DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Election/Restrictions
The Response to the Restriction Requirement, filed 30th April 2021, defines the Applicant elects Invention I, Claims 1-39, as the elected invention, and elects Species II, Claims 8-36, as the elected species.
Claim 40 is withdrawn from further consideration pursuant to 37 CFR 1.142(b), as being drawn to a non-elected Invention, and claims 1-7 and 37-39 are withdrawn from further consideration pursuant to 37 CFR 1.142(b), as being drawn to a non-elected Species, there being no allowable generic or linking claim. Applicant timely traversed the restriction (election) requirement in the reply filed on 30th April 2021. Therefore claims 8-36 are pending in the application and the status of the application is currently pending.
Applicant's election with traverse of claims 1-7 and 37-40 in the reply, filed on 30th
These arguments are not found persuasive because the different Inventions were defined by their specific limitations to show Inventions I and II are related as subcombinations disclosed as usable together in a single combination, where subcombination I has separate utility such as determining, by a hardware security module in a server system, whether at least two endorsement messages satisfy a quorum for approving a requested transaction, and subcombination II has separate utility such as receiving, at first user device associated with a user, a first message including a transaction description relating to a requested transaction. Also, because the Species were defined by the embodiments in the Drawings, where Species I is directed to authorizing a transaction by endorsements, and Species II is directed to authorizing the transaction by risk analysis. In addition, these species are not obvious variants of each other based on the current record. It was made clear how the Inventions are distinct and how the Species are drawn to different and distinct embodiments. 
The requirement is still deemed proper and is therefore made FINAL. 
Claims 8-36 are pending in the application and the status of the application is currently pending.

Claim Objections
Claims 11 and 28 are objected to because of minor informalities. 
Claim 11 recites the limitation “causing a user device of the user to output a prompt the user to record and upload to the server system a video” (lines 4-5), where the emphasized elements appear to convolute the intended action. A suggested correction is to the user to record and upload to the server system a video”. 
Claim 28 recites the limitation “cause an endorsement request to be sent to at least one mobile device… each said at least one mobile device being associated with at least one of a plurality of users” (lines 3-6), followed by the limitation “receive an indication of the endorsement message from a mobile device of one or more of the users” (lines 10-11). The emphasized limitation does not clearly describe who is providing the endorsement response that is received by the claimed invention, where it is not clearly reciting the at least one mobile device that received the endorsement request, and it is not clearly describing that one or more of the users is replying from a single mobile device. A suggested correction is “receive an indication of the endorsement response from the at least one mobile device of one or more of the users”. 
Appropriate correction is required.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 8 and 12-26 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. 
The rejection is based on the subject matter eligibility test that is detailed in the 2019 Revised Patent Subject Matter Eligibility Guidance (2019 PEG) and the October 2019 
In Step 1 of the test, the claims 8-26 were found to be directed to one of the four statutory categories, which is a method of authorizing a transaction. Therefore, the result of Step 1 concludes the claims are directed to a statutory category.
In Step 2A(1), the claims were found to recite an abstract idea. The claim 8 recites 
receiving, at a server system, a transaction request for a requested transaction involving the cryptoasset;
receiving, at the server system, at least one endorsement message from at least one user device, each said at least one endorsement message being associated with a different one of a plurality of users;
determining, by a hardware security module in the server system, whether the at least one endorsement message satisfies a quorum for approving the requested transaction, the quorum being defined in a stored policy associated with the cryptoasset; and
only if the at least one endorsement message satisfies the quorum, then authorizing the requested transaction by using the hardware security module to sign an approval of the requested transaction with a private key associated with the cryptoasset.
The limitations emphasized describe a process of authorizing a transaction based on approval by a quorum of users as defined by a legal contract, completed by signing the approval. The emphasized limitations are directed to the abstract idea of fundamental economic principles that are defined as Certain Methods of Organizing Human Activities.  
The dependent claims 9-26 further support the interpretation of the abstract idea. 
Claim 9 recites for at least one user device of said at least one user device, verifying, at the server system, that the user device has authenticated a corresponding user by a first biometric authentication technique, in connection with an endorsement of the requested transaction.
Claim 10 recites using a second biometric authentication technique at the server system to authenticate at least one of the users in connection with an endorsement of the requested action.
Claim 11 recites using an authentication technique at the server system to authenticate a user in connection with an endorsement of the requested transaction, the authentication technique including: causing a user device of the user to output a prompt the user to record and upload to the server system a video in which the user performs a specified action or speaks specified content; receiving at the server system a video uploaded responsive to the prompt; and analyzing the video at the server system to authenticate the user by performing at least one of: verifying a biometric characteristic of the user from the video, or verifying that the user performed the specified action or spoke the specified content in the video.
Claim 12 recites causing a user device of at least one of the users to output a deterministic authentication challenge to the corresponding user, wherein a content of the deterministic authentication challenge is based on a context of the requested transaction.
Claim 13 recites in response to the transaction request, invoking a risk analysis of the requested transaction; wherein said authorizing the transaction is done only if a result of the risk analysis indicates that a risk level associated with the requested transaction satisfies a risk criterion and the at least one endorsement message satisfies the quorum.
Claim 14 recites using the hardware security module to generate the private key associated with the cryptoasset.
Claim 15 recites using the hardware security module to generate the private key associated with the cryptoasset as part of a public-private key pair associated with the cryptoasset.
Claim 16 recites storing the private key associated with the cryptoasset within the hardware security module, wherein the private key associated with the cryptoasset cannot be read by or transmitted to any entity that is external to the hardware security module.
Claim 17 recites storing in the hardware security module a public key of a public-private key pair for each said at least one user device.
