Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statements
The information disclosure statement(s) (IDS) submitted on 04/30/2020 has been partially considered. The submission is not in compliance with the provisions of 37 CFR 1.97, because the applicant did not include copies of the foreign references.  Accordingly, the examiner requires that copies of the unconsidered references be provided in the applicant’s next response.  

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 8, and 15 are rejected under 35 U.S.C. 103 as being unpatentable over US 2020/0228340 to Blackhurst et al. (hereinafter referred to as Blackhurst) in view of US 2014/0281946 to Avni et al. (hereinafter referred to as Avni). 
Regarding claim 1, Blackhurst teaches following features,
A method of user enrollment and authentication processing, implemented in a computer system comprising 
a processor,
memory accessible by the processor, and 
computer program instructions stored in the memory and executable by the processor, the method comprising: 
Blackhurst in [0051-53] teaches a server computer (“computer system”) with a processor and memory, where the server computer receives data from a user device or a mobile device (“client computer system”). Additionally, the Examiner asserts that a processor and a memory would be inherent in a server computer of Blackhurst.
receiving and storing enrollment information from a client computer system, the enrollment information comprising a template of authentication data …..; 
Blackhurst in fig. 2 and starting at [0068] depicts and teaches an enrollment process. Blackhurst at [0069], in the second sentence, teaches that a credential-holder application 202 is a user device (e.g., the user device 102 of fig. 1). The first sentence of [0071] teaches that a biometric sample of the user is captured by the (user) mobile device, and then, a biometric template is generated at 208 by the credential-holder application 202. Last sentence of [0073] of Blackhurst states, “In another embodiment, the encrypted biometric template may be stored at a remote server associated with credential-holder application 202, such as credential-holder server 204.” (emphasis added)
receiving an additional template to be used to authenticate the user from the client computer system; 
Fig. 3 and of Blackhurst teaches the authentication of the user, after performing the enrollment of the user.  
First, Blackhurst in [0012] teaches that the resource provider application (See the resource provider application 308 of fig. 3, which is depicted as being located in the mobile device 302) may be located either in the user device or a web server. Additionally, Blackhurst in the last two sentences of [0078] teach that the resource provider application 308 may be a website or a merchant website that provides the functionalities of resource provider application 308. 
Second, Blackhurst in the middle of [0082] teaches that the user is prompted to provide a biometric sample via the mobile device 302 (e.g., using the camera). Blackhurst in the third sentence of 
See also Blackhurst at fig. 5, Steps 504 which generates a second encrypted biometric template that is compared, in Step 506, with the first encrypted biometric template that is generated at enrollment.  
authenticating the user using the received additional template using the stored template …..; and 
Blackhurst at [0107] teaches that the comparison of the first (enrollment) and second (authentication) biometric templates may be performed by using s “Shamir secret sharing scheme” in order to split the templates into parts. The last sentence of Blackhurst [0107] teaches that merchant application / webpage and the credential-holder server to carry out a comparison. 
See also Blackhurst at fig. 5, Steps 504 which generates a second encrypted biometric template. At Step 506 the second (authentication) encrypted biometric template is compared with the first (enrollment) encrypted biometric template.
Again, Blackhurst in [0012] teaches that the resource provider application (See the resource provider application 308 of fig. 3, which is depicted as being located in the mobile device 302) may be located either in the user device or a web server. Additionally, Blackhurst in the last two sentences of [0078] teach that the resource provider application 308 may be a website or a merchant website that provides the functionalities of resource provider application 308.
determining that authentication is successful when the received additional template matches the stored template …..  .  
Blackhurst in [0108] teaches Step 507, the match result based on the first (enrollment) and second (authentication) biometric templates matching. 
See also Blackhurst at fig. 5, Steps 504 which generates a second encrypted biometric template that is compared, in Step 506, with the first encrypted biometric template that is generated at enrollment. In Step 507 of fig. 5, access is authorized to a resource based on a match from the comparison at Step 506. 
Blackhurst fails to teach all of the emphasized featured related to the “additional … vector” below,
receiving and storing enrollment information from a client computer system, the enrollment information comprising a template of authentication data and at least one additional encrypted vector; 
The encryption of the “additional … vector” is performed by the homomorphic encryption of Blackhurst and the sending of the encrypted …. vector to a server is also taught by Blackhurst which sends vector information to the server.  However, Blackhurst fails to teach an additional vector. 
authenticating the user using the received additional template using the stored template and the stored at least one additional encrypted vector; and 
determining that authentication is successful when the received additional template matches the stored template and is valid based on the stored at least one additional encrypted vector.  (emphasis added)
	However, Avni teaches the additional vector, 
	Avni in at least [0088] teaches that a validation server 20 stores signature related data that is captured on a device 34, as shown in Fig. 1A of Avni. 
Avni in the second half of [0377] a biometric signature template 509 is saved at step 545. However, Avni also teaches saving other characteristics of the signature, such as the speed and acceleration of the signature as it is being performed. Avni at [0377] describes the acceleration as a behaviometric and further states, “These behaviometrics are all stored in the user's behaviometric signature template 509, for use during a subsequent validation process.” (emphasis added) In the last sentence of [0379], Avni teaches an acceleration vector (“additional … vector”). 
Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to combine the teachings of Blackhurst with Avni. One of ordinary skill in the art would have been motivated to perform such an addition to provide for a capability, that is in addition to a basic biometric (signature) template, to analyze additional characteristics (e.g., speed and acceleration).
		
