DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 24 January 2022 has been entered.
 
Response to Arguments
Applicant’s arguments that the prior cited references do not teach “receiving, with a…from a requestor,” “wherein the user…device identifier (ID)" and "performing, with the…unique device ID,” see page 12, filed 24 January 2022, with respect to the rejection(s) of claim(s) 1-22 under 35 U.S.C. 103 have been fully considered and are persuasive in view of the new claim amendments.  Therefore, the rejection has been withdrawn.  However, upon further consideration, a new ground(s) of rejection is made in view of White (US 2004/0010697 A1), Harding (US 2016/0226868 A1), Grisso (US 9,223,998 B1), and Frew et al. (US 2013/0067551 A1).
Grisso (newly cited) discloses a system that determines the identity of a person by using previously-submitted login data or IP address of a device being used to request access to the data to lookup the person’s identity, wherein the person’s identity may be represented by an employee ID number or a social security number (Col. 6, line 61-Col. 7, line 5), wherein the system may be wholly or partially implemented in the form of a set of instructions executed by one or more processors incorporated in a server (Col. 10, line 63-Col. 11, line 3).
Frew (newly cited) discloses a system wherein a payment terminal sends a message/authentication request to an authentication module.  The request includes user credentials such as a user’s name, a username, or an account name, and a mobile device identifier (Para. 22, 23, 29, 47), wherein the mobile device identifier is a unique identifier for the mobile device (Para. 14), wherein the mobile device may initiate vocal-recognition of the user, retinal scanning, and/or fingerprint analysis (Para. 15).  The authentication module uses the information included with the message to retrieve a particular user account, wherein the user account may contain information that authentication module may use to compare against the information included in the message 124 (Para. 33).
Combining the references brings about a system that includes receiving, with a server, an authentication request message for the biometric authentication of a user from a requestor, wherein the user has stored a biometric identifier (ID) with the server, and wherein the authentication request message includes a login identifier (ID) and a unique device identifier (ID) and performing, with the server, an ID lookup to determine the biometric identifier (ID) of the user based on at least one of the login ID or the unique device ID.  Therefore, the aforementioned limitations are taught by the combination of the cited prior art.