Claim 18 recites wherein each endorsement message has been signed by a corresponding user device with the private key of the public-private key pair associated with said corresponding user device.
Claim 19 recites providing a data package to the hardware security module prior to said authorizing the requested transaction, the data package including data indicative of the quorum and a public key associated with each said at least one user device.
Claim 20 recites wherein the hardware security module has no direct connection to any public computer network
Claim 21 recites storing, in a hardware security module, a private key associated with the cryptoasset, the private key being part of a public-private key pair associated with the cryptoasset.
Claim 22 recites causing, by the server computer system, an endorsement request message to be transmitted to each said at least one user device, each endorsement request message being configured to cause the receiving user device to prompt a corresponding user to endorse the requested transaction.
Claim 23 recites storing the policy associated with the cryptoasset, the policy defining a quorum of a plurality of users required for authorization of the transaction.
Claim 24 recites wherein the determining whether the at least one endorsement message satisfies a quorum defined in a policy associated with the cryptoasset is done by using a public key associated with the user device that sent each endorsement message to validate the corresponding endorsement message. 
Claim 25 recites wherein the at least one endorsement message has been generated by signing on the user device using a private key stored in a secure storage of the user device.
Claim 26 recites sending to the hardware security module a data package that includes data specifying the policy, including the quorum, and a public key associated with each said at least one user device.
The emphasized limitations further describe the abstract idea, including elements of the fundamental economic principles. The non-emphasized limitations recite additional elements that are more technical than the abstract idea but part of the actions of the Therefore, the result of Step 2A(1) concludes the claims 8-11, 13, 18-19 and 22-26 further recite the abstract idea and claims 12, 14-17 and 20-21 includes elements that support the abstract idea. 
In Step 2A(2), the claims that recite the judicial exception do not integrate the judicial exception into a practical application. The additional elements in claim 8 recite a server system executing the abstract idea, which is the authorization of a transaction. The cryptoasset is interpreted as the currency of the transaction and is recited in the claim for identifying the policy, which support the abstract idea of an economic practice. The use of the private key is recited to sign the response as defined by the policy, which supports the abstract idea of economic practices. In the dependent claims, the additional elements further support the abstract idea. Claims 9, 11-12, 22, 24-25 recite the at least one user device that receives instructions from the server system and sends a response to the server system. Claim 11 recites the use of biometric authentication sent by the user device, where a video of the biometric authentication technique is recited for the authentication, where in combination with a quorum of endorsements for authorization does not simply recite the technology used as a tool to execute the abstract idea. Claim 11 can be interpreted to have instructions sent to the user device, thus not further limiting claim 8, where the functions of the user device do not improve or change the abstract idea in claim 8. Claims 14-19 describe the creation and use of the private key part of a private/public key pair, where the public key is used to authenticate the signature. Claims 14-17, 19-21 and 26 are reciting a Therefore, the result of Step 2A(2) is the claims 8-26 are directed to the abstract idea. 
In Step 2B, the claims 8-26 do not include additional elements that are sufficient to amount to significantly more than the judicial exception. The claims recite the server system to manage the authentication for a transaction, the at least one user device to receive a request for endorsement and send the response to the request, and the hardware security module to create and store cryptographic code. While the additional elements limit the abstract idea to a specific field of transactions authorized within a cryptoasset environment, there is no improvement to the functioning of the recited devices nor is there an improvement to another technology or technical field. Considering the additional elements individually, the claims do not include elements that are sufficient to amount to significantly more than the judicial exception. Considering the additional elements in combination, the steps do not add any meaningful limits on practicing the abstract idea more than the elements analyzed individually and thus do not add significantly more to the claimed invention. Therefore, the result of Step 2B is the claims 8-26 do not have significantly more, and the test concludes the claims 8-26 are patent ineligible.


Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. an online server subsystem configured to receive a requested transaction relating to a digital asset from a user via a public computer network and the online server subsystem further configured to receive an endorsement message from the corresponding mobile device of one or more of the plurality of users in claim 28; and the online server subsystem further being configured to cause an endorsement request message to be transmitted in claim 31.
Because these claim limitations are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, they are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
If applicant does not intend to have these limitations interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitations to avoid them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitations recites sufficient structure to perform the claimed function so as to avoid them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.



Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claim limitations an online server subsystem configured to receive a requested transaction relating to a digital asset from a user via a public computer network and the online server subsystem further configured to receive an endorsement message from the corresponding mobile device of one or more of the plurality of users in claim 28, and the online server subsystem further being configured to cause an endorsement request message to be transmitted in claim 31, invoke 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. However, the written description fails to disclose the corresponding structure, material, or acts for performing the entire claimed function and to clearly link the structure, material, or acts to the function. The Specification does not define the online server as part of a subsystem, and the subsystem is not defined in the Specification or the Figures. Therefore, the claim is indefinite and is rejected under 35 U.S.C. 112(b) or pre-AIA  35 U.S.C. 112, second paragraph.
Applicant may:
(a)        Amend the claim so that the claim limitation will no longer be interpreted as a limitation under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph; 

(c)        Amend the written description of the specification such that it clearly links the structure, material, or acts disclosed therein to the function recited in the claim, without introducing any new matter (35 U.S.C. 132(a)).
If applicant is of the opinion that the written description of the specification already implicitly or inherently discloses the corresponding structure, material, or acts and clearly links them to the function so that one of ordinary skill in the art would recognize what structure, material, or acts perform the claimed function, applicant should clarify the record by either: 
(a)        Amending the written description of the specification such that it expressly recites the corresponding structure, material, or acts for performing the claimed function and clearly links or associates the structure, material, or acts to the claimed function, without introducing any new matter (35 U.S.C. 132(a)); or 
(b)        Stating on the record what the corresponding structure, material, or acts, which are implicitly or inherently set forth in the written description of the specification, perform the claimed function. For more information, see 37 CFR 1.75(d) and MPEP §§ 608.01(o) and 2181.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
Determining the scope and contents of the prior art.
