DETAILED ACTION
1. 	This office action is response to an application No. 16/589,829 filed on 10/01/2019. Claims 1-19 are submitted for examination. Claims 1 and 10 are independent. 

Notice of Pre-AIA  or AIA  Status

2.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Priority

	3.	This application filed on 10/01/2019 is a continuation of PCT/CN2017/079351, filed 04/01/2017. The effective filling date for the subject matter defined in the pending claims of this application is 04/01/2017.
Information Disclosure Statement
4.	The information disclosure statements (IDS) submitted on 10/01/2019 has been considered. The submission is in compliance with the provisions of 37 CFR 1.97. Form PTO-1449 is signed and attached hereto.
Drawings
5.	The drawings filed on October 1ST, 2019 are accepted. 
Specification
6.	The specification filed on October 1ST, 2019 is also accepted.

Claim Objections
7.	Independent claim 1 is objected to because of the following informalities: Claim 1 on line 8, recites “the identity authentication information”. However since no identity authentication information is recited prior to this line on this claim, it should be instead corrected as/to “an identity authentication information”. The office interpreted this particular limitation likewise. 
  	Appropriate correction is required.
8.	Independent claim 10 is objected to because of the following informalities: Claim 10 on line 4, recites “the identity authentication information”. However since no “identity authentication information” is recited prior to this line on this claim, it should be instead corrected as/to “an identity authentication information”. The office interpreted this particular limitation likewise. 
  	Appropriate correction is required.
9.	Dependent claims 2-9 and 11-19 are objected likewise since they carry the deficiencies of the above parent claims. 

Claim Rejections - 35 USC § 102

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.


(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which 





10.	Claims 1-7 and 10-17 are rejected under 35 U.S.C. 102 (a)(1) and/or 102 (a) (2) as being anticipated by Colin Robert Macdonald (herein after referred as Macdonald) (US  Publication No. 2016/0335511 A1) (Nov 17, 2016)

As per independent claim 1, Macdonald discloses am identity authentication system [See figure 1, paragraph 0026-0027, systems and methods for improving remote authentication of a person based in part on identification of the person and identification of a prescribed authentication gesture in real-time image data. See FIG. 1, system 100 may include one or more service provider systems 110, one or more authentication systems 120, one or more client devices 130, one or more users 131, and a network 140] , comprising: 
an authentication terminal [See figure 1, client device 130] configured to issue an identity authentication request [FIG. 4 shows an exemplary authentication process 400 for authenticating a person according to the disclosed embodiments. Process 400 may be executed as part of an authentication instance initiated in response to any situation for authenticating a person. For example, in some embodiments, process 400 may be initiated in response to a user request to perform a transaction, access sensitive data, to enter a building or facility, or any other scenarios where authenticating a person may be desired]; and, an authentication server that is connected to the authentication terminal to receive the identity authentication request[See figure 4, 410, where the computing device 200 which can either be a service provider 110 or the authentication system 120 that corresponds to the claim limitation., “authentication server” receives an authentication request initiated by the client, provides a “prescribed authentication parameter” back to the client], configured to acquire one or more identity authentication scenarios from a plurality of authentication scenarios based on the identity authentication request[See paragraph 0059, where “the possible prescribed authentication parameters” that meets the claim limitation, “identity authentication scenario” selected from a plurality of authentication parameters acquired form the database based on the identity authentication request. “the prescribed authentication parameter may be determined or selected from a plurality of possible authentication parameters. In some embodiments, the plurality of possible authentication parameters may be provided as part of a database accessible to components of system 100 (shown or not shown). The prescribed authentication parameter may be dynamically generated or selected in response to initiation of an authentication instance. In some embodiments, the prescribed authentication parameter may be randomly selected from the database of possible authentication parameters”], and generate and transmit an authentication form after acquiring the authentication scenario [See paragraph 0056 and figure 4, 410 where the computing device 200 which can either be a service provider 110 or the authentication system 120 that corresponds to the claim limitation., “authentication server” generates and provides the “prescribed authentication parameter” from the possible authentication parameters that is needed to be provided by the client. This “prescribed authentication parameter” that the client needs to provide back to the server meets the claim limitation “authentication form”] ; wherein the authentication terminal is configured to submit the identity authentication information to the authentication server based on the authentication form [See at least figure 4, ref. 420, see paragraph 0060, Operation 420 may receive real-time image data of the person to be authenticated. In some embodiments, the real-time image data includes some identification of the prescribed authentication parameter and biometric information of the person to be authenticated. The real-time image data may be captured by camera 322 provided as part of client device 130 or a camera provided as an I/O device 220 as part of computing system 200], the identity authentication information includes basic user information and an authentication scenario image and video including a user [See figure 4, ref. 420 paragraph 0057-0058 and 0060, authentication parameters may incorporate an interaction with a facial feature, so as to require the person to point to their ear, chin, eye, etc. Other possible authentication parameters may incorporate a particular object, such as an identification card, credit card, keys, wallet, or some other readily accessible object to be captured in image data along with a biometric of the person to be authenticated. For example, an authentication parameter may define that the person to be authenticated is to hold up an identification card next to their cheek. If the biometric information to be captured in image data corresponds to a “signature” of hand movement or facial movement, for example, an authentication parameter may define a sequence of letters or words to be spoken or signed using the person's hand. If the biometric information to be captured in image data corresponds to a scan of a person's iris, the authentication parameter may incorporate a sequence of eye movements or blinks that may be captured in image data along with the iris information. Operation 420 may receive real-time image data of the person to be authenticated. In some embodiments, the real-time image data includes some identification of the prescribed authentication parameter and biometric information of the person to be authenticated. The real-time image data may be captured by camera 322 provided as part of client device 130 or a camera provided as an I/O device 220 as part of computing system 200], and the authentication server is further configured to authenticate the user's identity based on the identity authentication information [See figure 4, 430 and 450 and Paragraph 0061-0062, Operation 430 may execute one or more image data processing and analysis techniques to verify an identity of the person to be authenticated based on biometric information captured in the image data… As part of operation 430, an identity of a person may be determined based on a comparison of the analyzed image data with baseline data known to be associated with the person to be authenticated. See also paragraph 0064, Based on the results of operations 430 and 440, computing system 200 may determine, based on the captured image data, whether to authenticate the identified person as the source of the received image data (operation 450)]. 
		