Applicant's arguments that the prior cited references do not teach “wherein the user has not enrolled in the biometric authentication of a biometric template of the user with the server,” see page 12, filed 24 January 2022, have been fully considered but they are not persuasive.
White teaches a system wherein the user may provide a requested biometric to a Foreign Authentication Server (FAS), wherein the user’s biometrics are not enrolled at the FAS, and the FAS forwards the user’s biometric to a Home Authentication Server (HAS), wherein the user’s biometrics are enrolled at the HAS.  The user’s biometric enrolled may always be maintained at the HAS and the HAS stores the user’s biometric data that includes a template (Para. 97, 101).
Combining the references brings about a system wherein the user has not enrolled in the biometric authentication of a biometric template of the user with the server.  Therefore, the aforementioned limitation is taught by the combination of the cited prior art.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 10-14 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 10 recites the limitation "the user device ID" in line 19.  There is insufficient antecedent basis for this limitation in the claim.  For examination purposes, the examiner shall equate the “user device ID” to the “unique device identifier (ID)” of line 16.  The examiner recommends amending the claim to state --the unique device ID--, for example.  
Claims 11-14 are additionally rejected for being dependent on at least one rejected base claim.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over White (US 2004/0010697 A1) in view of Harding (US 2016/0226868 A1) in view of Grisso (US 9,223,998 B1) and further in view of Frew et al. (US 2013/0067551 A1).
Regarding claim 1, White teaches a method for biometric authentication using one or more third-party external databases, the method comprising:
receiving…an authentication request message for the biometric authentication of a user from a requestor, i.e. a Partner Application (PA) (Figs. 1, 8, el. 115), e.g. the PA requests the authentication of the user (Para. 129),
wherein the user has not enrolled in biometric authentication of a biometric template of the user with a server, i.e. a Foreign Authentication Server (FAS) (Figs. 1, 8, el. 110), e.g. the FAS is not the Home Authentication Server (HAS) of the user (Para. 55, 58, 132), wherein the user is enrolled at the HAS and the HAS stores the user’s biometric data that includes a template (Para. 97, 101);
sending…a notification to a user device, i.e. a client (Figs. 1, 8, el. 105), the notification requesting a biometric image of the user, e.g. sending an authentication request to the client, wherein the request specifies which biometric authentication data to capture (Para. 129, 130, 156, 158);
receiving, with the server, the biometric image in response to the notification, the biometric image being from the user device, e.g. the user provides a biometric through the client biometric capture device and the biometric is received by the FAS (Para. 130, 131, 140, 147); each biometric capture device may be directly linkable to an authentication server (Para. 115);
sending, with the server, the biometric identifier (ID) of the user and the biometric image to only the one or more third-party external databases, i.e. the Home Authentication Server (HAS) (Figs. 1, 8, el. 110), e.g. sending an identity claim-biometric ID- and the captured biometric-biometric image- to the HAS (Para. 132, 140, 147);
controlling, with the server, only the one or more third-party external databases to identify a biometric template stored in the one or more third-party external databases with the biometric ID and matches the biometric image, e.g. determining, at the HAS, a match against a locally stored biometric-biometric template- which shares the same claim identifier-biometric ID- as that supplied by the user (Para. 133, 134, 140); retrieving the correct enrollment data for the user from the HAS database (Para. 148); the authentication request indicates which algorithm has been used to generate the submitted template (Para. 167); the HAS associates raw biometric data with the user’s IDE and template and is able to quickly find the user’s biometric template (Para. 102, 175);
receiving, with the server, an authentication result that is indicative of a match between the biometric image and the biometric template, e.g. determining, at the HAS, a match against a locally stored biometric which shares the same claim identifier as that supplied by the user (Para. 133, 134, 140); forming a response message-authentication result- and is returned to the FAS where it is checked to ascertain whether the HAS returned a successful match (Para. 140, 141);
sending, with the server, the authentication result to the requestor, e.g. sending the authentication result to the PA (Para. 136, 150, 160),
wherein, at the time the authentication result is sent to the requestor, the user has not enrolled in the biometric authentication with the server, e.g. the FAS is not the HAS of the user (Para. 132),
wherein the requestor is different than the user and the user device, e.g. the PA is separate from the user and the client biometric capture device (Figs, 1, 8, el. 105, 115; Para. 60, 66), and
wherein the requestor authorizes and provides access to a resource based on the authentication result that is indicative of the match between the biometric image and the biometric template, e.g. the PA decides based on the authentication result whether to grant access to the requested resource (Para. 137, 160).
White does not clearly teach receiving, with a server, an authentication request message for the biometric authentication of a user from a requestor, wherein the user has stored a biometric identifier (ID) with the server, and wherein the authentication request message includes a login identifier (ID) and a unique device identifier (ID); performing, with the server, an ID lookup to determine the biometric (ID) of the user based on at least one of the login ID or the unique device (ID); and sending, with the server, a notification to a user device associated with the unique device ID.
Harding teaches receiving, with a server, e.g. an identity provider (Fig. 3, el. 320), an authentication request message for the biometric authentication of a user from a requestor, i.e. a service provider (Fig. 3, el. 306), e.g. receiving an identity verification request-authentication request message- at the identity provider from the service provider (Para. 83); wherein the identity provider may be a server or a single computer (Para. 55),
wherein the user has not enrolled in the biometric authentication of a biometric template with the server, e.g. performing biometric enrollment in order to be able to complete a transaction and make a purchase, for example, after swiping a credit card to purchase an item or service in a store (Para. 64); the service provider requests the enrollment of the user before being able to approve any transaction (Para. 65); denying the user access or services based on the result of the comparison (Para. 83),
sending, with the server, a notification to a user device, i.e. a mobile device (Fig. 3, el. 314), associated with the unique device ID, the notification requesting a biometric image of the user, e.g. sending, by the IMS of the identity provider, a request to the mobile device-user device-, wherein the request is requesting biometric input from the user (Para. 50, 67, 83);
receiving, with the server, the biometric image in response to the notification, the biometric image being from the user device, e.g. receiving a captured biometric image from the mobile device (Para. 52, 63, 83);