Ascertaining the differences between the prior art and the claims at issue.
Resolving the level of ordinary skill in the pertinent art.
Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claims 8-11, 13-26, 28, 29 and 31-35 are rejected under 35 U.S.C. 103 as being unpatentable over Patterson (US 2017/0076518, hereinafter “Patterson”), in view of Prakash (US 2018/0330342, hereinafter “Prakash”).
Regarding Claim 8, Patterson teaches 
receiving, at a server system, a transaction request for a requested transaction […]; (“At step 310, the computing device may receive an action request initiated by a requester. For example, a requester may request to perform an action and trigger an authorization process.” See Patterson in [0050] referencing Figure 3)
receiving, at the server system, at least one endorsement message from at least one user device, ([0058] “At step 420, the computing device may obtain an authentication group for a request. Authentication groups are discussed further in FIG. 19. At step 425, a computing device may message one or more authenticators. In some instances, the authenticators may comprise the user. In other instances, authenticators may be authenticating members designated to be part of a first tier of the authentication group. In some embodiments, a message may comprise a data transmission communicated over a network. For instance, a message may be a social networking message sent through the network 209. In another example, messages may be sent via text message.” …[0060] “At step 433, the computing device may score a response. The computing device may tally different categories of responses. For example, the device may evaluate a number of “confirm” or “deny” inputs. After scoring the responses, the computing device may then proceed to step 435.” See Patterson in [0058]-[0060])  
each said at least one endorsement message being associated with a different one of a plurality of users; (“FIG. 10B depicts an illustrative example of an action request screen that might be presented to an authorizing member. In response to an action request, an authorizing member may be presented with a screen 1011, notifying them that the requestor has requested an action and that an authorization response has been requested. The screen may include details about the request 1012, which may include both information specifying the request made and contextual information about the request. The screen might also display information provided to authorize the requester making the request in the form of a picture and/or message 1013. There may also be an indication 1015 as to whether the requester has been authenticated. This may aid the authorizing member in determining that the particular entity making a request may be authorized to perform an action. For example, the screen may present that an authenticated individual has requested to watch a movie, along with the ESRB rating for the movie. The authorizing member may be given options 1014 on whether to confirm or deny the requestor's identity. The authorizing member may click confirm or deny to indicate their response to the action request. The corresponding confirmation or denial might then be sent to a computing device as the response from the authorizing member.” See Patterson in [0088] referencing Figures 10A and 10B)
storing, in a hardware security module that has no direct connection to any public computer network, [transaction associated information]; (“…the authorization system 603 may compile information related to the task, contextual information related to the task, information stored in a server relating to performing an 
determining, by a hardware security module in the server system, whether the at least one endorsement message satisfies a quorum for approving the requested transaction, the quorum being defined in a stored policy [by using a criteria threshold]; (“At step 445, the computing device may determine if responses meet one or more criteria for authenticating the identity of the requestor. For example, a system may evaluate responses against an approval threshold and transmit an authentication response to a requesting device based on that determination. Any suitable criteria may be used. For example, the system may check to see if a plurality of authorizers who were messaged responded with “confirm” indications. In another example, the device may check to see if any authenticators responded with “deny” indications. In another example, the device may check to determine whether more authenticators responded than did not response before judging the received responses. An account holder could configure their own rule, and the device may implement one or more account holder configured criteria. The approval criteria and
only if the at least one endorsement message satisfies the quorum, then authorizing the requested transaction by using the hardware security module to sign an approval of the requested transaction […]. (“At step 615, the authorization system 603 may evaluate received responses and/or other compiled information against criteria. At step 616, the authorization system 603 may transmit a determination based on the criteria to authorizing device 602. At step 617, the authorizing device 602 may perform a task based on the determination. For example, the authorizing device 602 may perform the task attempted by the requester, or it may perform some other task, such as denying the attempted task. At step 618, the authorizing device 602 may inform the requester regarding the result of the authorization process. For example, the authorizing device 602 may cause information to be displayed to the requester explaining whether or not the attempted task may be performed. Also, the authorizing device 602 may inform the requester of the process or results from any of the proceeding steps. For example, the authorizing device might display a user interface to the requester and/or user stating that the request has been granted.” See Patterson [0076])
The limitation reciting only if the at least one endorsement message satisfies the quorum is a conditional statement in a method claim that does not move to distinguish over the prior art as this step may never happen.
Patterson does not expressly teach transaction relating to a cryptoasset; policy associated with the cryptoasset; a private key associated with the cryptoasset, the private key being part of a public-private key pair associated with the cryptoasset; using a public key associated with the mobile device that sent each endorsement message to validate the corresponding endorsement message; and sign an approval with the private key associated with the cryptoasset.  