		As per independent claim 10, independent claim 10 is rejected for the same reason as that of the above independent claim 1.

As per dependent claim 2 Macdonald discloses a method/system as applied to claims above. Furthermore Macdonald discloses the method wherein the authentication scenario includes a video in which the user is reading a passage upon a request, or wherein the authentication scenario includes a video in which the user is holding an identification card and moving it relative to a face image of the user. [See at least paragraph 0058, 0061 and 0065… Some authentication parameters may incorporate an interaction with a facial feature, so as to require the person to point to their ear, chin, eye, etc. Other possible authentication parameters may incorporate a particular object, such as an identification card, credit card, keys, wallet, or some other readily accessible object to be captured in image data along with a biometric of the person to be authenticated. For example, an authentication parameter may define that the person to be authenticated is to hold up an identification card next to their cheek. If the biometric information to be captured in image data corresponds to a “signature” of hand movement or facial movement, for example, an authentication parameter may define a sequence of letters or words to be spoken or signed using the person's hand. If the biometric information to be captured in image data corresponds to a scan of a person's iris, the authentication parameter may incorporate a sequence of eye movements or blinks that may be captured in image data along with the iris information. The disclosed embodiments are not limited to the above examples. Other authentication parameters are contemplated by the present disclosure. See also paragraph 0061, The particular image processing techniques implemented may depend on the nature of the received image data, as well as the nature of the biometric information captured in the image data. In some embodiments, the identity of a person may be determined based on facial recognition techniques to identify distinct facial features of a person's face captured in the image data. Other image processing techniques may be used to identify a user's fingerprint, or a pattern of a person's iris, or other biometric information identifiable in the image data. Other biometric information may include uniquely identifying information associated with a user such as a “signature” pattern of facial changes or contortions associated with speech, or a “signature” of hand movements associated with performing certain gestures. For example, a person may be identified based on the unique combination or “signature” of facial changes when speaking certain letters, words, or sounds. People may also be identified based on the unique hand or finger positioning patterns when making certain gestures. The disclosed embodiments may generally determine the identity of a person based on any suitable biometric information that may be captured in image data with a prescribed authentication parameter.], 

		As per dependent claim 11, dependent claim 11 is rejected for the same reason as that of the above dependent claim 2.