sending, with the server, the biometric identifier (ID) of the user and the biometric image to only the one or more…external databases, e.g. sending the user’s name, a username, an email, login name, or a phone number to the biometric engine database based on the biometric type (Para. 43, 66, 83); 
controlling, with the server, only the one or more…external databases to identify a biometric template stored in the one or more…external databases…and matches the biometric image, e.g. associating a biometric template with the user profile and device employed to log in; identifying the template stored for that user at enrollment (Para. 43, 63, 67, 83); determining an authentication response by comparing the biometric image with a biometric template (Para. 63, 67, 83); 
receiving, with the server, an authentication result that is indicative of a match between the biometric image and the biometric template, e.g. determining an authentication response by comparing the biometric image with a biometric template (Para. 63, 67, 83);
sending, with the server, the authentication result to the requestor, wherein the requestor is different than the user and the user device, e.g. sending the results of the matching process to the service provider (Para. 83); and
wherein the requestor authorizes and provides access to a resource based on the authentication result that is indicative of the match between the biometric image and the biometric template, e.g. the service provider grants or denies access or services to the user depending on the result (Para. 83).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify White to include receiving, with a server, an authentication request message for the biometric authentication of a user from a requestor, using the known method of receiving an identity verification request at the identity provider from the service provider and sending, by the IMS of the identity provider, a request to the mobile device, wherein the request is requesting biometric input from the user, and wherein the user’s name, a username, an email, login name, or a phone number may be sent to the biometric engine, as taught by Harding, in combination with the biometric authentication system of White, for the purpose of offloading the processes to the server, thereby freeing memory and processing time/power at the requestor.
White in view of Harding does not clearly teach wherein the user has stored a biometric identifier (ID) with the server, and wherein the authentication request message includes a login identifier (ID) and a unique device identifier (ID); and performing, with the server, an ID lookup to determine the biometric (ID) of the user based on at least one of the login ID or the unique device (ID).
Grisso teaches wherein the user has stored a…identifier (ID) with the server, and performing, with the server, an ID lookup to determine the…(ID) of the user based on at least one of the login ID or the unique device (ID), e.g. using the previously-submitted login data-login ID- or IP address of a device-unique device ID- being used to request access to the data to lookup the person’s identity-identifier (ID)-, wherein the person’s identity may be represented by an employee ID number or a social security number (Col. 6, line 61-Col. 7, line 5), wherein the system may be wholly or partially implemented in the form of a set of instructions executed by one or more processors incorporated in a server (Col. 10, line 63-Col. 11, line 3).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify White in view of Harding to wherein the user has stored a biometric identifier (ID) with the server; and performing, with the server, an ID lookup to determine the biometric (ID) of the user based on at least one of the login ID or the unique device (ID), using the known method of using the previously-submitted login data or IP address of a device being used to request access to the data to lookup the person’s identity, wherein the person’s identity may be represented by an employee ID number or a social security number, as taught by Grisso, in combination with the biometric authentication system of White in view of Harding, for the purpose of enhancing the security of confidential data (Grisso-Col. 2, lines 52-53).
White in view of Harding in view of Grisso does not clearly teach wherein the authentication request message includes a login identifier (ID) and a unique device identifier (ID).
Frew teaches receiving, with a server, i.e. an authentication module (Fig. 1, el. 150), an authentication request message for the biometric authentication of a user from a requestor, i.e. a payment terminal (Fig. 1, el. 106a-d), e.g. sending, by the payment terminal, a message 124 that includes an authentication request to the authentication module (Para. 22, 23, 29, 47),
wherein the user has stored a biometric identifier (ID) with the server, e.g. wherein the user account may contain information that authentication module may use to compare against the information included in the message 124 (Para. 33), wherein the mobile device may initiate vocal-recognition of the user, retinal scanning, and/or fingerprint analysis (Para. 15),
wherein the authentication request message includes a login identifier (ID) and a unique device identifier (ID), e.g. sending, by the payment terminal, a message 124 that includes an authentication request to the authentication module, wherein the request includes user credentials-login ID- such as a user’s name, a username, or an account name, and a mobile device identifier-unique device identifier- (Para. 22, 23, 29, 47), wherein the mobile device identifier is a unique identifier for the mobile device (Para. 14), wherein the mobile device may initiate vocal-recognition of the user, retinal scanning, and/or fingerprint analysis (Para. 15); and 
performing, with the server, an ID lookup to determine the biometric (ID) of the user based on at least one of the login ID or the unique device (ID), e.g. using the information included with the message 124 to retrieve a particular user account, wherein the user account may contain information that authentication module may use to compare against the information included in the message 124 (Para. 33), wherein the mobile device may initiate vocal-recognition of the user, retinal scanning, and/or fingerprint analysis (Para. 15).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify White in view of Harding in view of Grisso to include wherein the user has stored a biometric identifier (ID) with the server, and wherein the authentication request message includes a login identifier (ID) and a unique device identifier (ID); and performing, with the server, an ID lookup to determine the biometric (ID) of the user based on at least one of the login ID or the unique device (ID), using the known method of sending, by the payment terminal, a message 124 that includes an authentication request to the authentication module, wherein the request includes user credentials such as a user’s name, a username, or an account name, and a mobile device identifier, wherein the mobile device identifier is a unique identifier for the mobile device, wherein the mobile device may initiate vocal-recognition of the user, retinal scanning, and/or fingerprint analysis, and using the information included with the message 124 to retrieve a particular user account, wherein the user account may contain information that authentication module may use to compare against the information included in the message 124, as taught by Frew, in combination with the biometric authentication system of White in view of Harding in view of Grisso, for the purpose of reducing or eliminating disadvantages and problems associated with previous authentication systems by using a multilevel authentication system, (Frew-Para. 2, 3), to allow the user to conduct more secure transactions with a mobile device.

