Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The Amendment filed 6/07/2022 has been entered.  After the previous amendment filed on 12/15/2021 claims 1, 3-11, and 13-20 were pending.  In the present amendment filed 6/07/2022, claims 9 and 19 have been cancelled. Claims 1, 3-8, 10-11, 13-18, and 20 remain pending in the application.  

Previous Claim Objections
	The applicant’s response / amendment filed on 06/07/2022 appropriately corrected the claim objections to claims 1 and 11, by removing numbering in the claims. 
The previous objections have been withdrawn.

Response to Applicant’s Amendments / Arguments Regarding 35 U.S.C. § 103
	The applicant, on pages 9-11 of the response filed on 6/07/2022, included the following arguments regarding the rejections under 35 U.S.C. § 103, which are included below single spaced with the applicant’s and examiner’s emphasis in bold and the applicant’s amendments to the claims being underlined, while the examiner’s comments are included below double spaced.
Applicant respectfully submits that Machani, Lambert and Bhatt, taken either alone or in any reasonable combination fail to teach or suggest the following features of Applicant's amended claim 1: 
during an enrollment process: 
initiating, by an authentication application on a mobile device, the enrollment process for enrolling a user in an authentication program;Page 9 of 12 Appl. No. 16/635,909 
Reply to Office Action of March 08, 2022capturing a biometric enrollment sample of the user using the mobile device; 
generating, by the authentication application, a biometric enrollment template using the biometric enrollment sample of the user; 
storing the biometric enrollment template locally or at an authentication gateway computer; 
during an authentication process initiated by a resource provider application on the mobile device: 
obtaining, by the resource provider application on the mobile device, a biometric authentication sample captured by the mobile device; 
generating, by the resource provider application, a biometric authentication template of a user from the biometric authentication sample; 
obtaining, by the resource provider application, biometric matching information related to the biometric authentication template, wherein the biometric matching information comprises the biometric enrollment template; 
authenticating, by the resource provider application, the user of the mobile device based on the biometric authentication template, the biometric matching information, and a cryptographic comparison protocol, the cryptographic comparison protocol including one or more of: secure multi-party computation, homomorphic encryption, or a fuzzy extractor, the fuzzy extractor being configured to generate two cryptographic keys from the biometric authentication template and the biometric enrollment template, and use the two cryptographic keys to authenticate the user, 
wherein the cryptographic comparison protocol is configured to compare the biometric authentication template to the biometric enrollment template without retrieving the biometric enrollment sample of the user 

In the present application, the user device includes an authentication application (see credential holder application 304, 404 in FIGs. 3 and 4, respectively) for capturing and storing (locally or at a remote server) user's biometric enrollment sample. 
The user device also includes a resource provider application (see credential holder application 308, 408 in FIGs. 3 and 4, respectively) for interacting with the resource provider. During the interaction with the resource provider, the resource provider may requirePage 10 of 12 authentication of the user. The resource provider application initiates the authentication process and obtains a biometric authentication sample of the user. 
Applicant amends claim 1 to recite an enrollment process and an authentication process. During the enrollment process, the authentication application captures the biometric enrollment sample of the user which will then be used as a "control sample". Amended claim 1 further recites an authentication process during which the resource provider application captures the biometric authentication sample of the user, which will then be compared to the to the biometric enrollment sample. 
Contrary to the art of record, in the claimed embodiments, the biometric authentication sample is captured by the resource provider application, as opposed to the authentication application. 
Primary reference Machani discusses sharing the user authentication by a first user device with a second user device. Machani is entirely silent about a user device having an authentication app and a resource app, where the authentication app captures the biometric enrollment sample, and the resource app captures the user's biometric authentication sample. 

	The examiner disagrees with the applicant’s characterization of Machani, because Machani does teach a user device using two different logics / apps (e.g., “authentication application” and a “resource provider application”). Machani in fig. 1 teaches a template splitting an reconstruction logic 130, 150, and 170 and feature extractor logic 131, 151, and 171 (“authentication application”), and also teaches a matcher logic 128, 148, and 168 (“resource provider application”).
Bhatt teaches a user device having a resource app 112 and an authentication app 116 (FIG. 1). However, at ¶[0014], Bhatt clearly teaches that the resource 130 invokes a user authenticator to authenticate the user before fulfilling a user request. During the authentication, the authenticator app 116 is activated and captures a biometric sample of the user. See ¶[0017]. 

	The examiner notes that the applicant is arguing that the resource 130 or resource app 112 (“resource provider application”) of Bhatt does not perform the authentication, instead, the authentication app 116 of Bhatt performs the authentication.
In light of the foregoing, Applicant respectfully submits that Machani, Lambert and Bhatt, taken either alone or in any reasonable combination, fail to teach or suggest each and every element of Applicant's amended claims 1 and 11. Dependent claims are allowable for at least the same reasons as the independent claim upon which they depend. Accordingly, Applicant respectfully requests the Examiner to reconsider and withdraw the § 103 rejection of all pending claims. 


