Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


DETAILED ACTION

This communication is in response to applicant’s communication received on 7/22/20 and telephonic communication on 11/20/21.

The IDS received on 7/22/20 has been entered and the references cited within carefully considered.

Examiner Amendment
An Examiner’s Amendment to the record appears below.  Should the changes and/or additions be unacceptable to Applicant, an amendment may be filed as provided by 37 CFR 1.312.  To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the Issue Fee.

The following changes were authorized by Nick Panno in a telephone interview on 11/20/21.

Please cancel claims 7 and 18 and replace claims 1-6, 8-17 and 19-20 with the set of claims listed below:



(Currently Amended) An authentication system comprising:
	a server including at least one server hardware processor configured to execute an application; and
	a desktop virtualization system including at least one virtualization system hardware processor configured to: 
		instantiate a virtual desktop;
		authenticate a user of a client device by:
causing an authentication service to issue a one-time passcode for the user, 
receiving the one-time passcode from the client device, and
determining that the one-time passcode from the client device matches the one-time passcode issued by the authentication service;
		in response to authenticating the user of the client device, place the client device in communication with the virtual desktop through at least one network;
		launch a secure browser in the virtual desktop; 
		using the secure browser, place the client device in communication with the server through the at least one network;
		in response to at least one command from the client device sent through the secure browser of the virtual desktop:
			generate a one-time passcode, 
			establish a code word not communicated through the at least one network, and

		confirm entry of the one-time passcode and the code word by a user of the sender client device; and
		in response to confirming the entry, providing wire transfer instructions to the sender client device.

(Currently Amended) The authentication system of claim 1, further comprising the client device including at least one client hardware processor.

(Currently Amended) The authentication system of claim 2, wherein the at least one client hardware processor is configured to: 
	perform processing associated with authenticating the user and sending the at least one command; and
	prevent processing associated with tasks unrelated to the processing associated with authenticating the user and sending the at least one command.

(Currently Amended) The authentication system of claim 2, wherein the client device comprises at least one biometric sensor.

(Currently Amended) The authentication system of claim 4, wherein the at least one virtualization system hardware processor is further configured to authenticate the user by: 
	receiving biometric data from the at least one biometric sensor; and 
	determining that the biometric data matches known biometric data of the user.

(Currently Amended) The authentication system of claim 5, wherein the at least one virtualization system hardware processor is further configured to authenticate the user by:
	receiving additional credentials from the client device; and
	determining that the additional credentials match known credentials of the user.

(Canceled)
	
(Currently Amended) The authentication system of claim [[7]] 1, wherein the at least one virtualization system hardware processor is further configured to authenticate the user by:
	receiving additional credentials from the client device; and
	determining that the additional credentials match known credentials of the user.

(Currently Amended) The authentication system of claim 1, wherein the at least one virtualization system hardware processor is further configured to authenticate the user by: 
	receiving biometric data from the client device; and 
	determining that the biometric data matches known biometric data of the user.

(Currently Amended) The authentication system of claim 9, wherein the at least one virtualization system hardware processor is further configured to authenticate the user by:
	receiving additional credentials from the client device; and
	determining that the additional credentials match known credentials of the user.

(Currently Amended) The authentication system of claim 1, wherein the at least one server hardware processor is configured to:
	receive user authentication information from the secure browser; and
	prior to performing the processing in response to the at least one command, validating the user authentication information.

(Original) The authentication system of claim 1, wherein the message does not include the code word.