Regarding claim 2, White in view of Harding in view of Grisso in view of Frew teaches wherein receiving the authentication result that is indicative of the match between the biometric image and the biometric template further includes sending only the biometric image to the one or more third-party external databases in association with the biometric ID, e.g. sending an identity claim and the captured biometric to the HAS (White-Para. 132, 140, 147); the HAS associates raw biometric data with the user’s IDE and template and is able to quickly find the user’s biometric template (White-Para. 102, 175); associating a biometric template with the user profile and device employed to log in; 
Also note Harding discloses identifying the template stored for that user at enrollment (Harding-Para. 43, 63, 66, 67, 83); and 
receiving the authentication result from only the one or more third-party external databases, e.g. the HAS returns the authentication result data set to the FAS (White-Para. 134, 135, 140, 156); 
Also note Harding discloses associating a biometric template with the user profile and device employed to log in; identifying the template stored for that user at enrollment; determining an authentication response by comparing the biometric image with a biometric template (Harding-Para. 43, 63, 66, 67, 83).

Regarding claim 3, White in view of Harding in view of Grisso in view of Frew teaches wherein receiving the authentication result that is indicative of the match between the biometric image and the biometric template further includes receiving the biometric template from only the one or more third-party external databases, e.g. receiving, by the FAS from the HAS, user enrollment data that includes the biometric component (White-Para. 148, 149); the HAS associates raw biometric data with the user’s IDE and template and is able to quickly find the user’s biometric template (White-Para. 102, 175); and 
comparing, with the server, the biometric image to the biometric template to determine the authentication result, e.g. comparing, at the FAS, the returned copy of the biometric and the biometric captured by the biometric capture device (White-Para. 145, 150); 
Also note Harding discloses determining an authentication response by comparing the biometric image with a biometric template (Harding-Para. 63, 67, 83).

Regarding claim 4, White in view of Harding in view of Grisso in view of Frew teaches all elements of claim 1.
White does not clearly teach further comprising converting the biometric image into a format suitable for matching to the biometric template after receiving the biometric image associated with the user and prior to the step of determining the authentication result.
Harding teaches further comprising converting the biometric image into a format suitable for matching to the biometric template after receiving the biometric image associated with the user and prior to the step of determining the authentication result, e.g. converting the biometric probe into a biometric template for comparison with the stored biometric template (Harding-Para. 63).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify White to include converting the biometric image into a format suitable for matching to the biometric template after receiving the biometric image associated with the user and prior to the step of determining the authentication result, using the known method of converting the biometric probe into a biometric template for comparison with the stored biometric template, as taught by Harding, in combination with the biometric authentication system of White, for the purpose of providing for more accurate template to image comparison results.

