Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
	- Claims 1-6, 8-11, 13, 14 and 21-28 are allowed.
- Claims 7, 12 and 15-20 are cancelled.

Allowable Subject Matter
 	The following is an Examiner's statement of reasons for allowance:
- Following a telephonic interview held on 5/14/2021, Applicant’s representative Mr. Greg Meyer authorized the Examiner’s amendment presented below in order to place the application in condition for allowance.
- In view of the Examiner’s amendment presented below, the closest identified prior art of record including Loughlin, Rellas, Senthurpandi and Berteau alone or in combination, do not teach or suggest all the features of independent claim 1 as amended.
- In view of the above, independent claim 1 is deemed allowable. Claims 8 and 24 recite features similar to those recited in claim 1 and are therefore allowable for similar reasons. Claims 2-6, 9-11, 13, 14, 21-23 and 25-28 depend on one of claims 1, 8 and 24 and are therefore allowable by virtue of their dependency.
 	Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably 

Examiner’s Amendment
 	The Examiner’s amendment presented below was authorized by Mr. Greg Meyer following a telephonic interview held on 5/14/2021.

Please cancel claims 7, 12 and 15-20, add new claims 21-28 and amend claims 1, 2, 5, 6, 8 and 13 as follows:

1.	(Currently Amended) A computer-implemented method for use in providing a digital identity in association with a mobile communication device, the method comprising:
capturing, by a mobile communication device, an image of a physical document, the image including a biometric of a user associated with the physical document;
extracting, by the mobile communication device, the biometric from the image and converting the biometric to a biometric template;
capturing, by the mobile communication device, via an input device of the mobile communication device, a biometric of the user;
comparing, by the mobile communication device, the captured biometric of the user to the biometric template; and
in response to a match between the captured biometric of the user and the biometric template:
encrypting, by the mobile communication device, a message with a public key included in the mobile communication device and known to an identification provider, the message comprising at least the image of the physical document and the biometric template; and
transmitting, by the mobile communication device, the encrypted message to the identification provider, whereby the biometric template is decrypted and verified; and then
receiving, by the mobile communication device, a result from the identification provider, which is signed by the identification provider and indicative of a verification of the biometric template; and 
in response to the signed result:
binding, by the mobile communication device, data representative of the mobile communication device, a mobile application included in the mobile communication device, and at least one of the biometric template and the captured biometric of the user into a token; and 
retaining the token in a memory of the mobile communication device as a basis to subsequently authenticate the user at the mobile communication device, wherein the memory of the mobile communication device is a trusted execution environment (TEE) of the mobile communication device, thereby enabling the mobile application to provide a digital identity associated with the user to one or more relying parties when the user is authenticated at the mobile communication device based on the token.

2.	(Currently Amended) The computer-implemented method of claim 1, wherein the physical document includes a government ID card.

3.	(Original) The computer-implemented method of claim 1, further comprising checking, by the mobile communication device, an integrity of the image of the physical document prior to converting the extracted biometric to a biometric template.

4.	(Original) The computer-implemented method of claim 3, wherein the captured biometric of the user includes a facial image of the user.

5.	(Currently Amended) The computer-implemented method of claim 1, further comprising:
generating, by the mobile communication device, a public-private key pair and 
transmitting a [[the]] public key of the public-private key pair to the identification provider.

6.	(Currently Amended) The computer-implemented method of claim 5, further comprising:
receiving a message from the identification provider including the  result, wherein the result is signed by the identification provider with the transmitted public key; and 
decrypting the message based on a private key of the public-private key pair.

7.	(Cancelled).

8.	(Currently Amended) A non-transitory computer readable storage media comprising computer-executable instructions for managing digital identities, that when executed by at least one processor of a mobile communication device, cause the at least one processor of the mobile communication device to:
capture an image of a physical document associated with a user of the mobile communication device, the image including a biometric of the user;
extract the biometric from the image and convert the biometric to a biometric template;
capture a biometric of the user and compare the captured biometric of the user to the biometric template; 
when the captured biometric of the user matches the biometric template, encrypt a message with a public key included in the mobile communication device and known to an identification provider, the encrypted message including at least the image of the physical document and the biometric template, and transmit the [[a]] message to the [[an]] identification provider , whereby the biometric template is verified by the identification provider against a repository of biometric data; 
receive a signed result from the identification provider, the signed result indicative of verification of the biometric template; and 
in response to the signed result: 
bind data representative of the mobile communication device, a mobile application included in the mobile communication device, and at least one of the biometric template and the captured biometric of the user into a token; and 
store the token in a trusted execution environment (TEE) of the mobile communication device, thereby enabling the mobile application to provide a digital identity associated with the user to one or more relying parties based on authentication of the user through use of the token.