However, Prakash does teach 
transaction relating to a cryptoasset (“Embodiments of the present invention are directed to a cryptocurrency system that enables transactions to be performed between entities with digital assets corresponding to cryptocurrency amounts.” See Prakash in [0042]) 
policy associated with the cryptoasset (“The digital asset service provider computer may be configured to manage information related to digital asset transactions. For example, the digital asset service provider computer may store a ledger of transactions (e.g., a blockchain) over a network that records transaction data related to all transactions performed by users of the cryptocurrency system. The ledger of transactions may be updated each time a new transaction is conducted and the data stored in the ledger may serve as proof that digital assets were assigned to a certain user's digital asset account.” See Prakash in [0045])
a private key associated with the cryptoasset, the private key being part of a public-private key pair associated with the cryptoasset (“A management system server computer in a cryptocurrency payment network may generate and assign a unique key pair for each node in the cryptocurrency payment network.” See Patterson in [0029]; “In some embodiments, the digital asset account manager 412 may be configured to cause the processor 404 to generate, store, and/or distribute a 
using a public key associated with the mobile device that sent each endorsement message to validate the corresponding endorsement message (“By way of example, digital asset service provider computer 110 may be configured to receive transfer requests indicating a user's desire to transfer a particular amount of fiat currency to another user. In some embodiments, the digital asset service provider computer 110 may be configured to validate the transfer request using authentication information received in the transfer request (e.g., a digital signature of the first user). The digital asset service provider computer 110 may be configured to transmit a transaction request to financial institution computer 114.” See Prakash in [0056])
sign an approval with the private key associated with the cryptoasset (“A private key associated with the user 502 (stored by application 510) may be accessed in order to generate a digital signature corresponding to the user 502. The digital signature may be provided in the transfer request and utilized by the service 
It would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to include in the teachings of Patterson “transactions associated with cryptocurrency” and “use of public/private keys for validation and authentication associated with cryptocurrency”, as taught by Prakash, because the process of a blockchain network would improve the security of the authentication and authorization of the transactions.
Regarding Claim 28, Patterson teaches 
an online server subsystem (referenced in Figure 2) configured to 
receive a requested transaction relating to a digital asset from a user via a public computer network (“At step 310, the computing device may receive an action request initiated by a requester. For example, a requester may request to perform an action and trigger an authorization process.” See Patterson in [0050]) and 
to cause an endorsement request to be sent to at least one mobile device according to a stored policy in response to receipt of the requested transaction, (“Action specific information may be configured. Also, the computing device may obtain information describing a request or task to be performed. Using the information gathered, the computing device may determine how to proceed with the action. For example, one task may require a first authorization group, while a second task may require a second authorization group. In some embodiments, each action may have a particular authorization group. In some instances, an 
each said at least one mobile device being associated with at least one of a plurality of users specified in the policy as possible members of a quorum for approving the transaction, (as referenced in Patterson in Figures 10A and 10B)
the online server subsystem further configured to receive an endorsement message from the corresponding mobile device of one or more of the plurality of users; ([0058] “At step 420, the computing device may obtain an authentication group for a request. Authentication groups are discussed further in FIG. 19. At step 425, a computing device may message one or more authenticators. In some instances, the and
a hardware security module configured to 
receive an indication of the endorsement message from a mobile device of one or more of the users, (See Patterson in [0058]-[0060])
to determine whether valid endorsements have been received from each of two or more of the users in satisfaction of the quorum specified in the policy, [by using a criteria threshold], (“At step 445, the computing device may determine if responses meet one or more criteria for authenticating the identity of the requestor. For example, a system may evaluate responses against an approval threshold and transmit an authentication response to a requesting device based on that determination. Any suitable criteria may be used. For example, the system may check to see if a plurality of authorizers who were messaged responded with “confirm” indications. In another example, the device may check to see if any authenticators responded with “deny” indications. In another example, the device  and 
to authorize the transaction […] associated with the digital asset only if a valid endorsement of the requested transaction has been received from each of two or more of the users in satisfaction of the quorum (“At step 615, the authorization system 603 may evaluate received responses and/or other compiled information against criteria. At step 616, the authorization system 603 may transmit a determination based on the criteria to authorizing device 602. At step 617, the authorizing device 602 may perform a task based on the determination. For example, the authorizing device 602 may perform the task attempted by the requester, or it may perform some other task, such as denying the attempted task. At step 618, the authorizing device 602 may inform the requester regarding the result of the authorization process. For example, the authorizing device 602 may cause information to be displayed to the requester explaining whether or not the attempted task may be performed. Also, the authorizing device 602 may inform the requester of the process or results from any of the proceeding steps. For example, the authorizing device might display a user interface to the requester and/or user stating that the request has been granted.” See Patterson [0076]).
Patterson does not expressly teach transaction relating to a cryptoasset; policy associated with the cryptoasset; a private key associated with the cryptoasset, the private key being part of a public-private key pair associated with the cryptoasset; using a public key associated with the mobile device that sent each endorsement message to validate the corresponding endorsement message; and sign an approval with the private key associated with the cryptoasset.  
However, Prakash does teach 
using a public key associated with the mobile device that sent each endorsement message to validate the corresponding endorsement message (“By way of example, digital asset service provider computer 110 may be configured to receive transfer requests indicating a user's desire to transfer a particular amount of fiat currency to another user. In some embodiments, the digital asset service provider computer 110 may be configured to validate the transfer request using authentication information received in the transfer request (e.g., a digital signature of the first user). The digital asset service provider computer 110 may be configured to transmit a transaction request to financial institution computer 114.” See Prakash in [0056])
sign an approval with the private key associated with the cryptoasset (“A private key associated with the user 502 (stored by application 510) may be accessed in order to generate a digital signature corresponding to the user 502. The digital signature may be provided in the transfer request and utilized by the service provider computer 112, the digital asset service provider computer 110, and/or the financial institution computer 113 in order to validate data received from the application 510.” See Prakash in [0104]).
It would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to include in the teachings of Patterson “transactions associated with cryptocurrency” and “use of public/private keys for validation and authentication associated with cryptocurrency”, as taught by Prakash, because the process of a blockchain network would improve the security of the authentication and authorization of the transactions.

