DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Election/Restrictions
NO restrictions warranted at applicant’s initial time of filing for patent. 
Priority
Applicant claim[s] foreign priority under 35 USC 119b to Korean App # 10-2019-0062938, filed on 05/29/2019. 
Receipt is acknowledged of certified copies of papers required by 37 CFR 1.55.
Information Disclosure Statement
The information disclosure statements (IDS) submitted on 05/29/2020 and 12/29/2020, the submission[s] are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.
Drawings
Applicant’s drawings filed on 05/29/2020 have been inspected and is in compliance with MPEP 608.02. 
Specification
Applicant’s specification filed on 05/29/2020 has been inspected and is in compliance with MPEP 608.01. 
Claim Objections
NO objection warranted at applicant’s initial time of filing for patent. 
Claim Interpretation – 35 USC 112th 6thor F
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 

(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that use the word “means” or “step” but are nonetheless not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph because the claim limitation(s) recite(s) sufficient structure, materials, or acts to entirely perform the recited function.  
Such claim limitation(s) is/are: 
Regarding claim 1. An apparatus for registering biometric information, comprising: 
one or more processors; and 
one or more communication interfaces, wherein the one or more processors are configured “to: 
generate a registration target biometric template based on biometric information of a user; 
transmit a biometric information registration request including the registration target biometric template to a server through the one or more communication interfaces; 
acquire transaction information based on the biometric information registration request from the server through the one or more communication interfaces; 
generate an electronic signature for the transaction information using a private key; 
transmit the electronic signature for the transaction information to the server through the one or more communication interfaces; and 
acquire a registration result for the registration target biometric template based on a verification result for the electronic signature from the server through the one or more communication interface.”
Regarding claim 2. The apparatus of claim 1, wherein the one or more processors are further configured “to generate ciphertext for the registration target biometric template using identification information of the user and transmit the biometric information registration request including the ciphertext to the server through the one or more communication interfaces.”
Regarding claim 9. An apparatus for biometric authentication, comprising: 
one or more processors; and 
one or more communication interfaces, wherein the one or more processors are configured “to:  
request a server to authenticate a user through the one or more communication interfaces; 
acquire a registered biometric template of the user from the server, which has pre-registered the biometric template, through the one or more communication interfaces; 
generate an authentication target biometric template based on biometric information of the user; 
perform biometric information matching based on the registered biometric template and the authentication target biometric template; 
transmit a biometric information matching result to the server through the one or more communication interfaces; and 
acquire an authentication result for the user based on the biometric information matching result from the server through the one or more communication interfaces.”
Regarding claim 10. The apparatus of claim 9, wherein the one or more processors are further configured “to acquire ciphertext for the registered biometric template, which is encrypted using identification information of the user, from the server through the one or more communication interfaces and acquire the registered biometric template by decrypting the ciphertext using the identification information.”
Regarding claim 11. The apparatus of claim 9, wherein the one or more processors are further configured “to acquire transaction information from the server through the one or more communication interfaces.”
Regarding claim 13. The apparatus of claim 11, wherein the one or more processors are further configured “to generate an electronic signature for the transaction information and the biometric information matching result using a private key and transmit the biometric information matching result and the electronic signature to the server through the one or more communication interfaces.”
Because this/these claim limitation(s) is/are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, it/they is/are not being interpreted to cover only the corresponding structure, material, or acts described in the specification as performing the claimed function, and equivalents thereof.
If applicant intends to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to remove the structure, materials, or acts that performs the claimed function; or (2) present a sufficient showing that the claim limitation(s) does/do not recite sufficient structure, materials, or acts to perform the claimed function.
Appropriate action required. 
Claim Rejections - 35 USC § 112
NO rejections warranted at applicant’s initial time of filing for patent. 
Double Patenting
NO rejections warranted at applicant’s initial time of filing for patent. 
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claim[s] 1 – 4 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.  The claim(s) 1 – 4 does/do not fall within at least one of the four categories of patent eligible subject matter because applicant intends to claim software per se. While the claim language does recite a processor, and communication interface, however, one of ordinary skill in the art could also conclude that both the recited processor and communication interface could be embodied by entirely/only software instead of structure or hardware as required by the statute. In applicant’s specification as filed [i.e. paragraph: 0176], the specification does not define the recited processor and/or communication interface as only structure or hardware embodiments. Therefore, it is concluded that applicant is claiming software/program, which clearly isn’t one of the statutory categories under the meaning of the statute.   
