DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
1.  This is in response to the communications filed on 31 March 2020.
2.  Claims 1-20 are pending in the application.
3.  Claims 1-20 have been allowed.
Information Disclosure Statement
4.  The examiner has considered the information disclosure statement (IDS) filed on 31 March 2020.
Claim Objections
5.  Claims 9 and 10 are objected to because of the following informalities:  improper dependency.  Dependent claims 9 and 10 depends upon itself.  For the sake examination, the examiner assumes that claim 9 depends upon independent claim 8 and dependent claim 10 depends upon claim 9.  Appropriate correction is required.
Allowable Subject Matter
6.  Claims 1-20 are allowed.
The following is an examiner’s statement of reasons for allowance:
The closest prior art to the current application is Lam et al US 2020/0052903 A1 (hereinafter Lam).  Lam is directed towards dynamically managing exchanges of data using a cryptographically secure distributed ledger and homomorphic commitments [abstract].  Lam teaches generating a public and private cryptographic keys based on an application of a hash function to a concatenation of the login and authentication credentials associated with a client device, either alone or further concatenated with a random number, during an initial registration of the client device with a management system [0016].  Lam teaches that data exchanges may also be digitally signed by the management system [0031].  However, the prior art does not disclose, teach or fairly suggest the limitations of “providing a redirect request with a protected request to obtain approval to perform the operation from an approval system, wherein the protected request comprises a random token combined with user authentication information that is protected using one or more of an encryption and a digital signature with a shared secret”, “receiving a protected request approval with the protected request, wherein the protected request approval was generated by the approval system using the shared secret” and “comparing the received protected request to a regenerated request generated using the user authentication information and one or more of the encryption and the digital signature with the shared secret”, as recited in independent claims 1, 8 and 15.
Any claims not directly addressed are allowed on the virtue of their dependency.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”
Relevant Prior Art
7.  The following references have been considered relevant by the examiner:
A.  Mohassel et al US 2021/0243026 A1 directed to password-based threshold authentication, which distributes the role of an authentication server among multiple servers [abstract].
B.  Uy et al US 2020/0412539 A1 directed to a device that includes a secure element or a secure environment that receives a token for authenticating a user that has an account with a service provider [abstract].
C.  Matovsky et al US 2020/0295939 A1 directed to securing systems from malicious attacks, and more particularly to performing hardware-backed password-based authentication to secure systems from offline malicious attacks [0001].
D.  Schneider US 2011/0131415 A1 directed to a hashed value that is computed from an encrypted password value and a displayed code value from a hardware token at a client [abstract].
E.  Mercredi et al US 2007/0101152 A1 directed to enabling token authentication by generating a secret key using manufacturer controlled information present on a token [abstract].
F.  Tidwell et al US 2006/0064588 A1 directed to mutual encryption of network nodes [abstract].
Conclusion
8.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to ARAVIND K MOORTHY whose telephone number is (571)272-3793. The examiner can normally be reached M-F 7:30-7:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on 571-272-4006. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/ARAVIND K MOORTHY/Primary Examiner, Art Unit 2492