Regarding Claims 9 and 33, Patterson, in view of Prakash, teaches the limitations of claims 8 and 28. Patterson, in view of Prakash, further teaches for at least one user device of said at least one user device, verifying, at the server system, that the user device has authenticated a corresponding user by a first biometric authentication technique, in connection with an endorsement of the requested transaction (“In another example, a cable company may require an employee to provide a photo, scan a company issued ID card, and provide a thumbprint. Further examples of information to be obtained for an authentication may include biometric information (such as a fingerprint, iris scan, audio sample, or photograph of the person), a password, or some other kind of authenticating information.” See Patterson in [0057]; “Examples of authentication information that may be obtained from a device may be include device serial numbers, digital signatures, hardware secure element identifiers, device fingerprints, biometric information of the user, phone numbers, IMEI numbers, etc.” See Prakash in [0031]).
Regarding Claims 10 and 34, Patterson, in view of Prakash, teaches the limitations of claims 9 and 33. Patterson, in view of Prakash further teaches using a second biometric authentication technique at the server system to authenticate at least one of the users in connection with an endorsement of the requested action (See Prakash in [0031]).
Regarding Claims 11 and 35, Patterson, in view of Prakash, teaches the limitations of claim 8 and 28. Patterson further teaches 
using an authentication technique at the server system to authenticate a user in connection with an endorsement of the requested transaction (“FIG. 3 depicts an illustrative process for authentication and authorization. At step 305, an authorization system, such as authorization system 211 of FIG. 2, may be configured. The method may be performed on a computing device, such as a device 200. The computing device may determine an authentication group and/or an authorization group comprising a plurality of members based on an association with a user. In some instances, the user may be an account holder. Such configuration may be done in a variety of ways. In some embodiments, the configuration may be done automatically, such as by identifying individuals associated with an existing social network account of the user. As other examples, the configuration may be done by a system administrator or may be configured by a user interacting with a configuration screen such as the example illustrated in FIG. 11 and discussed further herein. An authentication group may comprise a group of devices or other individuals that may authenticate a requester to verify the identity of someone or something that is requesting a particular action. In many instances, the authentication group may be used to verify the identity of a requester making a request and whether he is a requester for whom the request should be granted.” See Patterson in [0044])
causing a user device of the user to output a prompt the user to record and upload to the server system a video in which the user performs a specified action or speaks specified content (the term “causing” does not move to distinguish over the prior art: “In some embodiments, information sources 802 may include some outside entity that has collected information about an individual's identity. For example, a passport agency may have registered an individual with the system, and have information such as documents, photos, thumbprints, vocal recordings, or other information that might help authenticate the individual.” See Patterson in [0083])
receiving at the server system a video uploaded responsive to the prompt (“Further examples of information to be obtained for an authentication may include biometric information (such as a fingerprint, iris scan, audio sample, or photograph of the person), a password, or some other kind of authenticating information. FIG. 9, discussed below, gives further discussion regarding collecting contextual information.” See Patterson in [0057]) 
analyzing the video at the server system to authenticate the user by performing at least one of: verifying a biometric characteristic of the user from the video, or verifying that the user performed the specified action or spoke the specified content in the video (“For example, a thumbprint could be collected and checked against thumbprints obtained from the information system 802 and individual 803. At block 806, a computing device in the authentication system may decide whether or not to validate the individual based off any information that may have been obtained by 
Regarding Claim 13, Patterson, in view of Prakash, teaches the limitations of claim 8. Patterson, in view of Prakash, further teaches in response to the transaction request, invoking a risk analysis of the requested transaction; (interpreted as triggering the action for authentication: “At step 315, the computing device may determine whether authentication of the requesting user is needed for the requested action.” See Patterson in [0051]).
Regarding Claim 14, Patterson, in view of Prakash, teaches the limitations of claim 8. Patterson, in view of Prakash, further teaches using the hardware security module to generate the private key associated with the cryptoasset (“In some embodiments, the digital asset account manager 412 may be configured to cause the processor 404 to generate, store, and/or distribute a public and/or private key of a key pair associated with a user. The key pair may be stored within the digital asset account associated with the user or as a separate electronic record associated with the user and/or the digital asset account. Once distributed to a user computing device, the private key may be utilized by the user computing device to digitally sign electronic messages. Received messages (e.g., transfer requests, digital asset requests, transaction responses, etc.) may be validated by the digital asset account manager 412 by utilizing the public and/or private key.” See Prakash in [0086]).
Regarding Claim 15, Patterson, in view of Prakash, teaches the limitations of claim 8. Patterson, in view of Prakash, further teaches using the hardware security module to generate the private key associated with the cryptoasset as part of a public-private key pair associated with the cryptoasset
Regarding Claim 16, Patterson, in view of Prakash, teaches the limitations of claim 15. Patterson, in view of Prakash, further teaches storing the private key associated with the cryptoasset within the hardware security module, wherein the private key associated with the cryptoasset cannot be read by or transmitted to any entity that is external to the hardware security module (“In some embodiments, digital asset account data store 418 stores any information related to digital assets. For example, digital asset account data store 418 may store any number of digital asset attributes (e.g., digital asset amount, currency type, timestamp, digital asset identifier, associated user identification information, etc.) for each of a plurality of digital assets. Digital asset attributes associated with a digital asset may be persisted in digital asset account data store 418 until the digital asset is converted to fiat currency or utilized in a purchase transaction.” See Prakash in [0087]).
Regarding Claim 17, Patterson, in view of Prakash, teaches the limitations of claim 8. Patterson, in view of Prakash, further teaches storing in the hardware security module a public key of a public-private key pair for each said at least one user device (See Prakash in [0086]-[0087]).
Regarding Claim 18, Patterson, in view of Prakash, teaches the limitations of claim 17. Patterson, in view of Prakash, further teaches wherein each endorsement message has been signed by a corresponding user device with the private key of the public-private key pair associated with said corresponding user device (See Prakash in [0086]-[0087]).