	Appropriate action required. 
***The examiner notes that to overcome the above rejection applicant should consider the following claim amendment, “network communication interface.”
Claim[s] 9 – 14 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.  The claim(s) 9 – 14 does/do not fall within at least one of the four categories of patent eligible subject matter because applicant intends to claim software per se. While the claim language does recite a processor, and communication interface, however, one of ordinary skill in the art could also conclude that both the recited processor and communication interface could be embodied by entirely/only software instead of structure or hardware as required by the statute. In applicant’s specification as filed [i.e. paragraph: 0176], the specification does not define the recited processor and/or communication interface as only structure or hardware 
	Appropriate action required. 
***The examiner notes that to overcome the above rejection applicant should consider the following claim amendment, “network communication interface.”
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claim(s) 9, 11, 15, 17 is/are rejected under 35 U.S.C. 102(a)(2) as being taught by Tussy [US PGPUB # 2016/0063235].
As per claim 9. Tussy does teach an apparatus for biometric authentication [Tussy, paragraph: 0042, A system and method for providing secure and convenient facial recognition authentication will be described below. The system and method may be achieved without the need for additional expensive biometric readers or systems comprising: 
one or more processors [Tussy, Figure # 1, and paragraph: 0047, lines 9 – 14, The server 120 may include any type of computing device capable of communicating with the mobile device 112. The server 120 and mobile device 112 are configured with a processor and memory and are configured to execute machine readable code or machine instructions stored in the memory.]; and 
one or more communication interfaces [Tussy, Figure # 1, and paragraph: 0047, lines 1 – 9, The mobile device 112 is configured to wirelessly communicate over a network 116 with a remote server 120. The server 120 may communicate with one or more databases 124. The network 116 may be any type of network capable of communicating to and from the mobile device including but not limited to a LAN, WAN, PAN, or the Internet. The mobile device 112 may communicate with the network via a wired or wireless connection, such as via Ethernet, WiFi, NFC, and the like. ], wherein the one or more processors are configured to:  
request a server to authenticate a user through the one or more communication interfaces [Tussy, Figure #1, and paragraph: 0047, lines 1 – 3, The mobile device 112 is configured to wirelessly communicate over a network 116 with a remote server 120. Where at paragraph: 0049, lines 1 – 3, In this embodiment, the server 120 processes requests for identification from the mobile device 112 or user 108.]; 
acquire a registered biometric template of the user from the server, which has pre-registered the biometric template, through the one or more communication interfaces [Tussy, Figure # 1, and 9, and paragraph: 0097, In some embodiments, a copy of the enrollment information may be stored on the mobile device 112, and the mobile device 112 may verify that the credentials received on the mobile device 112 sufficiently correspond with the enrollment information. This would allow a user to secure documents, files, or applications on the mobile device 112 itself in addition to securing a user's account hosted on a remote device, such as the authentication server 120, even when a connection to the authentication server 120 may be temporarily unavailable, such as when a user does not have access to the Internet. Further, this would allow the user to secure access to the mobile device 112 itself. Or enrollment info may be stored on server.]; 
generate an authentication target biometric template based on biometric information of the user [Tussy, paragraph: 0009, lines 1 – 7, In one embodiment, the user may enroll in the system by providing enrollment images of the user's face. The enrollment images are taken by the camera of the mobile device as the user moves the mobile device to different positions relative to the user's head. The user may thus obtain enrollment images showing the user's face from different angles and distances. ]; 
perform biometric information matching based on the registered biometric template and the authentication target biometric template [Tussy, paragraph: 0010, lines 1 – 11, The system may then authenticate a user by the user providing at least one authentication image via the camera of the mobile device while the user moves the 
transmit a biometric information matching result to the server through the one or more communication interfaces [Tussy, Figure # 1, paragraph: 0049, lines 11 – 15, In yet another embodiment, the mobile device 112 compares biometric information with stored biometric information on the mobile device 112, and sends a authentication result from the comparison to the server 120.]; and 
acquire an authentication result for the user based on the biometric information matching result from the server [Tussy, Figure # 1, and paragraph: 0058, lines 3 – 5, However, it is contemplated that the facial recognition processing may occur on the mobile device, the remote server, or both.] through the one or more communication interfaces [Tussy, Figure # 4, and paragraph: 0103, lines 1 – 11, Returning to FIG. 4, in step 440, the authentication server 120 may grant or deny access based on the verification in step 430. For example, if the authentication server 120 verifies that the credentials match the enrollment information, then the server 120 may authenticate the user to allow access to the user's account. In the instance where the authentication server 120 is separate from the account server 120B (such as a bank's server), the authentication server 120 may transmit the unique identifier to the account server along with an indication that the identity of the user associated with the unique identifier has been verified.].