		As per dependent claim 3 Macdonald discloses a method/system as applied to claims above. Furthermore Macdonald discloses the method/system wherein the authentication scenario includes an image in which the identification card held by the user has a positional relationship with the face image of the user [See at least paragraph 0057, the prescribed authentication gesture may incorporate motion, such that the gesture may be identified in a video image. The prescribed authentication gesture may define some relationship of both a static gesture along with motion. See also paragraph 0058, 0061 and 0065… Some authentication parameters may incorporate an interaction with a facial feature, so as to require the person to point to their ear, chin, eye, etc. Other possible authentication parameters may incorporate a particular object, such as an identification card, credit card, keys, wallet, or some other readily accessible object to be captured in image data along with a biometric of the person to be authenticated. For example, an authentication parameter may define that the person to be authenticated is to hold up an identification card next to their cheek. If the biometric information to be captured in image data corresponds to a “signature” of hand movement or facial movement, for example, an authentication parameter may define a sequence of letters or words to be spoken or signed using the person's hand. If the biometric information to be captured in image data corresponds to a scan of a person's iris, the authentication parameter may incorporate a sequence of eye movements or blinks that may be captured in image data along with the iris information. The disclosed embodiments are not limited to the above examples. Other authentication parameters are contemplated by the present disclosure. ]

As per dependent claim 12, dependent claim 12 is rejected for the same reason as that of the above dependent claim 3.


		As per dependent claim 4 Macdonald discloses a method/system as applied to claims above. Furthermore Macdonald discloses the method/system wherein the authentication scenario includes items other than the user's identification card [See also paragraph 0058, 0061 and 0065… Some authentication parameters may incorporate an interaction with a facial feature, so as to require the person to point to their ear, chin, eye, etc. Other possible authentication parameters may incorporate a particular object, such as an identification card, credit card, keys, wallet, or some other readily accessible object to be captured in image data along with a biometric of the person to be authenticated. For example, an authentication parameter may define that the person to be authenticated is to hold up an identification card next to their cheek. If the biometric information to be captured in image data corresponds to a “signature” of hand movement or facial movement, for example, an authentication parameter may define a sequence of letters or words to be spoken or signed using the person's hand. If the biometric information to be captured in image data corresponds to a scan of a person's iris, the authentication parameter may incorporate a sequence of eye movements or blinks that may be captured in image data along with the iris information. The disclosed embodiments are not limited to the above examples. Other authentication parameters are contemplated by the present disclosure] and an image of the other items having a positional relationship with respect to an image of the user [See at least paragraph 0049, client device 130 may include a camera 322 and/or a Global Positioning System (GPS) unit 324. Camera 322 may include any device capable of capturing image data in the form of a single frame still image or a video image. In some embodiments, GPS 324 may enable client device 130 to transmit location data that may be used to assist in the authentication of a user 131 operating client device 130. See also paragraph 0061, For example, a person may be identified based on the unique combination or “signature” of facial changes when speaking certain letters, words, or sounds. People may also be identified based on the unique hand or finger positioning patterns when making certain gestures. The disclosed embodiments may generally determine the identity of a person based on any suitable biometric information that may be captured in image data with a prescribed authentication parameter.]

As per dependent claim 13, dependent claim 13 is rejected for the same reason as that of the above dependent claim 4.

As per dependent claim 5 Macdonald discloses a method/system as applied to claims above. Furthermore Macdonald discloses the method/system wherein the identity authentication information further includes an electronic signature or an electronic stamp of the user [See at least paragraph 0058, For example, an authentication parameter may define that the person to be authenticated is to hold up an identification card next to their cheek. If the biometric information to be captured in image data corresponds to a “signature” of hand movement or facial movement, for example, an authentication parameter may define a sequence of letters or words to be spoken or signed using the person's hand. See also paragraph 0061, Other biometric information may include uniquely identifying information associated with a user such as a “signature” pattern of facial changes or contortions associated with speech, or a “signature” of hand movements associated with performing certain gestures] 

As per dependent claim 14, dependent claim 14 is rejected for the same reason as that of the above dependent claim 5.