Regarding claim 8, Blackhurst teaches following features,
A system for user enrollment and authentication processing, the system comprising
a processor, 
memory accessible by the processor, and 
computer program instructions stored in the memory and executable by the processor to perform: 
Blackhurst in [0051-53] teaches a server computer (“computer system”) with a processor and memory, where the server computer receives data from a user device or a mobile device (“client computer system”). Additionally, the Examiner asserts that a processor and a memory would be inherent in a server computer of Blackhurst.
receiving and storing enrollment information from a client computer system, the enrollment information comprising a template of authentication data … ; 
Blackhurst in fig. 2 and starting at [0068] depicts and teaches an enrollment process. Blackhurst at [0069], in the second sentence, teaches that a credential-holder application 202 is a user device (e.g., the user device 102 of fig. 1). The first sentence of [0071] teaches that a biometric sample of the user is captured by the (user) mobile device, and then, a biometric template is generated at 208 by the credential-holder application 202. Last sentence of [0073] of Blackhurst states, “In another embodiment, the encrypted biometric template may be stored at a remote server associated with credential-holder application 202, such as credential-holder server 204.” (emphasis added)
receiving an additional template to be used to authenticate the user from the client computer system; 
Fig. 3 and of Blackhurst teaches the authentication of the user, after performing the enrollment of the user.  
First, Blackhurst in [0012] teaches that the resource provider application (See the resource provider application 308 of fig. 3, which is depicted as being located in the mobile device 302) may be located either in the user device or a web server. Additionally, Blackhurst in the last two sentences of 
Second, Blackhurst in the middle of [0082] teaches that the user is prompted to provide a biometric sample via the mobile device 302 (e.g., using the camera). Blackhurst in the third sentence of [0083] teaches generating a biometric template from the biometric sample, and encrypting the biometric template.     
See also Blackhurst at fig. 5, Steps 504 which generates a second encrypted biometric template that is compared, in Step 506, with the first encrypted biometric template that is generated at enrollment.  
authenticating the user using the received additional template using the stored template …. ; and 
Blackhurst at [0107] teaches that the comparison of the first (enrollment) and second (authentication) biometric templates may be performed by using s “Shamir secret sharing scheme” in order to split the templates into parts. The last sentence of Blackhurst [0107] teaches that merchant application / webpage and the credential-holder server to carry out a comparison. 
See also Blackhurst at fig. 5, Steps 504 which generates a second encrypted biometric template. At Step 506 the second (authentication) encrypted biometric template is compared with the first (enrollment) encrypted biometric template.
Again, Blackhurst in [0012] teaches that the resource provider application (See the resource provider application 308 of fig. 3, which is depicted as being located in the mobile device 302) may be located either in the user device or a web server. Additionally, Blackhurst in the last two sentences of [0078] teach that the resource provider application 308 may be a website or a merchant website that provides the functionalities of resource provider application 308.
determining that authentication is successful when the received additional template matches the stored template … . 
Blackhurst in [0108] teaches Step 507, the match result based on the first (enrollment) and second (authentication) biometric templates matching. 
In Step 507 of fig. 5, access is authorized to a resource based on a match from the comparison at Step 506. 
Blackhurst fails to teach all of the emphasized featured related to the “additional … vector” below,
receiving and storing enrollment information from a client computer system, the enrollment information comprising a template of authentication data and at least one additional encrypted vector; 
The encryption of the “additional … vector” may be performed by the homomorphic encryption of Blackhurst and the sending of the encrypted …. vector to a server is also taught by Blackhurst which sends vector information to the server.  However, Blackhurst fails to teach an additional vector. 
authenticating the user using the received additional template using the stored template and the stored at least one additional encrypted vector; and 
determining that authentication is successful when the received additional template matches the stored template and is valid based on the stored at least one additional encrypted vector.  (emphasis added)
	However, Avni teaches the additional vector, 
	Avni in at least [0088] teaches that a validation server 20 stores signature related data that is captured on a device 34, as shown in Fig. 1A of Avni. 
Avni in the second half of [0377] a biometric signature template 509 is saved at step 545. However, Avni also teaches saving other characteristics of the signature, such as the speed and acceleration of the signature as it is being performed. Avni at [0377] describes the acceleration as a behaviormetric and further states, “These behaviometrics are all stored in the user's behaviometric signature template 509, for use during a subsequent validation process.” (emphasis added) In the last sentence of [0379], Avni teaches an acceleration vector (“additional … vector”). 