As per claim 11. Tussy does teach the apparatus of claim 9, wherein the one or more processors are further configured to acquire transaction information from the server through the one or more communication interfaces [Tussy, Figure # 1, and 9, and paragraph: 0097, In some embodiments, a copy of the enrollment information may be stored on the mobile device 112, and the mobile device 112 may verify that the credentials received on the mobile device 112 sufficiently correspond with the enrollment information. This would allow a user to secure documents, files, or applications on the mobile device 112 itself in addition to securing a user's account hosted on a remote device, such as the authentication server 120, even when a connection to the authentication server 120 may be temporarily unavailable, such as when a user does not have access to the Internet. Further, this would allow the user to secure access to the mobile device 112 itself. Or enrollment info may be stored on server. Where at paragraph: 0204 of Tussy, Likewise, although described herein as financial account authentication, the authentication using path parameters and image data may be implemented in any environment requiring verification of the user's identity before allowing access, such as auto access, room access, computer access, web site or data access, phone use, computer use, package receipt, event access, ticketing, courtroom access, airport security, retail sales transaction , IoT access, or any other type of situation.].
As per method claim 15 that includes the same or similar claim limitations as apparatus claim 9, and is similarly rejected. 

As per claim 17. Tussy does teach the method of claim 15, further comprising acquiring transaction information from the server [Tussy, Figure # 1, and 9, and paragraph: 0097, In some embodiments, a copy of the enrollment information may be stored on the mobile device 112, and the mobile device 112 may verify that the credentials received on the mobile device 112 sufficiently correspond with the enrollment information. This would allow a user to secure documents, files, or applications on the mobile device 112 itself in addition to securing a user's account hosted on a remote device, such as the authentication server 120, even when a connection to the authentication server 120 may be temporarily unavailable, such as when a user does not have access to the Internet. Further, this would allow the user to secure access to the mobile device 112 itself. Or enrollment info may be stored on server. Where at paragraph: 0204 of Tussy, Likewise, although described herein as financial account authentication, the authentication using path parameters and image data may be implemented in any environment requiring verification of the user's identity before allowing access, such as auto access, room access, computer access, web site or data access, phone use, computer use, package receipt, event access, ticketing, courtroom access, airport security, retail sales transaction , IoT access, or any other type of situation.].
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of 
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or non-obviousness.
Claim[s] 10, 14, 16, 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Tussy et al. [US PGPUB # 2016/0063235] in view of AHN et al. [US PGPUB # 2017/0264429]
As per claim 10. Tussy does teach what is taught in the rejection of claim 9 above. 
Tussy does not teach clearly the apparatus of claim 9, wherein the one or more processors are further configured to acquire ciphertext for the registered biometric template, which is encrypted using identification information of the user, from the server through the one or more communication interfaces and acquire the registered biometric template by decrypting the ciphertext using the identification information.
However, AHN does teach the apparatus of claim 9, wherein the one or more processors are further configured to acquire ciphertext for the registered biometric template, which is encrypted using identification information of the user, from the server through the one or more communication interfaces [AHN, paragraph: 0011, lines 15 – 20, acquiring biometric information for registration corresponding to an identifier of the target client among pieces of the biometric information for registration having been encrypted by each of the at least one client transmitting the biometric information for registration;] and acquire the registered biometric template by decrypting the ciphertext using the identification information [AHN, paragraph: 0011, lines 20 – 33, providing the encrypted biometric information for authentication and the biometric information for registration corresponding to the identifier to the at least one sub-matching server to decrypt the encrypted biometric information for authentication and the biometric information for registration corresponding to the identifier; acquiring the decrypted biometric information for authentication and the decrypted biometric information for registration corresponding to the identifier; determining whether or not the decrypted biometric information for authentication and the decrypted biometric information for registration corresponding to the identifier match; and providing a matching result to the biometric information storage server or the target client].

