DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
Applicant’s arguments, see remarks, filed 4/15/2022, with respect to claim objections have been fully considered and are persuasive, see for example page 9 paragraph 2 and amendments filed 4/15/2022.  The claim objections of claims 1, 2, and 8 have been withdrawn. 
Applicant’s arguments, see remarks, filed 4/15/2022, with respect to claims over prior art have been fully considered and are persuasive, see for example page 10 paragraph 1-2 and amendments filed 4/15/2022.  The 35 U.S.C. 103 rejections of claims 1 and 3-20 have been withdrawn. 
Allowable Subject Matter
Claims 1, 3, 5-11, 13-17, and 19-20 are allowed. Claims 2, 4, 10, and 18 have been cancelled. 
The following is an examiner’s statement of reasons for allowance: 
The prior art, Pemmaraju (US 2006/0041755), discloses a system for granting and denying access to a host computer in response to a demand from an access-seeking individual and computer. The access-seeker has a peripheral device operative within an authentication channel to communicate with the security system. The access-seeker initially presents identification and password data over an access channel which is intercepted and transmitted to the security computer. The security computer then communicates with the access-seeker. A biometric analyzer--a voice or fingerprint recognition device--operates upon instructions from the authentication program to analyze the monitored parameter of the individual. In the security computer, a comparator matches the biometric sample with stored data, and, upon obtaining a match, provides authentication. The security computer instructs the host computer to grant access and communicates the same to the access-seeker, whereupon access is initiated over the access channel.
The prior art, Bhatnagar et al (US 2012/0240204), discloses a method comprising a user, a service client, a service server, a portable communications device and an authentication server, wherein the method comprises use of one time passwords and out-of-band outbound communication channels. This system gives access to authentication seekers based on OTP out of band outbound authentication mechanism. The authentication seeker or system user scans a multi-dimensional barcode or another like encoding mechanism and validates the client and triggers the out of band outbound mechanism. The portable mobile device invokes the client server to request authentication. The client server authenticates the user based on a shared secret key and the user is automatically traversed to the next page.
However, the prior art, either alone or in combination does not expressly disclose a processing device to: establish a first communication channel for communicatively coupling the device to a host computing system; and generate a user interface usable by a user associated with the device for transmitting, to the host computing system and via the first communication channel, information required for accessing one or more functions of an interactive computing environment provided by the host computing system, the set of instructions including an embedded application programming interface ("API") within the user interface, wherein the API is executed by the processing device to: establish a second communication channel for communicatively coupling the device, via the API, to an identification-and-authentication system, the second communication channel being out-of-band with respect to the first communication channel; receive sensitive data input to a portion of the user interface and prevent, via the API, the sensitive data that is received in the portion of the user interface from being transmitted to the host computing system via the first communication channel; and Page 2 of I I 20004475V.1Appl. No. 16/772,568Attorney Docket No.: 096923-1198310 Amdt. dated April 15, 2022 Response to Office Action of January 18, 2022transmit a first signal to the identification-and-authentication system via the second communication channel, the first signal having the sensitive data and being usable by the identification-and-authentication system to transmit a second signal to the host computing system verifying that the user is authenticated for accessing the one or more functions of the interactive computing environment, wherein the second signal includes validation data generated by the identification-and-authentication system, the validation data usable by the host computing system to provide access to the one or more functions and avoid receiving the sensitive data.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Avetisov et al (US 20210044976) discloses a process for mobile-initiated authentications to web services. Credential values of the user are established within a trusted execution environment of the mobile device and representations are transmitted to a server. The user of the mobile device may authenticate with the mobile device to the server, which may convey access to a web-based service from a relying device. The server may pass credentials corresponding to the web-service received from the mobile device and verified to permit user access to the web-service to the relying device. The relying device presents credentials to the web-service to login, authenticate, or otherwise obtain user-level permission for the user on the relying device. The user of the mobile device may authenticate with the mobile device to the server, and may initiate the authentication process from the mobile device, without inputting credentials corresponding to the web-service on the relying device.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KENDALL DOLLY whose telephone number is (571)270-1948. The examiner can normally be reached Monday-Thursday 8am-5pm(EST) and Friday 8am-12pm(EST).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on (571)272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/KENDALL DOLLY/Primary Examiner, Art Unit 2436