Regarding claim 15, Blackhurst teaches following features,
A computer program product for user enrollment and authentication processing, the computer program product comprising a non-transitory computer readable storage having program instructions embodied therewith, the program instructions executable by a computer, to cause the computer to perform a method comprising:  -28-P201908647US01 
Blackhurst in [0051-53] teaches a server computer (“computer system”) with a processor and memory, where the server computer receives data from a user device or a mobile device (“client computer system”).
receiving an additional template to be used to authenticate the user from the client computer system; 
Fig. 3 and of Blackhurst teaches the authentication of the user, after performing the enrollment of the user.  
First, Blackhurst in [0012] teaches that the resource provider application (See the resource provider application 308 of fig. 3, which is depicted as being located in the mobile device 302) may be located either in the user device or a web server. Additionally, Blackhurst in the last two sentences of [0078] teach that the resource provider application 308 may be a website or a merchant website that provides the functionalities of resource provider application 308. 
Second, Blackhurst in the middle of [0082] teaches that the user is prompted to provide a biometric sample via the mobile device 302 (e.g., using the camera). Blackhurst in the third sentence of [0083] teaches generating a biometric template from the biometric sample, and encrypting the biometric template.     
Steps 504 which generates a second encrypted biometric template that is compared, in Step 506, with the first encrypted biometric template that is generated at enrollment.  
authenticating the user using the received additional template using the stored template … ; and 
Blackhurst at [0107] teaches that the comparison of the first (enrollment) and second (authentication) biometric templates may be performed by using s “Shamir secret sharing scheme” in order to split the templates into parts. The last sentence of Blackhurst [0107] teaches that merchant application / webpage and the credential-holder server to carry out a comparison. 
See also Blackhurst at fig. 5, Steps 504 which generates a second encrypted biometric template. At Step 506 the second (authentication) encrypted biometric template is compared with the first (enrollment) encrypted biometric template.
Again, Blackhurst in [0012] teaches that the resource provider application (See the resource provider application 308 of fig. 3, which is depicted as being located in the mobile device 302) may be located either in the user device or a web server. Additionally, Blackhurst in the last two sentences of [0078] teach that the resource provider application 308 may be a website or a merchant website that provides the functionalities of resource provider application 308.
determining that authentication is successful when the received additional template matches the stored template … .  
Blackhurst in [0108] teaches Step 507, the match result based on the first (enrollment) and second (authentication) biometric templates matching. 
See also Blackhurst at fig. 5, Steps 504 which generates a second encrypted biometric template that is compared, in Step 506, with the first encrypted biometric template that is generated at enrollment. In Step 507 of fig. 5, access is authorized to a resource based on a match from the comparison at Step 506. 
	Blackhurst fails to teach all of the emphasized featured related to the “additional … vector” below,
authenticating the user using the received additional template using the stored template and the stored at least one additional encrypted vector; and 
determining that authentication is successful when the received additional template matches the stored template and is valid based on the stored at least one additional encrypted vector.  
However, Avni teaches the additional vector, 
	Avni in at least [0088] teaches that a validation server 20 stores signature related data that is captured on a device 34, as shown in Fig. 1A of Avni. 
Avni in the second half of [0377] a biometric signature template 509 is saved at step 545. However, Avni also teaches saving other characteristics of the signature, such as the speed and acceleration of the signature as it is being performed. Avni at [0377] describes the acceleration as a behaviormetric and further states, “These behaviometrics are all stored in the user's behaviometric signature template 509, for use during a subsequent validation process.” (emphasis added) In the last sentence of [0379], Avni teaches an acceleration vector (“additional … vector”). 
Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to combine the teachings of Blackhurst with Avni. One of ordinary skill in the art would have been motivated to perform such an addition to provide for a capability, that is in addition to a basic biometric (signature) template, to analyze additional characteristics (e.g., speed and acceleration).