As per dependent claim 6 Macdonald discloses a method/system as applied to claims above. Furthermore Macdonald discloses the method/system wherein the authentication server is connected [See at least figure 1, where the computing device 200 that meets the claim limitation the server which could be a service provider 110 or the authentication system 120 which can remotely authenticate the user of the client device 130] to an identification card query system to authenticate the user's identification card information [See also paragraph 0058, 0061 and 0065… Some authentication parameters may incorporate an interaction with a facial feature, so as to require the person to point to their ear, chin, eye, etc. Other possible authentication parameters may incorporate a particular object, such as an identification card, credit card, keys, wallet, or some other readily accessible object to be captured in image data along with a biometric of the person to be authenticated. For example, an authentication parameter may define that the person to be authenticated is to hold up an identification card next to their cheek. If the biometric information to be captured in image data corresponds to a “signature” of hand movement or facial movement, for example, an authentication parameter may define a sequence of letters or words to be spoken or signed using the person's hand. If the biometric information to be captured in image data corresponds to a scan of a person's iris, the authentication parameter may incorporate a sequence of eye movements or blinks that may be captured in image data along with the iris information. The disclosed embodiments are not limited to the above examples. Other authentication parameters are contemplated by the present disclosure]. 

As per dependent claim 17, dependent claim 17 is rejected for the same reason as that of the above dependent claim 6.

As per dependent claim 7 Macdonald discloses a method/system as applied to claims above. Furthermore Macdonald discloses the method/system wherein the authentication terminal [See figure 1, ref. 120, “client device”] and the authentication server [where the computing device 200 that meets the claim limitation the authentication server which could be a service provider 110 or the authentication system 120 which can remotely authenticate the user of the client device 130]  are communicatively connected by a fixed wire, Bluetooth, infrared, Wi-Fi, or a mobile communication network [See figure 1, ref. 140, “network”. See at least paragraph 0032, Network 140 may comprise any type of computer networking arrangement configured to provide communications or exchange data, or both, between components of system 100. For example, network 140 may include any type of network (including infrastructure) that provides communications, exchanges information, and/or facilitates the exchange of information, such as the Internet, a private data network, a virtual private network using a public network, a Wi-Fi network, a LAN or WAN network, and/or other suitable connections that may enable information exchange among various components of system 100. Network 140 may also include a public switched telephone network (“PSTN”) and/or a wireless cellular network. Network 140 may be a secured network or unsecured network.] 


As per dependent claim 15 Macdonald discloses a method/system as applied to claims above. Furthermore Macdonald discloses the method/system wherein the authentication terminal issues the identity authentication request by using an application installed on the authentication terminal [See figure 3, Program 350 and paragraph 0028, client device 130 includes executable software instructions provided as part of an application or app associated with a service provider, such as, for example, a financial service provider for performing operations associated with a financial service account. In some embodiments, the disclosed authentication methods may be performed in association with the financial service application. See paragraph 0052-0053, client device 130 may have a financial service application 352 installed thereon, which may enable client device 130 to communicate with service provider system 110, which may be associated with a financial entity, via network 140 and perform aspects of the disclosed authentication methods. For example, client device 130 may connect to service provider system 110 and/or authentication system 120 through use of browser software to access account information and perform certain transactions associated with a financial service account. In some embodiments, the disclosed authentication methods may be initiated in response to user interaction with a financial service application 352 executed on client device 130. Certain aspects of the disclosed authentication methods may be provided as part of financial service application 352 to authenticate user 131 prior to performing certain actions…, programs 350 or financial service application 352 may include one or more additional software modules including sets of instructions for performing particular aspects of the authentication methods. For example, in some embodiments, programs 350 may include an authentication instance module 354 and an image capture module 356. Authentication instance module 354 may include a set of instructions defining an interface and for selecting a prescribed authentication gesture, as well other operations of the disclosed authentication methods. Image capture module 356 may include a set of instructions for activating and implementing the functionality of camera 322. Image capture module 356 enables the disclosed systems to control operation of camera 322 as part of the exemplary authentication methods, as described in further detail below. In some embodiments, authentication instance module 354 and image capture module 356 may be accessible by financial service application 352 to perform the disclosed authentication methods in association with a mobile or remote banking transaction. ].
As per dependent claim 16 Macdonald discloses a method/system as applied to claims above. Furthermore Macdonald discloses the method/system wherein the authentication terminal accesses the identity authentication system through a web browser and issues the identity authentication request by triggering one or more buttons on an identity authentication interface provided by the identity authentication system [See figure 1 and figure 3 and at least paragraph 0046-0047, client device 130 may execute browser or related mobile display software that generates and displays interfaces including content on a display device included in, or in communication with, client device 130. Client device 130 may be a mobile device that executes mobile device applications and/or mobile device communication software that allows client device 130 to communicate with service provider system 110 or authentication system 120 and other components over network 140. Client device 130 may also include communication software that, when executed by a processor, provides communications with network 140, such as Web browser software, tablet or smart handheld device networking software, etc. See also See paragraph 0052-0053, client device 130 may have a financial service application 352 installed thereon, which may enable client device 130 to communicate with service provider system 110, which may be associated with a financial entity, via network 140 and perform aspects of the disclosed authentication methods. For example, client device 130 may connect to service provider system 110 and/or authentication system 120 through use of browser software to access account information and perform certain transactions associated with a financial service account. In some embodiments, the disclosed authentication methods may be initiated in response to user interaction with a financial service application 352 executed on client device 130.] 