As per claim 14. Tussy as modified does teach the apparatus of claim 13, wherein the authentication result is determined based on a verification result of the server for the electronic signature using a public key that corresponds to the private key [AHN, Figure # 7, steps 740, 750, and paragraph: 0149, The decryption key storage server may decrypt the encrypted biometric information for authentication and biometric information for registration corresponding to the identifier using the decryption key corresponding to the identifier (740). Then at paragraph: 0150, The decryption key storage server may determine whether or not the decrypted biometric information for authentication and the biometric information for registration corresponding to the identifier match (750). 
Where at paragraph: 0037, The encryption and the decryption may be performed by a symmetric encryption/decryption method or an asymmetric encryption/decryption method. Here, the symmetric encryption/decryption method indicates an algorithm or a method in which an encryption key that is used for encryption is identical to a decryption key that is used for interpreting, that is, decrypting, a password. On the other hand, the asymmetric encryption/decryption method indicates an algorithm in which an encryption key and a decryption key are different. Then of paragraph: 0038, Examples of a symmetric key include Triple Data Encryption Standard (3DES), Advanced Encryption Standard (AES), SEED, Academy-Research Institute-Agency (ARIA) DES, CRYPTON, RIJNDAEL, CAST256, RC6, RC5, RC4, RC2, TWOFISH, MARS, SERPENT, SKIPJACK, International Data Encryption Algorithm (IDEA), SEAL, DESX, BLOWFISH, CAST128, SAFER, etc., and examples of an asymmetric key include Rivest Shamir Adleman (RSA), EIGamal, Elliptic Curve Crypto (ECC) system, Digital Signature Standard (DSS), Public Key Partners (PKP), etc. It is self-evident that the symmetric key and the asymmetric key are not limited to the above examples, and information which has not been mentioned above but is used in the symmetric encryption/decryption method or the asymmetric encryption/decryption method may also be included in the symmetric key or the asymmetric key.].
As per method claim 16 that includes the same or similar claim limitations as apparatus claim 10, and is similarly rejected. 

As per method claim 20 that includes the same or similar claim limitations as apparatus claim 14, and is similarly rejected. 

Claim[s] 1, 2, 4, 5, 6, 8 is/are rejected under 35 U.S.C. 103 as being unpatentable over Tussy et al. [US PGPUB # 2016/0063235] in view of AHN et al. [US PGPUB # 2017/0264429]
As per claim 1. Tussy does teach an apparatus for registering biometric information [Tussy, paragraph: 0009, lines 1 – 7, In one embodiment, the user may enroll in the system by providing enrollment images of the user's face. The enrollment images are taken by the camera of the mobile device as the user moves the mobile device to different positions relative to the user's head. The user may thus obtain enrollment images showing the user's face from different angles and distances. ], comprising: 
one or more processors [Tussy, Figure # 1, and paragraph: 0047, lines 9 – 14, The server 120 may include any type of computing device capable of communicating with the mobile device 112. The server 120 and mobile device 112 are configured with a processor and memory and are configured to execute machine readable code or machine instructions stored in the memory]; and 
one or more communication interfaces [Tussy, Figure # 1, and paragraph: 0047, lines 1 – 9, The mobile device 112 is configured to wirelessly communicate over a network 116 with a remote server 120. The server 120 may communicate with one or more databases 124. The network 116 may be any type of network capable of communicating to and from the mobile device including but not limited to a LAN, WAN, PAN, or the Internet. The mobile device 112 may communicate with the network via a wherein the one or more processors are configured to: 
generate a registration target biometric template based on biometric information of a user [Tussy, paragraph: 0009, lines 1 – 7, In one embodiment, the user may enroll in the system by providing enrollment images of the user's face. The enrollment images are taken by the camera of the mobile device as the user moves the mobile device to different positions relative to the user's head. The user may thus obtain enrollment images showing the user's face from different angles and distances. ]; 
transmit a biometric information registration request including the registration target biometric template to a server through the one or more communication interfaces [Tussy, Figure #1, and paragraph: 0047, lines 1 – 3, The mobile device 112 is configured to wirelessly communicate over a network 116 with a remote server 120. Where at paragraph: 0049, lines 1 – 3, In this embodiment, the server 120 processes requests for identification from the mobile device 112 or user 108. ]; 