Regarding Claim 19, Patterson, in view of Prakash, teaches the limitations of claim 17. Patterson, in view of Prakash, further teaches providing a data package to the hardware security module prior to said authorizing the requested transaction, the data package including data indicative of the quorum and a public key associated with each said at least one user device (“At step 615, the authorization system 603 may evaluate received responses and/or other compiled information against criteria. At step 616, the authorization system 603 may transmit a determination based on the criteria to authorizing device 602. At step 617, the authorizing device 602 may perform a task based on the determination. For example, the authorizing device 602 may perform the task attempted by the requester, or it may perform some other task, such as denying the attempted task. At step 618, the authorizing device 602 may inform the requester regarding the result of the authorization process. For example, the authorizing device 602 may cause information to be displayed to the requester explaining whether or not the attempted task may be performed. Also, the authorizing device 602 may inform the requester of the process or results from any of the proceeding steps. For example, the authorizing device might display a user interface to the requester and/or user stating that the request has been granted.” See Patterson [0076]; “By way of example, digital asset service provider computer 110 may be configured to receive transfer requests indicating a user's desire to transfer a particular amount of fiat currency to another user. In some embodiments, the digital asset service provider computer 110 may be configured to validate the transfer request using authentication information received in the transfer request (e.g., a digital signature of the first user). The digital asset service provider computer 110 may be configured to transmit a transaction request to financial institution computer 114.” See Prakash in [0056]).
Regarding Claim 20, Patterson, in view of Prakash, teaches the limitations of claim 8. Patterson, in view of Prakash, further teaches the hardware security module has no direct connection to any public computer network (interpreting the hardware security module is 
Regarding Claim 21, Patterson, in view of Prakash, teaches the limitations of claim 8. Patterson, in view of Prakash, further teaches storing, in a hardware security module, a private key associated with the cryptoasset, the private key being part of a public-private key pair associated with the cryptoasset (“In some embodiments, the digital asset account manager 412 may be configured to cause the processor 404 to generate, store, and/or distribute a public and/or private key of a key pair associated with a user. The key pair may be stored within the digital asset account associated with the user or as a separate electronic record associated with the user and/or the digital asset account. Once distributed to a user computing device, the private key may be utilized by the user computing device to digitally sign electronic messages. Received messages (e.g., transfer requests, digital asset requests, transaction responses, etc.) may be validated by the digital asset account manager 412 by utilizing the public and/or private key. If the received message is determined to be valid, processing may continue.” See Prakash in [0086]).
Regarding Claim 22, Patterson, in view of Prakash, teaches the limitations of claim 8. Patterson, in view of Prakash, further teaches causing, by the server computer system, an endorsement request message to be transmitted to each said at least one user device, each endorsement request message being configured to cause the receiving user device to prompt a corresponding user to endorse the requested transaction (the terms “causing” and “cause” do not move to distinguish over the prior art, See Patterson in [0047]).
Regarding Claim 23, Patterson, in view of Prakash, teaches the limitations of claim 8. Patterson, in view of Prakash, further teaches storing the policy associated with the cryptoasset, the policy defining a quorum of a plurality of users required for authorization of the transaction (See Patterson in [0047]).
Regarding Claim 24, Patterson, in view of Prakash, teaches the limitations of claim 8. Patterson, in view of Prakash, further teaches wherein the determining whether the at least one endorsement message satisfies a quorum defined in a policy associated with the cryptoasset is done by using a public key associated with the user device that sent each endorsement message to validate the corresponding endorsement message (See Patterson in [0047] and See Prakash in [0086]).
Regarding Claim 25, Patterson, in view of Prakash, teaches the limitations of claim 8. Patterson, in view of Prakash, further teaches wherein the at least one endorsement message has been generated by signing on the user device using a private key stored in a secure storage of the user device (as referenced in Patterson in Figures 10A and 10B).
Regarding Claim 26, Patterson, in view of Prakash, teaches the limitations of claim 8. Patterson, in view of Prakash, further teaches sending to the hardware security module a data package that includes data specifying the policy, including the quorum, and a public key associated with each said at least one user device (“At step 445, the computing device may determine if responses meet one or more criteria for authenticating the identity of the requestor. For example, a system may evaluate responses against an approval threshold and transmit an authentication response to a requesting device based on that determination. Any suitable criteria may be used. For example, the system may check to see if a plurality of authorizers who were messaged responded with “confirm” indications. In another example, the device may check to see if any authenticators responded with “deny” indications. In another example, the device may check to determine whether more 
Regarding Claim 29, Patterson, in view of Prakash, teaches the limitations of claim 28. Patterson, in view of Prakash, further teaches comprising a relay server to isolate the security module from the Internet (interpreting the relay server as a component of the device comprising the security module: See Prakash referencing Figure 4, RN 410).