Regarding claim 5, White in view of Harding in view of Grisso in view of Frew teaches further comprising selecting one of the one or more third-party external databases based upon a type of biometric templates stored in the one or more third-party external databases, the type of biometric templates being one selected from a group consisting of:  fingerprint biometric templates, facial biometric templates, iris biometric templates, and retina biometric templates, e.g. the user may enroll more than one biometric type at an HAS and/or may enroll one or more biometric types at different HAS servers, such as fingers and iris data, (White-Para. 102, 108, 128); routing the requests to the appropriate HAS (White-Para. 162, 164, 165); 
Also note Harding discloses routing the requests based on the biometric type (Harding-Para. 42, 43).

Regarding claim 6, White in view of Harding in view of Grisso in view of Frew teaches wherein the biometric image further includes a fingerprint image, e.g. a fingerprint (White-Para. 64, 108, 128); 
Also note Harding discloses a fingerprint (Harding-Para. 27, 63).

Regarding claim 7, White in view of Harding in view of Grisso in view of Frew teaches wherein the biometric image further includes a facial image, e.g. a face (White-Para. 128); 
Also note Harding discloses a face (Harding-Para. 27, 63).

Regarding claim 8, White in view of Harding in view of Grisso in view of Frew teaches wherein the biometric ID further includes an identifying label selected from a group consisting of:  a social security number, a driving license number, a tax ID, and a passport number, e.g. the identity data element may comprise a social security number or passport identification (White-Para. 62, 105);
Also note Grisso discloses the person’s identity may be represented by a social security number (Grisso-Col. 7, lines 1-5).

Regarding claim 9, White in view of Harding in view of Grisso in view of Frew teaches wherein the notification further includes a request for a specific type of the biometric image, e.g. informing the user of the type of biometric sample that is required for the service (White-Para. 156); requesting the user to submit two or more biometric samples, either of the same biometric type or of different biometric types (White-Para. 158, 162, 164); 
Also note Harding discloses determining what biometric modalities are supported by the client and sending the request based on the determination; requiring more than one biometric modality for authentication (Harding-Para. 50, 51, 83).