Claims 2-5, 7, 9-12, 14, and 16-19are rejected under 35 U.S.C. 103 as being unpatentable over Blackhurst, in view of  Avni, and further in view of   US 9,374,370 to Bent et al. (hereinafter referred to as Bent). 
Regarding claim 2, Blackhurst and Avni fail to teach,  	
The method of claim 1, wherein the template of authentication data and the received additional template are vectors representing values of features of biometric data and the at least one additional encrypted vector is a random 0-1 vector. 
	However, Bent teaches these features.

Bent at Col. 4, lines 42-61 states, “In embodiments, applying the threshold intensity value to the invariant feature vector to generate the 128-bit invariant code can comprise generating, using the threshold intensity value, a sequence of real numbers comprising a set of pseudo-random vectors; applying a Gram-Schmidt ortho-normalization to the set of pseudo-random vectors to transform them into an orthonormal set of vectors; computing an inner product between the invariant biometric feature vector and the orthonormal set of vectors; assigning a value of zero to each inner product value less than the threshold intensity value and assigning a value of one to each inner product value greater than the threshold intensity value; mapping each value to a bit location based at least in part upon the location within the biometric feature vector; and aggregating the values in their respective locations to produce a bit string. In embodiments, applying the threshold intensity value to the invariant feature vector to generate the 128-bit invariant code can further comprise, prior to computing the inner product, normalizing the invariant biometric feature vector between the values negative one and positive one.” (emphasis added)
	Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to combine the teachings of Blackhurst and Avni with Bent.  One of ordinary skill in the art would have been motivated to perform such an addition to provide additional security. For example, in order to create an encryption key to pass information, such as the encryption key that Blackhurst uses to encrypt the identifier. This could be performed by analyzing the biometric data in order to extract a random encryption key that could be used to encrypt the from the vectors of the biometric, as described above.

Regarding claim 3, Blackhurst, Avni, and Bent teach,
The method of claim 2, wherein the stored template is encrypted and determining that the received additional data matches the stored template comprises computing a distance function between the stored template and the received additional template using modular arithmetic and determining that they match when the computed distance is smaller than threshold.  
	Avni in [0314] teaches a distance interval (“computing a distance function”) between two sampled points in the spatial domain of the signature template.

Regarding claim 4, Blackhurst, Avni, and Bent teach,
  	The method of claim 3, wherein determining that the received additional template is valid is based on the stored at least one additional encrypted vector using an inner product between received additional template and the stored at least one additional encrypted vector and testing whether a result is confined to a range.  
	However, Bent teaches the above features,
	Bent teaches the use of an inner product of the encrypted vector and a biometric template, as evidenced in Bent at Col. 4, lines 42-61 (included above). 
Additionally, Avni in [0044] teaches comparing user biometrics with reference (enrollment) biometrics, such as the characteristics of speed and acceleration, in order to determine if there is a match based on the signature comparison being within predetermined thresholds, as taught by [0272] of Avni. The Examiner interprets this feature as corresponding to “a result confined in a range.” 	

Regarding claim 5, Blackhurst, Avni, and Bent teach,
The method of claim 4, wherein enrollment information further comprises a plurality of additional encrypted vectors and determining that the received additional template is valid is based on all the stored additional encrypted vectors.  