Claim Rejections - 35 USC § 103
11.	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
12.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

13.	The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

	Examiner’s note: text in bold corresponds to the claimed limitations; text in italics underlined or not underlined correspond to the cited prior art reference (i.e., verbatim, and/or examiner’s clarification. Meaning, text after a limitation in brackets [ ] corresponds to examiner’s mapping 
14.	Claims 8-9 and 18-19 are rejected under AIA  35 U.S.C. 103 as being unpatentable over Colin Robert Macdonald (herein after referred as Macdonald) (US  Publication No. 2016/0335511 A1) (Nov 17, 2016) in view of Zhexuan Song (hereinafter referred as Song) (US Publication No.  2009/0235068 A1) (Sep. 17, 2009) 

As per dependent claim 8, Macdonald discloses am identity authentication system [See figure 1, paragraph 0026-0027, systems and methods for improving remote authentication of a person based in part on identification of the person and identification of a prescribed authentication gesture in real-time image data. See FIG. 1, system 100 may include one or more service provider systems 110, one or more authentication systems 120, one or more client devices 130, one or more users 131, and a network 140] , comprising: 
an authentication terminal [See figure 1, client device 130] configured to issue an identity authentication request [FIG. 4 shows an exemplary authentication process 400 for authenticating a person according to the disclosed embodiments. Process 400 may be executed as part of an authentication instance initiated in response to any situation for authenticating a person. For example, in some embodiments, process 400 may be initiated in response to a user request to perform a transaction, access sensitive data, to enter a building or facility, or any other scenarios where authenticating a person may be desired]; and, an authentication server that is connected to the authentication terminal to receive the identity authentication request[See figure 4, 410, where the computing device 200 which can either be a service provider 110 or the authentication system 120 that corresponds to the claim limitation., “authentication server” receives an authentication request initiated by the client, provides a “prescribed authentication parameter” back to the client], configured to acquire one or more identity authentication scenarios from a plurality of authentication scenarios based on the identity authentication request[See paragraph 0059, where “the possible prescribed authentication parameters” that meets the claim limitation, “identity authentication scenario” selected from a plurality of authentication parameters acquired form the database based on the identity authentication request. “the prescribed authentication parameter may be determined or selected from a plurality of possible authentication parameters. In some embodiments, the plurality of possible authentication parameters may be provided as part of a database accessible to components of system 100 (shown or not shown). The prescribed authentication parameter may be dynamically generated or selected in response to initiation of an authentication instance. In some embodiments, the prescribed authentication parameter may be randomly selected from the database of possible authentication parameters”], and generate and transmit an authentication form after acquiring the authentication scenario [See paragraph 0056 and figure 4, 410 where the computing device 200 which can either be a service provider 110 or the authentication system 120 that corresponds to the claim limitation., “authentication server” generates and provides the “prescribed authentication parameter” from the possible authentication parameters that is needed to be provided by the client. This “prescribed authentication parameter” that the client needs to provide back to the server meets the claim limitation “authentication form”] ; wherein the authentication terminal is configured to submit the identity authentication information to the authentication server based on the authentication form [See at least figure 4, ref. 420, see paragraph 0060, Operation 420 may receive real-time image data of the person to be authenticated. In some embodiments, the real-time image data includes some identification of the prescribed authentication parameter and biometric information of the person to be authenticated. The real-time image data may be captured by camera 322 provided as part of client device 130 or a camera provided as an I/O device 220 as part of computing system 200], the identity authentication information includes basic user information and an authentication scenario image and video including a user [See figure 4, ref. 420 paragraph 0057-0058 and 0060, authentication parameters may incorporate an interaction with a facial feature, so as to require the person to point to their ear, chin, eye, etc. Other possible authentication parameters may incorporate a particular object, such as an identification card, credit card, keys, wallet, or some other readily accessible object to be captured in image data along with a biometric of the person to be authenticated. For example, an authentication parameter may define that the person to be authenticated is to hold up an identification card next to their cheek. If the biometric information to be captured in image data corresponds to a “signature” of hand movement or facial movement, for example, an authentication parameter may define a sequence of letters or words to be spoken or signed using the person's hand. If the biometric information to be captured in image data corresponds to a scan of a person's iris, the authentication parameter may incorporate a sequence of eye movements or blinks that may be captured in image data along with the iris information. Operation 420 may receive real-time image data of the person to be authenticated. In some embodiments, the real-time image data includes some identification of the prescribed authentication parameter and biometric information of the person to be authenticated. The real-time image data may be captured by camera 322 provided as part of client device 130 or a camera provided as an I/O device 220 as part of computing system 200], and the authentication server is further configured to authenticate the user's identity based on the identity authentication information [See figure 4, 430 and 450 and Paragraph 0061-0062, Operation 430 may execute one or more image data processing and analysis techniques to verify an identity of the person to be authenticated based on biometric information captured in the image data… As part of operation 430, an identity of a person may be determined based on a comparison of the analyzed image data with baseline data known to be associated with the person to be authenticated. See also paragraph 0064, Based on the results of operations 430 and 440, computing system 200 may determine, based on the captured image data, whether to authenticate the identified person as the source of the received image data (operation 450)]. 
		