Regarding claim 10, White teaches a biometric authentication server for biometric authentication, i.e. a Foreign Authentication Server (FAS) (Figs. 1, 8, el. 110; Para. 58), using one or more third-party external databases, i.e. a Home Authentication Server (HAS) (Figs. 1, 8, el. 110; Para. 55), the biometric authentication server comprising: 
a user device interface configured to communicate with a user device, e.g. the user provides a biometric through the client biometric capture device and the biometric is received by the FAS (Para. 130, 131, 140, 147); each biometric capture device may be directly linkable to an authentication server (Para. 115); 
a database interface configured to communicate with only the one or more third-party external databases, e.g. authentication servers may communicate with one another over a network (Para. 117-120); 
an electronic processor, Note: an authentication server inherently has an electronic processor (Figs. 1, 8, el. 110); and 
a memory communicatively coupled to the electronic processor and storing machine readable instructions that, when executed by the electronic processor, Note: an authentication server inherently has memory for executing instructions (Figs. 1, 8, el. 110), perform a set of operations including 
receiving…an authentication request message for the biometric authentication of a user from a requestor, i.e. a Partner Application (PA) (Figs. 1, 8, el. 115), e.g. the PA requests the authentication of the user (Para. 129),
wherein the user has not enrolled in biometric authentication of a biometric template of the user with a server, i.e. a Foreign Authentication Server (FAS) (Figs. 1, 8, el. 110), e.g. the FAS is not the Home Authentication Server (HAS) of the user (Para. 55, 58, 132), wherein the user is enrolled at the HAS and the HAS stores the user’s biometric data that includes a template (Para. 97, 101);
sending…a notification to a user device, i.e. a client (Figs. 1, 8, el. 105), the notification requesting a biometric image of the user, e.g. sending an authentication request to the client, wherein the request specifies which biometric authentication data to capture (Para. 129, 130, 156, 158);
receiving, with the server, the biometric image in response to the notification, the biometric image being from the user device, e.g. the user provides a biometric through the client biometric capture device and the biometric is received by the FAS (Para. 130, 131, 140, 147); each biometric capture device may be directly linkable to an authentication server (Para. 115);
sending, with the server, the biometric identifier (ID) of the user and the biometric image to only the one or more third-party external databases, i.e. the Home Authentication Server (HAS) (Figs. 1, 8, el. 110), e.g. sending an identity claim-biometric ID- and the captured biometric-biometric image- to the HAS (Para. 132, 140, 147);
controlling, with the server, only the one or more third-party external databases to identify a biometric template stored in the one or more third-party external databases with the biometric ID and matches the biometric image, e.g. determining, at the HAS, a match against a locally stored biometric-biometric template- which shares the same claim identifier-biometric ID- as that supplied by the user (Para. 133, 134, 140); retrieving the correct enrollment data for the user from the HAS database (Para. 148); the authentication request indicates which algorithm has been used to generate the submitted template (Para. 167); the HAS associates raw biometric data with the user’s IDE and template and is able to quickly find the user’s biometric template (Para. 102, 175);
receiving, with the server, an authentication result that is indicative of a match between the biometric image and the biometric template, e.g. determining, at the HAS, a match against a locally stored biometric which shares the same claim identifier as that supplied by the user (Para. 133, 134, 140); forming a response message-authentication result- and is returned to the FAS where it is checked to ascertain whether the HAS returned a successful match (Para. 140, 141);
sending, with the server, the authentication result to the requestor, e.g. sending the authentication result to the PA (Para. 136, 150, 160),
wherein, at the time the authentication result is sent to the requestor, the user has not enrolled in the biometric authentication with the server, e.g. the FAS is not the HAS of the user (Para. 132),
wherein the requestor is different than the user and the user device, e.g. the PA is separate from the user and the client biometric capture device (Figs, 1, 8, el. 105, 115; Para. 60, 66), and
wherein the requestor authorizes and provides access to a resource based on the authentication result that is indicative of the match between the biometric image and the biometric template, e.g. the PA decides based on the authentication result whether to grant access to the requested resource (Para. 137, 160).
White does not clearly teach the biometric authentication server receiving an authentication request message for the biometric authentication of a user from a requestor, wherein the user has stored a biometric identifier (ID) with the server, and wherein the authentication request message includes a login identifier (ID) and a unique device identifier (ID); performing, with the server, an ID lookup to determine the biometric (ID) of the user based on at least one of the login ID or the unique device (ID); and sending a notification to a user device associated with the unique device ID.
Harding teaches a biometric authentication server, e.g. an identity provider (Fig. 3, el. 320), for biometric authentication using one or more external databases, the biometric authentication server comprising:
a user device interface configured to communicate with a user device, i.e. a mobile device (Fig. 3, el. 314); i.e. an interface for communicating with other devices (Fig. 4, el. 406; Para. 69);
a database interface configured to communicate with the one or more external databases, i.e. an interface for communicating with the biometric engine databases (Fig. 4, el. 406; Para. 69);
an electronic processor, i.e. a CPU (Fig. 4, el. 412); and
a memory, i.e. a memory (Fig. 4, el. 408), communicatively coupled to the electronic processor and storing machine readable instructions that, when executed by the electronic processor, perform a set of operations including
receiving, e.g. an identity provider (Fig. 3, el. 320), an authentication request message for the biometric authentication of a user from a requestor, i.e. a service provider (Fig. 3, el. 306), e.g. receiving an identity verification request-authentication request message- at the identity provider from the service provider (Para. 83); wherein the identity provider may be a server or a single computer (Para. 55),
wherein the user has not enrolled in the biometric authentication of a biometric template with the server, e.g. performing biometric enrollment in order to be able to complete a transaction and make a purchase, for example, after swiping a credit card to purchase an item or service in a store (Para. 64); the service provider requests the enrollment of the user before being able to approve any transaction (Para. 65); denying the user access or services based on the result of the comparison (Para. 83),
sending a notification to the user device, i.e. a mobile device (Fig. 3, el. 314), associated with the user device ID, the notification requesting a biometric image of the user, e.g. sending, by the IMS of the identity provider, a request to the mobile device-user device-, wherein the request is requesting biometric input from the user (Para. 50, 67, 83);