9.	(Previously Presented) The non-transitory computer readable storage media of claim 8, wherein the instructions, when executed by the at least one processor of the mobile communication device, further cause the at least one processor to check an integrity of the image of the physical document prior to converting the extracted biometric to a biometric template.

10.	(Previously Presented) The non-transitory computer readable storage media of claim 9, wherein the instructions, when executed by the at least one processor of the mobile communication device, cause the at least one processor, in connection with capturing the biometric of the user, to perform a liveness validation of the user and confirm that the captured biometric is from a living person.

11.	(Original) The non-transitory computer readable storage media of claim 10, wherein the captured biometric of the user includes a facial image of the user.

12.	(Cancelled).

13.	(Currently Amended) The non-transitory computer readable storage media of claim 8, wherein the public key includes a public key of the identification provider; and 
wherein the instructions, when executed by the at least one processor of the mobile communication device, further cause the at least one processor to generate a public-private key pair and transmit a public key of the public-private key pair to the identification provider.

14.	(Previously Presented) The non-transitory computer readable storage media of claim 13, wherein the instructions, when executed by the at least one processor of the mobile communication device, further cause the at least one processor to:
receive a message from the identification provider including the signed result, wherein the signed result is signed by the identification provider with the transmitted public key; and 
decrypt the message based on a private key of the public-private key pair.

15. – 20.  (Cancelled).

21.	(New) The computer-implemented method of claim 1, further comprising receiving a registration challenge for the user, from the identification provider; and 
wherein extracting the biometric from the image includes extracting the biometric from the image in response to the registration challenge for the user.

22.	(New) The non-transitory computer readable storage media of claim 8, wherein the computer-executable instructions define at least a portion of a software development kit (SDK) included in the mobile application.

23.	(New) The non-transitory computer readable storage media of claim 8, wherein the computer-executable instructions, when executed by the at least one processor of the mobile communication device, cause the at least one processor to receive a registration challenge for the user, from the identification provider, and to extract the biometric from the image in response to the registration challenge.  

24.	(New) A mobile communication device comprising:
a memory including executable instructions; and 
a processor coupled to the memory, wherein the processor is configured, by the executable instructions, to: 
capture an image of a physical document, the image including a biometric of a user associated with the physical document;
extract the biometric from the image and convert the biometric to a biometric template;
capture, via an input device of the mobile communication device, a biometric of the user;
compare the captured biometric of the user to the biometric template; and
in response to a match between the captured biometric of the user and the biometric template:
encrypt a message with a public key included in the mobile communication device and known to an identification provider, the message comprising at least the image of the physical document and the biometric template; and
transmit the encrypted message to the identification provider, whereby the biometric template is decrypted and verified; and then
receive a result from the identification provider, which is signed by the identification provider and indicative of a verification of the biometric template; and 
in response to the signed result:
bind data representative of the mobile communication device, a mobile application included in the mobile communication device, and at least one of the biometric template and the captured biometric of the user into a token; and 
retain the token in a trusted execution environment (TEE) of a memory of the mobile communication device as a basis to subsequently authenticate the user at the mobile communication device, thereby enabling the mobile application to provide a digital identity associated with the user to one or more relying parties when the user is authenticated at the mobile communication device based on the token.

25.	(New) The mobile communication device of claim 24, wherein the physical document includes a government ID card; and 
wherein the captured biometric of the user includes a facial image of the user.

26.	(New) The mobile communication device of claim 24, wherein the processor is configured, by the executable instructions, to check an integrity of the image of the physical document prior to converting the extracted biometric to a biometric template.

27.	(New) The mobile communication device of claim 24, wherein the processor is further configured, by the executable instructions, to:
generate a public-private key pair; 
transmit a public key of the public-private key pair to the identification provider; and 
decrypt the result based on a private key of the public-private key pair.

28.	(New) The mobile communication device of claim 24, wherein the executable instructions define at least a portion of a software development kit (SDK) included in the mobile application; and 
wherein the mobile application includes a banking application.  


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to NOURA ZOUBAIR whose telephone number is (571)270-7285.  The examiner can normally be reached on Monday - Friday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on 571-272-3811.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/NOURA ZOUBAIR/Primary Examiner, Art Unit 2434