acquire transaction information based on the biometric information registration request from the server through the one or more communication interfaces [Tussy, Figure # 1, and 9, and paragraph: 0097, In some embodiments, a copy of the enrollment information may be stored on the mobile device 112, and the mobile device 112 may verify that the credentials received on the mobile device 112 sufficiently correspond with the enrollment information. This would allow a user to secure documents, files, or applications on the mobile device 112 itself in addition to securing a 120, even when a connection to the authentication server 120 may be temporarily unavailable, such as when a user does not have access to the Internet. Further, this would allow the user to secure access to the mobile device 112 itself. Or enrollment info may be stored on server]; and  
acquire a registration result for the registration target biometric template based on a verification result for the electronic signature from the server [Tussy, Figure # 1, and paragraph: 0058, lines 3 – 5, However, it is contemplated that the facial recognition processing may occur on the mobile device, the remote server, or both.] through the one or more communication interface [Tussy, Figure # 4, and paragraph: 0103, lines 1 – 11, Returning to FIG. 4, in step 440, the authentication server 120 may grant or deny access based on the verification in step 430. For example, if the authentication server 120 verifies that the credentials match the enrollment information, then the server 120 may authenticate the user to allow access to the user's account. In the instance where the authentication server 120 is separate from the account server 120B (such as a bank's server), the authentication server 120 may transmit the unique identifier to the account server along with an indication that the identity of the user associated with the unique identifier has been verified.].
	Tussy does not teach clearly generate an electronic signature for the transaction information using a private key;
transmit the electronic signature for the transaction information to the server through  the one or more communication interfaces. 
	However, AHN does teach generate an electronic signature for the transaction information using a private key [AHN, Figure # 7, steps 740, 750, and paragraph: 0149, The decryption key storage server may decrypt the encrypted biometric information for authentication and biometric information for registration corresponding to the identifier using the decryption key corresponding to the identifier (740). Then at paragraph: 0150, The decryption key storage server may determine whether or not the decrypted biometric information for authentication and the biometric information for registration corresponding to the identifier match (750). 
Where at paragraph: 0037, The encryption and the decryption may be performed by a symmetric encryption/decryption method or an asymmetric encryption/decryption method. Here, the symmetric encryption/decryption method indicates an algorithm or a method in which an encryption key that is used for encryption is identical to a decryption key that is used for interpreting, that is, decrypting, a password. On the other hand, the asymmetric encryption/decryption method indicates an algorithm in which an encryption key and a decryption key are different. Then of paragraph: 0038, Examples of a symmetric key include Triple Data Encryption Standard (3DES), Advanced Encryption Standard (AES), SEED, Academy-Research Institute-Agency (ARIA) DES, CRYPTON, RIJNDAEL, CAST256, RC6, RC5, RC4, RC2, TWOFISH, MARS, SERPENT, SKIPJACK, International Data Encryption Algorithm (IDEA), SEAL, DESX, BLOWFISH, CAST128, SAFER, etc., and examples of an asymmetric key include Rivest Shamir Adleman (RSA), EIGamal, Elliptic Curve Crypto (ECC) system, Digital Signature Standard (DSS), Public Key Partners (PKP), etc. It is self-evident that the symmetric key and the asymmetric key are not limited to the above examples, and information which has not been mentioned above but is used in the symmetric encryption/decryption method or the asymmetric encryption/decryption method may also be included in the symmetric key or the asymmetric key]; 
transmit the electronic signature for the transaction information to the server through  the one or more communication interfaces [Figure # 7, step 730, and paragraph: 0148, The decryption key storage server may extract a decryption key corresponding to the identifier from at least one decryption key (730).].
It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Tussy and AHN in order for the forwarding of the encrypted facial recognition images from the user mobile device to the authentication server of an authentication system of Tussy to include storing the encrypted facial recognition images in a biometric storage server, and the decryption keys are stored in a decryption storage key server of AHN. This would allow for improvement of the authentication system, where the encrypted biometric data is stored secured independent of the storage location of decryption key that would be used to decrypt the encrypted biometric data. See paragraph: 0010, lines 22 – 28 of AHN. 