receiving the biometric image in response to the notification, the biometric image being from the user device, e.g. receiving a captured biometric image from the mobile device (Para. 52, 63, 83);
sending the biometric identifier (ID) of the user and the biometric image to only the one or more…external databases, e.g. sending the user’s name, a username, an email, login name, or a phone number to the biometric engine database based on the biometric type (Para. 43, 66, 83); 
controlling only the one or more…external databases to identify a biometric template stored in the one or more…external databases…and matches the biometric image, e.g. associating a biometric template with the user profile and device employed to log in; identifying the template stored for that user at enrollment (Para. 43, 63, 67, 83); determining an authentication response by comparing the biometric image with a biometric template (Para. 63, 67, 83); 
receiving an authentication result that is indicative of a match between the biometric image and the biometric template, e.g. determining an authentication response by comparing the biometric image with a biometric template (Para. 63, 67, 83);
sending the authentication result to the requestor, wherein the requestor is different than the user and the user device, e.g. sending the results of the matching process to the service provider (Para. 83); and
wherein the requestor authorizes and provides access to a resource based on the authentication result that is indicative of the match between the biometric image and the biometric template, e.g. the service provider grants or denies access or services to the user depending on the result (Para. 83).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify White to include receiving an authentication request message for the biometric authentication of a user from a requestor, using the known method of receiving an identity verification request at the identity provider from the service provider and sending, by the IMS of the identity provider, a request to the mobile device, wherein the request is requesting biometric input from the user, and wherein the user’s name, a username, an email, login name, or a phone number may be sent to the biometric engine, as taught by Harding, in combination with the biometric authentication system of White, for the purpose of offloading the processes to the server, thereby freeing memory and processing time/power at the requestor.
White in view of Harding does not clearly teach wherein the user has stored a biometric identifier (ID) with the server, and wherein the authentication request message includes a login identifier (ID) and a unique device identifier (ID); and performing an ID lookup to determine the biometric (ID) of the user based on at least one of the login ID or the unique device (ID).
Grisso teaches wherein the user has stored a…identifier (ID) with the server, and performing, with the server, an ID lookup to determine the…(ID) of the user based on at least one of the login ID or the unique device (ID), e.g. using the previously-submitted login data-login ID- or IP address of a device-unique device ID- being used to request access to the data to lookup the person’s identity-identifier (ID)-, wherein the person’s identity may be represented by an employee ID number or a social security number (Col. 6, line 61-Col. 7, line 5), wherein the system may be wholly or partially implemented in the form of a set of instructions executed by one or more processors incorporated in a server (Col. 10, line 63-Col. 11, line 3).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify White in view of Harding to wherein the user has stored a biometric identifier (ID) with the server; and performing, with the server, an ID lookup to determine the biometric (ID) of the user based on at least one of the login ID or the unique device (ID), using the known method of using the previously-submitted login data or IP address of a device being used to request access to the data to lookup the person’s identity, wherein the person’s identity may be represented by an employee ID number or a social security number, as taught by Grisso, in combination with the biometric authentication system of White in view of Harding, for the purpose of enhancing the security of confidential data (Grisso-Col. 2, lines 52-53).
White in view of Harding in view of Grisso does not clearly teach wherein the authentication request message includes a login identifier (ID) and a unique device identifier (ID).
Frew teaches receiving, with a server, i.e. an authentication module (Fig. 1, el. 150), an authentication request message for the biometric authentication of a user from a requestor, i.e. a payment terminal (Fig. 1, el. 106a-d), e.g. sending, by the payment terminal, a message 124 that includes an authentication request to the authentication module (Para. 22, 23, 29, 47),
wherein the user has stored a biometric identifier (ID) with the server, e.g. wherein the user account may contain information that authentication module may use to compare against the information included in the message 124 (Para. 33),
wherein the authentication request message includes a login identifier (ID) and a unique device identifier (ID), e.g. sending, by the payment terminal, a message 124 that includes an authentication request to the authentication module, wherein the request includes user credentials-login ID- such as a user’s name, a username, or an account name, and a mobile device identifier-unique device identifier- (Para. 22, 23, 29, 47), wherein the mobile device identifier is a unique identifier for the mobile device (Para. 14), wherein the mobile device may initiate vocal-recognition of the user, retinal scanning, and/or fingerprint analysis (Para. 15); and 
performing, with the server, an ID lookup to determine the biometric (ID) of the user based on at least one of the login ID or the unique device (ID), e.g. using the information included with the message 124 to retrieve a particular user account, wherein the user account may contain information that authentication module may use to compare against the information included in the message 124 (Para. 33).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify White in view of Harding in view of Grisso to include wherein the user has stored a biometric identifier (ID) with the server, and wherein the authentication request message includes a login identifier (ID) and a unique device identifier (ID); and performing, with the server, an ID lookup to determine the biometric (ID) of the user based on at least one of the login ID or the unique device (ID), using the known method of sending, by the payment terminal, a message 124 that includes an authentication request to the authentication module, wherein the request includes user credentials such as a user’s name, a username, or an account name, and a mobile device identifier, wherein the mobile device identifier is a unique identifier for the mobile device, wherein the mobile device may initiate vocal-recognition of the user, retinal scanning, and/or fingerprint analysis, and using the information included with the message 124 to retrieve a particular user account, wherein the user account may contain information that authentication module may use to compare against the information included in the message 124, as taught by Frew, in combination with the biometric authentication system of White in view of Harding in view of Grisso, for the purpose of reducing or eliminating disadvantages and problems associated with previous authentication systems by using a multilevel authentication system, (Frew-Para. 2, 3), to allow the user to conduct more secure transactions with a mobile device.