Macdonald substantially discloses all the limitation recited in the claim. However doesn’t explicitly disclose the following claim limitation recited in claim 8:
“wherein the authentication terminal further performs an encryption processing on the identity authentication information before transmitting the identity authentication information”. 

Song on paragraph 0024 and 0031 discloses the following which meets the above claim limitation.

Security chip 220 may generally be a client side device for facilitating secure communications between a communication device 30 and service provider 60 (illustrated in FIG. 1). As illustrated, security chip 220 includes a processor 230 and a memory 240. In general, security chip 220 may encrypt and decrypt messages and other communications using a private key associated with a particular user and/or communication device 30. More particularly, security chip 220 may generate and sign a digital certificate request, send the request to a verification server 40 (shown in FIG. 1), and forward the digital certificate to the service provider. In operation, biometric information file 246 may be stored at verification server 60. In such case, the biometric information may be encrypted and transmitted to verification server 50 which may authenticate the identity of the user in a manner similar to that described. 

Macdonald and Song are analogous arts and are in the same field of endeavor as they both pertain to authenticate using a biometric data. 

It would have been obvious to one having ordinary skill in the art, before the effective filing of the claimed invention, to implement in the system of Macdonald, a mechanism to add the feature such as “the authentication terminal further performs an encryption processing on the identity authentication information before transmitting the identity authentication information” as taught by Song because this would enhance the security of the system by preventing reading or eavesdropping on the biometric indentify authentication data that is either communicated between the client and the authentication server or stored in the authentication server. [See Song, at least paragraph 0002 and 0031]

As per dependent claim 18, dependent claim 18 is rejected for the same reason as that of the above dependent claim 8.