As per claim 2. Tussy as modified does teach the apparatus of claim 1, wherein the one or more processors are further configured to generate ciphertext for the registration target biometric template using identification information of the user [AHN, paragraph: 0011, lines 15 – 20, acquiring biometric information for registration corresponding to an identifier of the target client among pieces of the biometric information for registration having been encrypted by each of the at least one client transmitting the biometric information for registration] and transmit the biometric information registration request including the ciphertext to the server through the one or more communication interfaces [AHN, paragraph: 0011, lines 20 – 33, providing the encrypted biometric information for authentication and the biometric information for registration corresponding to the identifier to the at least one sub-matching server to decrypt the encrypted biometric information for authentication and the biometric information for registration corresponding to the identifier; acquiring the decrypted biometric information for authentication and the decrypted biometric information for registration corresponding to the identifier; determining whether or not the decrypted biometric information for authentication and the decrypted biometric information for registration corresponding to the identifier match; and providing a matching result to the biometric information storage server or the target client].
As per claim 4. Tussy as modified does teach the apparatus of claim 1, wherein the registration result is determined based on the verification result of the server for the electronic signature using a public key that corresponds to the private key [AHN, Figure # 7, steps 740, 750, and paragraph: 0149, The decryption key storage server may decrypt the encrypted biometric information for authentication and biometric information for registration corresponding to the identifier using the decryption 740). Then at paragraph: 0150, The decryption key storage server may determine whether or not the decrypted biometric information for authentication and the biometric information for registration corresponding to the identifier match (750). 
Where at paragraph: 0037, The encryption and the decryption may be performed by a symmetric encryption/decryption method or an asymmetric encryption/decryption method. Here, the symmetric encryption/decryption method indicates an algorithm or a method in which an encryption key that is used for encryption is identical to a decryption key that is used for interpreting, that is, decrypting, a password. On the other hand, the asymmetric encryption/decryption method indicates an algorithm in which an encryption key and a decryption key are different. Then of paragraph: 0038, Examples of a symmetric key include Triple Data Encryption Standard (3DES), Advanced Encryption Standard (AES), SEED, Academy-Research Institute-Agency (ARIA) DES, CRYPTON, RIJNDAEL, CAST256, RC6, RC5, RC4, RC2, TWOFISH, MARS, SERPENT, SKIPJACK, International Data Encryption Algorithm (IDEA), SEAL, DESX, BLOWFISH, CAST128, SAFER, etc., and examples of an asymmetric key include Rivest Shamir Adleman (RSA), EIGamal, Elliptic Curve Crypto (ECC) system, Digital Signature Standard (DSS), Public Key Partners (PKP), etc.
As per method claim[s] 5 that includes the same or similar claim limitations as apparatus claim[s] 1, and is similarly rejected. 

As per method claim[s] 6 that includes the same or similar claim limitations as apparatus claim[s] 2, and is similarly rejected. 

As per method claim[s] 8 that includes the same or similar claim limitations as apparatus claim[s] 4, and is similarly rejected. 
Allowable Subject Matter
Claim[s] 3, 7, 12, 13, 18, 19 contain allowable subject matter, but as allowable subject matter has been indicated, applicant's reply must either comply with all formal requirements or specifically traverse each requirement not complied with.  See 37 CFR 1.111(b) and MPEP § 707.07(a).
A reasons for indicating allowable subject matter/reasons for allowance will be clarified on the record in the next office action, as appropriate.  
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure: 
Burton et al. [US PGPUB # 2006/0282671], who does teach authenticating an identity of a user claiming to be a genuine-user includes receiving from the user biometric data pertaining to a plurality of biometric parameters. The received biometric data are compared with corresponding authentic biometric data which have previously been obtained from the genuine-user. The user's identity is authenticated if the received biometric data meet qualification criteria when compared with the corresponding authentic biometric data.
Farrell et al. [US PGPUB # 2018/0091505], who does teach a biometric sample and an encrypted enrollment template of a user from a client device, where the encrypted enrollment template comprises an encrypted mathematical representation of historical biometric data of the user. The encrypted enrollment template to an enrollment template using an enrollment template key is decrypted. The biometric sample is converted to a biometric template.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DANT SHAIFER - HARRIMAN whose telephone number is (571)272-7910. The examiner can normally be reached M - F: 9am to 5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on 571- 272- 3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 
/DANT B SHAIFER HARRIMAN/          Primary Examiner, Art Unit 2434