(Currently Amended) An authentication method comprising:
	instantiating, by at least one virtualization system hardware processor, a virtual desktop; 
	authenticating, by the at least one virtualization system hardware processor, a user of a client device, the authenticating comprising:
causing an authentication service to issue a one-time passcode for the user, 
receiving the one-time passcode from the client device, and
determining that the one-time passcode from the client device matches the one-time passcode issued by the authentication service;
	in response to authenticating the user of the client device, placing, by the at least one virtualization system hardware processor, the client device in communication with the virtual desktop through at least one network;
	launching, by the at least one virtualization system hardware processor, a secure browser in the virtual desktop; 
	using the secure browser, placing, by the at least one virtualization system hardware processor, the client device in communication with a server through the at least one network;
hardware processor, processing in response to at least one command from the client device sent through the secure browser of the virtual desktop, the processing including:
		generating a one-time passcode, 
		establishing a code word not communicated through the at least one network, and
		sending a message including the one-time passcode to a sender client device;
	confirming, by the at least one server hardware processor, entry of the one-time passcode and the code word by a user of the sender client device; and
	in response to confirming the entry, providing, by the at least one server hardware processor, wire transfer instructions to the sender client device.

(Currently Amended) The authentication method of claim 13, further comprising: 
	performing, by at least one client hardware processor, processing associated with authenticating the user and sending the at least one command; and
	preventing, by the at least one client hardware processor, processing associated with tasks unrelated to the processing associated with authenticating the user and sending the at least one command.

(Currently Amended) The authentication method of claim 13, 	wherein the authenticating further comprises: 
	receiving biometric data from the client device; and 
	determining that the biometric data matches known biometric data of the user.

(Original) The authentication system of claim 15, wherein the authenticating further comprises:

	determining that the additional credentials match known credentials of the user.

(Original) The authentication method of claim 15, further comprising collecting, by at least one biometric sensor of the client device, the biometric data.

(Canceled)
	
(Currently Amended) The authentication method of claim [[18]] 13, wherein the authenticating further comprises:
	receiving additional credentials from the client device; and
	determining that the additional credentials match known credentials of the user.

(Original) The authentication method of claim 13, wherein the message does not include the code word.

--

Allowed Claims
In light of applicant’s arguments/amendments and the examiner amendment authorized by applicant’s representative claims 1-6, 8-17 and 19-20 are allowed.

Applicant invention is directed towards a system providing a user of a client device to an application server via a secure browser in a virtual desktop that the client device is in communication with in response to authenticating the user and providing wire transfer 

The examiner considered various prior art addressing the virtualization systems allowing an authenticated user accessing network services.

The closest prior art, Dotan (UPSN 8701174 also cited in applicant’s submitted IDS) directed to upon user authentication in the virtualization system.  The system enforces access resources to once the user is authorized to the use of virtual desktop.  Once the initial authentication is completed no additional authentication credentials entered by the user and (at least some of them: code word) not communicated through a particular network, that then would allow a sender client device receive wire transfer instructions.

The examiner also noted Shoval (USPUB 20120042365) reference used in the corresponding PCT rejection.  

Shovan teaches user’s authentication prior to allowing the user accessing resources.  The reference utilizes visualization system and suggests multiple steps of the authentication but fails the place elements that could be equated to claimed elements in the claim in the proper context/order.  The examiner considered the limitation not only in light of the specification but also paid close attention to the claimed elements being conditionally connected to each other, especially while considering the antecedent basis in response to authenticating the user … place the client in communication with the virtual desktop … launch a secure browser in the virtual desktop … in response to … command from the client device sent through the secure browser … generate  … establish.. confirm …, in response to confirming the entry (by a user) ….  As such, the examiner concluded that Shovan fails to address the invention as presented in the independent claims 1 and 13 and the examiner asserted that Shovan/Dotan combination would be insufficient to address all the detailed limitations even if exercising various assumptions. 

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on statement of Reasons for Allowance”.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to Peter Poltorak whose telephone number is (571) 272-3840.  The examiner can normally be reached from Monday through Thursday from 9:00 until 5:00, and every other Friday from 9:00 until 5:00.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on (571) 272-3839. The fax phone number for the organization where this application or proceeding is assigned is (571) 273-8300. Any inquiry of a general nature or relating to the status of this application or proceeding 
/PIOTR POLTORAK/           Primary Examiner, Art Unit 2433