Regarding claim 11, the claim is analyzed with respect to claim 4.

Regarding claim 12, the claim is analyzed with respect to claim 2.
 
Regarding claim 13, the claim is analyzed with respect to claim 3.

Regarding claim 14, the claim is analyzed with respect to claim 4.

Regarding claim 15, the claim is analyzed with respect to claims 1 and 10.

Regarding claim 16, the claim is analyzed with respect to claim 8.

Regarding claim 17, the claim is analyzed with respect to claim 5.

Regarding claim 18, the claim is analyzed with respect to claim 2.

Regarding claim 19, the claim is analyzed with respect to claim 3.

Regarding claim 20, the claim is analyzed with respect to claim 4.

Allowable Subject Matter
Claims 21 and 22 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

The following is a statement of reasons for the indication of allowable subject matter:  
The prior art of record fails to disclose the combination of features as claimed and arranged by applicant when read in light of the specification.  In this case, the allowance is based on the combination of the limitations in each independent claim and not on any single limitation.
The cited references—White (US 2004/0010697 A1), Harding (US 2016/0226868 A1), Grisso (US 9,223,998 B1), and Frew et al. (US 2013/0067551 A1)—do not singly or in an obvious combination teach “wherein the notification is configured to cause the user device to execute an authentication application, and request a capture of the biometric image of the user with the authentication application” and “wherein the authentication application is part of a resource application that is associated with the resource” in combination with the remaining limitations of each respective independent claim.
Furthermore, The relevant prior art not cited also do not singly or in an obvious combination teach the aforementioned limitations in combination with the remaining limitations of each respective independent claim.

Relevant Prior Art
The following prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Aabye et al. (US 2017/0255932 A1)—Aabye discloses an authentication request message may include the consumer’s communication device data such as the device identifier, and user data, such as the user name, user address data, user email address (Para. 42).

Sadacharam et al. (US 2016/0239655 A1)—Sadacharam discloses an authentication program of a banking institution looks up the user and their associated information to retrieve information including biometrics, wherein the lookup could be based on the login information (Para. 30).

Buscemi (US 2016/0381013 A1)—Buscemi discloses including the user’s username and biometric data in stored biometric information (Para. 74).

Metke et al. (US 2017/0300678 A1)—Metke discloses including the user’s login username and biometric data in a request and using the username to retrieve a stored biometric template (Para. 47).

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JEREMY DUFFIELD whose telephone number is (571)270-1643. The examiner can normally be reached Monday - Friday, 7:00 AM - 3:00 PM (ET).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on (571) 272-8878. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




18 May 2022
/Jeremy S Duffield/     Primary Examiner, Art Unit 2498