As per dependent claim 9, Macdonald discloses am identity authentication system [See figure 1, paragraph 0026-0027, systems and methods for improving remote authentication of a person based in part on identification of the person and identification of a prescribed authentication gesture in real-time image data. See FIG. 1, system 100 may include one or more service provider systems 110, one or more authentication systems 120, one or more client devices 130, one or more users 131, and a network 140] , comprising: 
an authentication terminal [See figure 1, client device 130] configured to issue an identity authentication request [FIG. 4 shows an exemplary authentication process 400 for authenticating a person according to the disclosed embodiments. Process 400 may be executed as part of an authentication instance initiated in response to any situation for authenticating a person. For example, in some embodiments, process 400 may be initiated in response to a user request to perform a transaction, access sensitive data, to enter a building or facility, or any other scenarios where authenticating a person may be desired]; and, an authentication server that is connected to the authentication terminal to receive the identity authentication request[See figure 4, 410, where the computing device 200 which can either be a service provider 110 or the authentication system 120 that corresponds to the claim limitation., “authentication server” receives an authentication request initiated by the client, provides a “prescribed authentication parameter” back to the client], configured to acquire one or more identity authentication scenarios from a plurality of authentication scenarios based on the identity authentication request[See paragraph 0059, where “the possible prescribed authentication parameters” that meets the claim limitation, “identity authentication scenario” selected from a plurality of authentication parameters acquired form the database based on the identity authentication request. “the prescribed authentication parameter may be determined or selected from a plurality of possible authentication parameters. In some embodiments, the plurality of possible authentication parameters may be provided as part of a database accessible to components of system 100 (shown or not shown). The prescribed authentication parameter may be dynamically generated or selected in response to initiation of an authentication instance. In some embodiments, the prescribed authentication parameter may be randomly selected from the database of possible authentication parameters”], and generate and transmit an authentication form after acquiring the authentication scenario [See paragraph 0056 and figure 4, 410 where the computing device 200 which can either be a service provider 110 or the authentication system 120 that corresponds to the claim limitation., “authentication server” generates and provides the “prescribed authentication parameter” from the possible authentication parameters that is needed to be provided by the client. This “prescribed authentication parameter” that the client needs to provide back to the server meets the claim limitation “authentication form”] ; wherein the authentication terminal is configured to submit the identity authentication information to the authentication server based on the authentication form [See at least figure 4, ref. 420, see paragraph 0060, Operation 420 may receive real-time image data of the person to be authenticated. In some embodiments, the real-time image data includes some identification of the prescribed authentication parameter and biometric information of the person to be authenticated. The real-time image data may be captured by camera 322 provided as part of client device 130 or a camera provided as an I/O device 220 as part of computing system 200], the identity authentication information includes basic user information and an authentication scenario image and video including a user [See figure 4, ref. 420 paragraph 0057-0058 and 0060, authentication parameters may incorporate an interaction with a facial feature, so as to require the person to point to their ear, chin, eye, etc. Other possible authentication parameters may incorporate a particular object, such as an identification card, credit card, keys, wallet, or some other readily accessible object to be captured in image data along with a biometric of the person to be authenticated. For example, an authentication parameter may define that the person to be authenticated is to hold up an identification card next to their cheek. If the biometric information to be captured in image data corresponds to a “signature” of hand movement or facial movement, for example, an authentication parameter may define a sequence of letters or words to be spoken or signed using the person's hand. If the biometric information to be captured in image data corresponds to a scan of a person's iris, the authentication parameter may incorporate a sequence of eye movements or blinks that may be captured in image data along with the iris information. Operation 420 may receive real-time image data of the person to be authenticated. In some embodiments, the real-time image data includes some identification of the prescribed authentication parameter and biometric information of the person to be authenticated. The real-time image data may be captured by camera 322 provided as part of client device 130 or a camera provided as an I/O device 220 as part of computing system 200], and the authentication server is further configured to authenticate the user's identity based on the identity authentication information [See figure 4, 430 and 450 and Paragraph 0061-0062, Operation 430 may execute one or more image data processing and analysis techniques to verify an identity of the person to be authenticated based on biometric information captured in the image data… As part of operation 430, an identity of a person may be determined based on a comparison of the analyzed image data with baseline data known to be associated with the person to be authenticated. See also paragraph 0064, Based on the results of operations 430 and 440, computing system 200 may determine, based on the captured image data, whether to authenticate the identified person as the source of the received image data (operation 450)]. 
		
Macdonald substantially discloses all the limitation recited in the claim. However doesn’t explicitly disclose the following claim limitation recited in claim 9:
“wherein the identity authentication information is encrypted by using an encryption technique in the process of transmitting the identity authentication information to the authentication server”. 

Song on paragraph 0024 and 0031 discloses the following which meets the above claim limitation.

Security chip 220 may generally be a client side device for facilitating secure communications between a communication device 30 and service provider 60 (illustrated in FIG. 1). As illustrated, security chip 220 includes a processor 230 and a memory 240. In general, security chip 220 may encrypt and decrypt messages and other communications using a private key associated with a particular user and/or communication device 30. More particularly, security chip 220 may generate and sign a digital certificate request, send the request to a verification server 40 (shown in FIG. 1), and forward the digital certificate to the service provider. In operation, processor 230 may verify and/or authenticate the identity of a user of communication device 30 by comparing the output of biometric acquisition device 40 with one or more profiles stored in biometric information file 246. As one example, if the identity of a user is to be verified based on a fingerprint, then biometric acquisition device 40 may scan and output the fingerprint of the user. Processor 230 may thereby compare the outputted fingerprint information with one or biometric information file 246 may be stored at verification server 60. In such case, the biometric information may be encrypted and transmitted to verification server 50 which may authenticate the identity of the user in a manner similar to that described. 