Regarding claim 7, Blackhurst, Avni, and Bent teach,
The method of claim 4, wherein the encryption is Homomorphic Encryption or Functional Encryption and the operations are performed on encrypted the vectors and templates using the properties of Homomorphic Encryption or Functional encryption.  
	The last two sentences of Blackhurst’s Abstract state, “For protecting the privacy of the users biometric data, a cryptographic comparison protocol can be used to perform matching of encrypted templates. For example, the cryptographic comparison protocol may involve Fuzzy Extractors (FE), Homomorphic Encryption (HE), and/or Secure Multi-Party Computation (SMPC).” (emphasis added) 
More specifically, Blackhurst in the middle of [0085] teaches that the biometric comparison / match may be performed using Homomorphic Encryption (HE). 

Regarding claim 9, Blackhurst, Avni, and Bent teach,
The system of claim 8, wherein the template of authentication data and the received additional template are vectors representing values of features of biometric data and the at least one additional encrypted vector is a random 0-1 vector.  
Claim 9 is rejected using the same basis of arguments used to reject claim 2 above.

Regarding claim 10, Blackhurst, Avni, and Bent teach,
The system of claim 9, wherein the stored template is encrypted and determining that the received additional data matches the stored template comprises computing a distance function between the stored template and the received additional template using modular arithmetic and determining that they match when the computed distance is smaller than threshold.  
Claim 10 is rejected using the same basis of arguments used to reject claim 3 above.

Regarding claim 11, Blackhurst, Avni, and Bent teach,
The system of claim 10, wherein determining that the received additional template is valid is based on the stored at least one additional encrypted vector using an inner product between received additional template and the stored at least one additional encrypted vector and testing whether a result is confined to a range. 
Claim 11 is rejected using the same basis of arguments used to reject claim 4 above.

Regarding claim 12, Blackhurst, Avni, and Bent teach,
The system of claim 11, wherein enrollment information further comprises a plurality of additional encrypted vectors and determining that the received additional template is valid is based on all the stored additional encrypted vectors.  
	Claim 12 is rejected using the same basis of arguments used to reject claim 5 above.

Regarding claim 14, Blackhurst, Avni, and Bent teach,
The system of claim 11, wherein the encryption is Homomorphic Encryption or Functional Encryption and the operations are performed on encrypted the vectors and templates using the properties of Homomorphic Encryption or Functional encryption.  
Claim 14 is rejected using the same basis of arguments used to reject claim 7 above. 

Regarding claim 16, Blackhurst, Avni, and Bent teach,
The method of claim 15, wherein the template of authentication data and the received additional template are vectors representing values of features of biometric data and the at least one additional encrypted vector is a random 0-1 vector. 
Claim 16 is rejected using the same basis of arguments used to reject claim 2 above.
 
Regarding claim 17, Blackhurst, Avni, and Bent teach,
The method of claim 16, wherein the stored template is encrypted and determining that the received additional data matches the stored template comprises computing a distance function between the stored template and the received additional template using modular arithmetic and determining that they match when the computed distance is smaller than threshold.  
	Claim 17 is rejected using the same basis of arguments used to reject claim 3 above.

Regarding claim 18, Blackhurst, Avni, and Bent teach,
The method of claim 17, wherein determining that the received additional template is valid is based on the stored at least one additional encrypted vector using an inner product between received additional template and the stored at least one additional encrypted vector and testing whether a result is confined to a range.  
Claim 18 is rejected using the same basis of arguments used to reject claim 4 above.

Regarding claim 19, Blackhurst, Avni, and Bent teach,
The method of claim 18, wherein enrollment information further comprises a plurality of additional encrypted vectors and determining that the received additional template is valid is based on all the stored additional encrypted vectors.  
Claim 19 is rejected using the same basis of arguments used to reject claim 5 above.

Allowable Subject Matter
s 6, 13, and 20 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRIAN WILLIAM AVERY whose telephone number is (571) 272-3942.  The examiner can normally be reached on 9AM-5PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on (571) 272-3739.  
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/B.W.A./

/FARID HOMAYOUNMEHR/Supervisory Patent Examiner, Art Unit 2495