Regarding Claim 31, Patterson, in view of Prakash, teaches the limitations of claim 28. Patterson, in view of Prakash, further teaches to cause an endorsement request message to be transmitted to each of a plurality of mobile devices, (“Action specific information may be configured. Also, the computing device may obtain information describing a request or task to be performed. Using the information gathered, the computing device may determine how to proceed with the action. For example, one task may require a first authorization group, while a second task may require a second authorization group. In some embodiments, each action may have a particular authorization group. In some instances, an authorization group may comprise one or more tiers relevant to a given action. Within each authorization group, there may be one or more individual authorizing members. An authorization group or an authorizing member may be an authorizer for an action request. In some embodiments, different action requests or tasks may have different associated authorization groups within a larger pool of authorizing members. Action requests from different requesters may have different authorization groups. In some  each endorsement request message being configured to cause the receiving mobile device to prompt a corresponding user to endorse the requested transaction. (“FIG. 10B depicts an illustrative example of an action request screen that might be presented to an authorizing member. In response to an action request, an authorizing member may be presented with a screen 1011, notifying them that the requestor has requested an action and that an authorization response has been requested.” See Patterson in [0088] referencing Figures 10A and 10B)
Regarding Claim 32, Patterson, in view of Prakash, teaches the limitations of claim 28. Patterson, in view of Prakash, further teaches 
generate the private key associated with the digital asset as part of a public-private key pair associated with the digital asset; (“A management system server computer in a cryptocurrency payment network may generate and assign a unique key pair for each node in the cryptocurrency payment network.” See Patterson in [0029]; “In some embodiments, the digital asset account manager 412 may be configured to cause the processor 404 to generate, store, and/or distribute a public and/or private key of a key pair associated with a user. The key pair may be stored 
provide a public key of the public-private key pair associated with the digital asset to a computer system that is external to the hardware security module; (“By way of example, digital asset service provider computer 110 may be configured to receive transfer requests indicating a user's desire to transfer a particular amount of fiat currency to another user. In some embodiments, the digital asset service provider computer 110 may be configured to validate the transfer request using authentication information received in the transfer request (e.g., a digital signature of the first user). The digital asset service provider computer 110 may be configured to transmit a transaction request to financial institution computer 114.” See Prakash in [0056]) and
maintain the private key of the public-private key pair associated with the digital asset in a storage within the hardware security module and prevent the private key of the public-private key pair associated with the digital asset cannot from being read by any entity that is external to the hardware security module. (“Embodiments of the present invention are directed to a cryptocurrency system that enables 

Claims 12, 30 and 36 are rejected under 35 U.S.C. 103 as being unpatentable over Patterson, in view of Prakash, and further in view of Ovick (US 2014/0040051, hereinafter “Ovick”).
Regarding Claims 12 and 36, Patterson, in view of Prakash, teaches the limitations of claim 8. Patterson, in view of Prakash, does not expressly teach causing a user device of at least one of the users to output a deterministic authentication challenge to the corresponding user, wherein a content of the deterministic authentication challenge is based on a context of the requested transaction.
However, Ovick further teaches causing a user device of at least one of the users to output a deterministic authentication challenge to the corresponding user, wherein a content of the deterministic authentication challenge is based on a context of the requested transaction
It would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to include in the teachings of Patterson “deterministic authentication”, as taught by Ovick, because it adds a fraud detection level to the authentication process of Patterson that will prevent attacks from a customer device or a merchant device during or after the transactions are effected.
Regarding Claim 30, Patterson, in view of Prakash, teaches the limitations of claim 28. Patterson, in view of Prakash, does not expressly teach a risk analysis module to assign a risk score to the requested transaction.
However, Ovick further teaches a risk analysis module to assign a risk score to the requested transaction (“The transaction handler (103), the issuer processor (145), and the acquirer processor (147) may each include a subsystem to identify the risk in the transaction and may reject the transaction based on the risk assessment.” See Ovick in [0383]).
It would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to include in the teachings of Patterson “risk assessment module”, as taught by Ovick, because it adds a fraud detection level to the authentication process of Patterson that will prevent attacks from a customer device or a merchant device during or after the transactions are effected.

Claim 27 is rejected under 35 U.S.C. 103 as being unpatentable over Patterson, in view of Prakash, in view of Ovick.
Regarding Claim 27, Patterson teaches 
receiving, at a server computer system from a user device via a public computer network, a transaction request for a requested transaction […]; (“At step 310, the computing device may receive an action request initiated by a requester. For example, a requester may request to perform an action and trigger an authorization process.” See Patterson in [0050])
in response to the transaction request, invoking [an authentication determination] of the requested transaction; (interpreted as triggering the action for authentication: “At step 315, the computing device may determine whether authentication of the requesting user is needed for the requested action.” See Patterson in [0051])
accessing, by the server computer system, a stored policy […], (interpreted as identifying the rules for authentication: “The computing device may consult a table to obtain parameters for the requested action. The parameters may include an indication of whether authentication is required for that action, and, if so, what type of authentication is required and/or how it should be done.” See Patterson in [0051]; “FIG. 10B depicts an illustrative example of an action request screen that might be presented to an authorizing member. In response to an action request, an authorizing member may be presented with a screen 1011, notifying them that the requestor has requested an action and that an authorization response has been requested.” See Patterson in [0088])
the policy specifying a quorum of a plurality of users required for authorization of the transaction; (quorum based on request: “Action specific information may be configured. Also, the computing device may obtain information describing a request 
causing, by the server computer system, an endorsement request message to be transmitted to each of a plurality of mobile devices, (the term “causing” does not move to distinguish over the prior art, as shown in Patterson in [0047]) each of the mobile devices being associated with a different one of the plurality of users, each endorsement request message being configured to cause the receiving mobile device to prompt a corresponding user to endorse the requested transaction; (as shown in Patterson in [0088] referencing Figures 10A and 10B)
receiving, at the server computer system, an endorsement message from at least one of the mobile devices, ([0058] “At step 420, the computing device may obtain an authentication group for a request. Authentication groups are discussed further in FIG. 19. At step 425, a computing device may message one or more authenticators. In some instances, the authenticators may comprise the user. In other instances, authenticators may be authenticating members designated to be part of a first tier of the authentication group. In some embodiments, a message may comprise a data transmission communicated over a network. For instance, a message may be a social networking message sent through the network 209. In another example, messages may be sent via text message.” …[0060] “At step 433, the computing device may score a response. The computing device may tally different categories of responses. For example, the device may evaluate a number of “confirm” or “deny” inputs. After scoring the responses, the computing device may then proceed to step 435.” See Patterson in [0058]-[0060]) 