Macdonald and Song are analogous arts and are in the same field of endeavor as they both pertain to authenticate using a biometric data. 

It would have been obvious to one having ordinary skill in the art, before the effective filing of the claimed invention, to implement in the system of Macdonald, a mechanism to add the feature such as “wherein the identity authentication information is encrypted by using an encryption technique in the process of transmitting the identity authentication information to the authentication server” as taught by Song because this would enhance the security of the system by preventing reading or eavesdropping on the biometric identity authentication data that is either communicated between the client and the authentication server or stored in the authentication server. [See Song, at least paragraph 0002 and 0031]

As per dependent claim 19, dependent claim 19 is rejected for the same reason as that of the above dependent claim 9.

Conclusion

15.	The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
A. 	US Publication No. 2017/0180362 A1 or US Patent No. 10/601,821 B2 to Du discloses a terminal, and a server for identity authentication are disclosed. The method includes: receiving dynamic face authentication prompt information sent by a server during identity authentication of a user; obtaining gesture recognition information of the dynamic face authentication prompt information by recognizing a facial gesture presented by the user; and sending the gesture recognition information to the server to enable the server to confirm that the identity authentication is successful for the user in response to verifying that the gesture recognition information is consistent with the dynamic face authentication prompt information. Using the embodiments of the present application, a highly secure authentication can be performed on an identity of a user through dynamic face authentication. As compared with existing authentication methods using an authentication password, authentication information will not be stolen by a malicious third party, thus improving the reliability of authentication. Moreover, a user may be recognized as a live user through dynamic face authentication, thereby further improving the accuracy of identity authentication and reducing potential security risks during authentication.
B.	 US Publication No. 2016/0162729 A1 to Hagen discloses A system for identity verification using biometric data is provided. The system for identity verification using biometric data may automate handling and verification of identification documentation, such as government issued IDs, driver licenses, and passports. An image of an identification (ID) document may be received by the system for identity verification using biometric data. The See at least paragraph 0025]
C. 	US Publication No. 2018/0157815 A1 to Salama discloses a computerized methods and systems that facilitate two-factor authentication of a user based on a user-defined image and information identifying portions of the image sequentially selected by the user. In one aspect, a communications device presents a first digital image of a first user on a touchscreen display. The communications device may receive, from the first user, information identifying portions of the first digital image selected in accordance with a candidate authentication sequence established by the first user. The selected first image portions may, for example, be associated with 
In further embodiments, the exemplary two-factor authentication processes may also authenticate and verify an identity of user 110 (and of other users) based on location-based data detected by client device 110 and/or received from an external positioning system. For instance, client device 104 may execute software instructions that determine current geographic position of client device 104, and further, that interface with a mapping service provided by an external system or server (not depicted in FIG. 1) to identify one or more physical retailers or landmarks disposed proximate to the geographic position of client device 104. In some aspects, and upon detection of an authentication event, client device 104 may present a dialog box, pop-up window, or other interface element prompting user 110 to capture a candidate self-image that includes at least a portion of one of the physical retailers or landmarks. Furthermore, prior to when selecting the facial and/or physical features in accordance with the previously established sequence, client device 104 may also be configured to prompt user 110 to select at portion of the physical retailer or landmark.[See at least paragraph 0079]
D. 	US Publication No. 2012/0110341 A1 to Beigi discloses a system in which a person may use a Cellular (Mobile) Telephone, a PDA or any other handheld computer to make a purchase. This is an example only. The process may entail any type of transaction which requires authentication, such as any financial transaction, any access control (to account information, etc.), and any physical access scenario such as doubling for a passport or an access key to a 
E.  	See other cited prior arts.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SAMSON B LEMMA whose telephone number is 571-272-3806.  The examiner can normally be reached on M-F 8am-10pm.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor Yin-Chen Shaw can be reached on 571-272-8878.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).

/SAMSON B LEMMA/Primary Examiner, Art Unit 2498