DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 03/02/22 has been entered.
EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in an interview with Jordan Powell on 3/9/22.
 The application has been amended as follows: 
The claims have been amended as follows:
(Amended) A method for secure authentication by a user comprising: the user sending a request from a client application to a server application requesting access to a portal; [the server application] generating, in the server application, [a login page including] a random unique identifier [an encoded symbol] and transmitting the [login page] random unique identifier in an encoded symbol from the server application to the client application; [the client application] receiving, by the client application, the [login page] encoded symbol; uploading the [login page with the] encoded symbol from the client application by a mobile device of the user; [and] generating, in the mobile device, a one-time authentication code (OTC) [login code using information in the encoded symbol] utilizing a secret code, wherein the secret code is a pseudo-random code, a random code, or generated codes, generated in an authentication server during an initialization phase of the mobile device; generating a login code using the OTC and the random unique identifier from the encoded symbol; transmitting the login code from the mobile device to [an] the authentication [system] server; the authentication [system] server authenticating the user using the login code, wherein the user is not required to input a username and password for authentication; and the authentication [system] server redirecting the client application to the portal and allowing the client application to connect with the portal. 
The method for secure authentication by a user according to Claim 1 wherein the encoded symbol is a matrix barcode and the mobile device uploads the matrix barcode by reading the matrix barcode when the matric barcode is displayed from the client application. 
The method for secure authentication by a user according to Claim 2 wherein the matrix barcode is a QR code. 
(Amended) The method for secure authentication by a user according to Claim 1 wherein [the mobile device of the user generates the login code through an authentication program stored on the mobile device] the encoded symbol is valid for a given period of time. 
(Amended) The method for secure authentication by a user according to Claim 4 [1] wherein the [mobile device contains usernames and passwords which are used to generate the login code] given period of time is sixty seconds. 
(Amended) The method for secure authentication by a user according to Claim 1 wherein the [login code is a one-time code (OTC)] secret code is one of a random code, a pseudo-random code or other generated code. 
(Amended) The method for secure authentication by a user according to Claim 6 wherein the [encoded symbol contains a globally/universal random unique identifier (“unique identifier”)] OTC can only be used once. 
(Amended) The method for secure authentication by a user according to Claim 6 [7] wherein the [unique identifier is valid for a given period of time] further includes one of a HMAC one-time password (HOTP) or a time-based one-time password (TOTP). 
The method for secure authentication by a user according to Claim 7 wherein the authentication [system] server is an identity and authentication server (“IAS”). 
The method for secure authentication by a user according to Claim 9 wherein the OTC is utilized by the IAS to authenticate the user. 
11-18 (cancelled)
 19. (New) A method for authenticating a user with an ATM system comprising: uploading into a mobile device of the user a random unique identifier in an encoded symbol displayed by the ATM; the mobile device generating a one-time authentication code (OTC) utilizing a secret code, wherein the secret code is a pseudo-random code, a random code, or generated codes, generated in an authentication server during an initialization phase of the mobile device; generating, in the mobile device, a login code using the OTC and the random unique 
20. (New) The method for secure authentication by a user according to Claim 19 wherein the encoded symbol is a matrix barcode and the mobile device uploads the matrix barcode by reading the matrix barcode when the matric barcode is displayed by the ATM. 
21. (New) The method for secure authentication by a user according to Claim 20 wherein the matrix barcode is a QR code. 
22. (New) The method for secure authentication by a user according to Claim 19 wherein the encoded symbol is valid for a given period of time. 
23. (New) The method for secure authentication by a user according to Claim 19 wherein the secret code is one of a random code, a pseudo-random code or other generated code. 
24. (New) The method for secure authentication by a user according to Claim 23 wherein the OTC can only be used once. 
25. (New) The method for secure authentication by a user according to Claim 23 wherein the further includes one of a HMAC one-time password (HOTP) or a time-based one-time password (TOTP). 
 26. (New) A system to securely authenticate a user comprising: an authentication server; an interactive unit communicating with the authentication system which the user desires to interact with; a mobile device of the user; wherein the interactive unit displays a random unique identifier in an encoded symbol; the mobile device uploads the encoded symbol into the mobile device; the mobile device generates a one-time authentication code (OTC) 
27. (New) The system to securely authenticate a user according to Claim 26 wherein the encoded symbol is a QR code. 
28. (New) The system to securely authenticate a user according to Claim 26 wherein the encoded symbol is valid for a given period of time. 
29. (New) The system to securely authenticate a user according to Claim 26 wherein the secret code is one of a random code, a pseudo-random code or other generated code. 
30. (New) The system to securely authenticate a user according to Claim 26 wherein the OTC can only be used once. 
31. (New) The system to securely authenticate a user according to Claim 30 wherein the further includes one of a HMAC one-time password (HOTP) or a time-based one-time password (TOTP). 
Allowable Subject Matter
Claims 1-10 and 19-31 are allowed.
The following is an examiner’s statement of reasons for allowance: The applicant teaches a system and a method for authenticating users which includes sending a request to an authentication server, generating a random unique identifier in an encoded symbol, uploading  .
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DANIEL ST CYR whose telephone number is (571)272-2407. The examiner can normally be reached M to F 8:00-8:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Michael G Lee can be reached on 571-272-2398. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available 

DANIEL ST CYR
Primary Examiner
Art Unit 2876



/DANIEL ST CYR/Primary Examiner, Art Unit 2876