each endorsement message indicative of an endorsement of the requested transaction by a user using a corresponding one of the mobile devices, each endorsement message having been signed by the corresponding mobile device with a private key stored in a secure storage in the corresponding mobile device; (as referenced in Patterson in Figures 10A and 10B)
storing, in a hardware security module that has no direct connection to any public computer network, [transaction associated information]; (“…the authorization system 603 may compile information related to the task, contextual information related to the task, information stored in a server relating to performing an authorization, or any other task information that may be relevant to the authorization system 603. For example, information related to the task may include the name of a requester, the action to be authorized, the state of authorization equipment, or some similar information. Contextual information may include the time of day, the location of a requester or a device, the status of a home security system, a network status, or the status of a social media network. A server may store information such as biometric information for a requester, information related to previous requests, software to be run on the server, or any other such information.” See Patterson in [0076])
determining, by the hardware security module, whether a valid endorsement has been received from each of two or more of the mobile devices in satisfaction of the quorum specified in the policy, [by using a criteria threshold]; (“At step 445, the computing device may determine if responses meet one or more criteria for authenticating the identity of the requestor. For example, a system may evaluate responses against an approval threshold and transmit an authentication response to a requesting device based on that determination. Any suitable criteria may be used. For example, the system may check to see if a plurality of authorizers who were messaged responded with “confirm” indications. In another example, the device may check to see if any authenticators responded with “deny” indications. In another and
only if […] a valid endorsement of the requested transaction has been received from each of two or more of the mobile devices in satisfaction of the quorum, then authorizing the transaction by using the hardware security module to sign an approval of the requested transaction […]. (“At step 615, the authorization system 603 may evaluate received responses and/or other compiled information against criteria. At step 616, the authorization system 603 may transmit a determination based on the criteria to authorizing device 602. At step 617, the authorizing device 602 may perform a task based on the determination. For example, the authorizing device 602 may perform the task attempted by the requester, or it may perform some other task, such as denying the attempted task. At step 618, the authorizing device 602 may inform the requester regarding the result of the authorization process. For example, the authorizing device 602 may cause information to be displayed to the requester explaining whether or not the attempted task may be performed. Also, the authorizing device 602 may inform the requester of the process or results from any of the proceeding steps. For example, the authorizing device might display a user interface to the requester and/or user stating that the request has been granted.” See Patterson [0076])
Patterson does not expressly teach transaction relating to a cryptoasset; policy associated with the cryptoasset; a private key associated with the cryptoasset, the private key being part of a public-private key pair associated with the cryptoasset; using a public key associated with the mobile device that sent each endorsement message to validate the corresponding endorsement message; and sign an approval with the private key associated with the cryptoasset.  
However, Prakash does teach 
transaction relating to a cryptoasset (“Embodiments of the present invention are directed to a cryptocurrency system that enables transactions to be performed between entities with digital assets corresponding to cryptocurrency amounts.” See Prakash in [0042]) 
policy associated with the cryptoasset (“The digital asset service provider computer may be configured to manage information related to digital asset transactions. For example, the digital asset service provider computer may store a ledger of transactions (e.g., a blockchain) over a network that records transaction data related to all transactions performed by users of the cryptocurrency system. The ledger of transactions may be updated each time a new transaction is conducted and the data stored in the ledger may serve as proof that digital assets were assigned to a certain user's digital asset account.” See Prakash in [0045])
a private key associated with the cryptoasset, the private key being part of a public-private key pair associated with the cryptoasset (“A management system server computer in a cryptocurrency payment network may generate and assign a unique key pair for each node in the cryptocurrency payment network.” See 
using a public key associated with the mobile device that sent each endorsement message to validate the corresponding endorsement message (“By way of example, digital asset service provider computer 110 may be configured to receive transfer requests indicating a user's desire to transfer a particular amount of fiat currency to another user. In some embodiments, the digital asset service provider computer 110 may be configured to validate the transfer request using authentication information received in the transfer request (e.g., a digital signature of the first user). The digital asset service provider computer 110 may be configured to transmit a transaction request to financial institution computer 114.” See Prakash in [0056])
sign an approval with the private key associated with the cryptoasset (“A private key associated with the user 502 (stored by application 510) may be 
It would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to include in the teachings of Patterson “transactions associated with cryptocurrency” and “use of public/private keys for validation and authentication associated with cryptocurrency”, as taught by Prakash, because the process of a blockchain network would improve the security of the authentication and authorization of the transactions.
Patterson, in view of Prakash, does not expressly teach a risk analysis and the risk analysis has determined that a level of risk associated with the requested transaction is below a threshold.  
However, Ovick does teach a risk analysis has determined that a level of risk is below a threshold ([0310] “In one embodiment, the portal (143) is configured to perform facial recognition and/or matching with images or facial characteristics of authorized users in the account information (142) to determine whether the customer making the payment is an authorized user. In one embodiment, the portal (143) may request the transaction terminal (105) to decline the payment, if a risk level associated with the fraudulent use of the consumer account (146) is above a threshold.” [0312] “In one embodiment, when the risk level of fraudulent use of the consumer account (146) is determined to be above a threshold, based on the spending pattern of the user (101) and/or other data, such as the 
It would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to include in the teachings of Patterson “risk analysis”, as taught by Ovick, to add a fraud detection level to the authentication that will prevent attacks from a customer device or a merchant device during or after the transactions are effected.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to EDGAR R MARTINEZ-HERNANDEZ whose telephone number is (571)270-0658.  The examiner can normally be reached on M-F from 9:00 am - 5:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant 
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JOHN W. HAYES can be reached on (571) 272-6708.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/ERM/Examiner, Art Unit 3685


/STEVEN S KIM/Primary Examiner, Art Unit 3685