of claim 1, wherein one or more of the  biometric data, the prior user data, and the secure data are encrypted when stored or transmitted.

(Currently Amended) The method of claim 1, further comprising enrolling the user prior to biometric data



(Currently Amended) The method of claim 1, further comprising: uploading the transaction application from the service provider interface or the
credential to the user device prior to capturing the user biometric data

(Currently Amended) The method of claim 1, 

[AltContent: rect][AltContent: rect]
receiving, by the transaction application uploaded to the user device, a result of the comparison; and
presenting, by the transaction application uploaded to the user device, the result to the user.

(Cancelled)

(Cancelled) 

(Previously Presented) The method of claim 1, wherein establishing the encrypted session comprises:
sharing the received encrypted session key between the service provider interface and the credential; and
digitally signing each one of the transactions with the encrypted session key.


(Original) The method of claim 1, wherein the credential comprises a smart card or a secure access module (SAM).

(Currently Amended) A system comprising:
a user device comprising: a processor, and
[AltContent: rect]a memory storing programmable instructions and a transaction application, causes the processor to perform operations comprising:
capturingbiometric data
comparinbiometric data and prior user data stored on a credential issued to a user associated with the user device;
in response to the comparing and successful verification of the user, establish an encrypted communications tunnel between a service provider interface and the transaction application
transmitting the prior user data with attributes of the service provider interface a trusted server configured to operate separately from the service provider interface;
receiving verification data corresponding to the attributes of the service provider interface from the trusted server;
in response to receiving the verification data, authenticating the service provider interface and the user with the trusted server;
establishin
in response to the established encrypted session, receiving an encrypted session key generated and sent from the trusted server; and
authenticate, using the encrypted session key

(Cancelled)

(Currently Amended) The system of claim 12, wherein the prior user data comprises user information captured from a driver’s license, a passport, or other user- provided identification document.

(Currently Amended) The system of claim 12, wherein one or more of the 

[AltContent: rect](Currently Amended) The system of claim 12, causes the processor to perform operations comprising enrolling the user prior to capturing the user biometric data



[AltContent: rect](Currently Amended) The system of claim 12, wherein the memory comprises further programmable instructions, causes the processor to perform operations comprising:
uploading the transaction application from the service provider interface or the credential to the user device prior to capturing the user biometric data
logging session-specific data associated with the uploading; and  transmitting the session-specific data to the trusted server.

(Currently Amended) The system of claim 12, 
[AltContent: rect]when executed by the processor of the user device, causes the processor to perform operations comprising:
receiving a result of the comparison; and
 presenting the result to the user.

(Cancelled) 
(Cancelled) 

(Previously Presented) The system of claim 12, wherein establishing the encrypted session comprises:
sharing the received encrypted session key between the service provider interface and the credential; and
digitally signing each one of the one or more transactions with the encrypted session
key.


(Original) The system of claim 12, wherein the credential comprises a smart card or a secure access module (SAM).

(Currently Amended) A non-transitory machine-readable medium comprising a plurality of machine-readable instructions and a transaction application, operations comprising:
capturingbiometric data
comparingbiometric data and prior user data stored on a credential issued to a user associated with the user device;
in response to the comparing and successful verification of the user, establishing an encrypted communications tunnel between a service provider interface and the transaction application
ting the prior user data with attributes of the service provider interface a trusted server configured to operate separately from the service provider interface;
receiving verification data corresponding to the attributes of the service provider interface from the trusted server;
in response to receiving the verification data, authenticating the service provider interface and the user with the trusted server;
establishing
in response to the established encrypted session, receiving an encrypted session key generated and sent from the trusted server; and
authenticating, using the encrypted session key

(Original) The non-transitory machine-readable medium of claim 23, wherein the credential comprises a smart card or a secure access module (SAM), and the transaction application is uploaded to the user device from the credential.

Reasons for Allowance
Claims 1, 3-7, 10-12, 14-18, 21-24 are allowed.
The following is an Examiner’s statement of reasons for allowance:
Applicant’s arguments filed on March 18, 2021 regarding claim objections, claim rejection sunder 35 U.S.C. §112 and §101 have been fully considered and in view of the forgoing amendments are persuasive. The rejections are withdraw. 
	The amendments overcome various 112 issues, which are made by the Examiner and agreed to by the Applicant in order to advance prosecution. 
The Examiner claim amendments above overcome all rejections and thus place the claims in condition for allowance. The amendments overcome all rejections. 
	Per 101, the claims as a whole were analyzed and determined to amount to eligible subject matter because the claims contain elements, which combined as a whole result in the claims amounting to a practical application. 
	The claims require capturing user biometric data, comparing the biometric data, and in response, establish an encrypted communications tunnel, sending specific data to a server for authentication, receiving an authentication result, and in response establishing an encrypted session and receiving an encrypted session key which is used to authenticate the transaction between the user device and the service provider interface. 
	The above elements as summarized from claim 1, for instance, result in the claims amounting to eligible subject matter and thus are allowable. 

Furthermore, all arguments filed throughout the prosecution history are hereby incorporated in their entirety as further support for the reasons of allowance.
In conclusion, a prima facie case of obviousness with respect to the claims cannot be made and that the claims are patentably distinct from the prior art. Therefore, the limitations as a whole are novel and unobvious.
The following claim limitation as a whole overcome an obvious art rejection:
capturing, by the transaction application uploaded to the user device, user biometric data;
comparing, by the transaction application uploaded to the user device, the captured user biometric data and prior user data stored on the credential issued to the user;
in response to the comparing and successful verification of the user, establishing an encrypted communications tunnel between the service provider interface and the user device comprising the transaction application;
receiving, by the transaction application uploaded to the user device, verification data corresponding to the attributes of the service provider interface from the trusted server;
in response to receiving the verification data, authenticating the service provider interface and the user with the trusted server;  
establishing, by the transaction application uploaded to the user device, an encrypted session between the service provider interface and the transaction application; 
in response to the established encrypted session, receiving, by the transaction application uploaded to the user device, an encrypted session key generated and sent from the trusted server; and
authenticating using the encrypted session key, by the transaction application uploaded to the user device, the transaction between the user device and the service provider interface.

Further prior art, foreign prior art, and NPL searches were conducted; however, no relevant prior art was found.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled “Comments on Statement of Reasons for
 Allowance.”

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure is listed on for PTO-892. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to EL MEHDI OUSSIR whose telephone number is (571)270-0191.  The examiner can normally be reached on M-F 9AM - 5PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neha W. Patel can be reached on 571-270-1492.  The fax phone number for the organization where this application or proceeding is assigned is 571-270-1191.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



Sincerely,

/EL MEHDI OUSSIR/Primary Examiner, Art Unit 3685