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1 and 11 are rejected under 35 U.S.C. 103 as being unpatentable over US 9,935,947 to Machani (hereinafter “Machani”), in view of WO 2017075063  to Nelsen et al. (hereinafter Nelsen), and US 2018/0167387 to Bhatt et al. (hereinafter “Bhatt”).

Independent claim 1 has been amended to include some of the features of claim 8 and the features of claim 9, which has been cancelled.
Regarding claim 1, Machani teaches,
A computer-implemented method comprising: 
	during an enrollment process: (emphasis added)
Machani teaches using feature extractor logic 131 to extract a subsequent biometric sample, where the subsequent biometric sample is used for authentication and the initial biometric sample is used for the (initial) enrollment. 
Machani, in (Col. 7, lines 6-10 16) states, “The Feature Extractor Logic 131 extracts biometric information from the initial sample (enrollment sample) to generate a biometric template that identifies the user.”
See below citation to Machani (Col. 9. Lines 32-39) for description of subsequent biometric sample, used for authentication / verification.
initiating, by an authentication application on a mobile device, the enrollment process for enrolling a user in an authentication program; (emphasis added)
Machani in fig. 1 teaches a template splitting an reconstruction logic 130, 150, and 170 and template share 132, 152, and 172 (“authentication application”), and also teaches a matcher logic 128, 148, and 168 (“resource provider application” as recited below).
capturing a biometric enrollment sample of the user using the mobile device; 
generating, by the authentication application, a biometric enrollment template using the biometric enrollment sample of the user; 
Machani describes an enrollment process. Machani in (Col. 1, lines 21-29, (2)) states, “The initial biometric sample or samples used to create an individual's biometric template may be captured the first time an individual uses the biometric system, and used as inputs to a process referred to as “enrollment” that generates an “enrolled template” for the individual. In subsequent, non-enrollment uses, the biometric system compares biometric information from one or more subsequently collected samples with biometric information stored in one or more of the enrolled templates.”
storing the biometric enrollment template locally or at an authentication gateway computer; 
Machani, figure 1, template share 132 stores at least part of a biometric template internal to the user device, and remote server 100 has a template share 112 that may also store a biometric template, to store the initial (enrollment) biometric template.
Machani teaches the following, with the exception of the underlined features,
during an authentication process initiated by a resource provider application on the mobile device: (emphasis added)
Machani in fig. 1 teaches a template splitting an reconstruction logic 130, 150, and 170 and feature extractor logic 131, 151, and 171 (“authentication application” as recited above), and also teaches a matcher logic 128, 148, and 168 (“resource provider application”), where the feature extractor logic 131 passes 
Bhatt teaches the above underlined features,
Machani’s matcher logic 128 does explicitly teaches providing resources.  However, Bhatt teaches resource app 112 (“resource provider application” of claim 1).  The resource app 112 is describe in Bhatt in [0014] which states, “In another example, user 120 uses user device 102 to select an item or service for procurement from web interface 132 of resource 130. Web interface 132 is for example a website and user 120 uses a resource app 112 running on user device 102 to select items to procure.”  Bhatt’s resource app 112 provides Machani’s matching logic, which performs authentication with the additional capability of providing resources such as connections to a merchant or merchant website.
Bhatt also teaches a resource app 412 of fig. 4, which invokes an authentication app 416 to perform authentication. (Bhatt, [0045]) Although, Bhatt does not appear to teach the resource app receiving a biometric template from the authentication app 416, where the resource app then used the received biometric template to perform the authentication.
obtaining, by the resource provider application on the mobile device (user device 120), a biometric authentication sample captured by the mobile device; 
Machani in (Col. 6, line 64 to Col. 7, line 2 (15)) states, “After the user is enrolled through one of the user devices, the biometric system 50 may thereafter operate to verify the user's identity based on biometric samples that are subsequently captured by any one of the user devices and a reconstructed original biometric template, as further described below.” (emphasis added) It is noted that the “subsequent” biometric samples of Machani are used for authentication, while the “initial” biometric sample of Machani is used for enrollment.
generating, by the resource provider application, a biometric authentication template of a user from the biometric authentication sample; 
Machani describes using feature extractor logic 131 to extract a subsequent biometric sample, where the subsequent biometric sample is used for authentication and the initial biometric sample is used for the (initial) enrollment. Machani (Col. 9. Lines 32-39 (26)) states, “For example, in order to compare the biometric data in the subsequently collected biometric sample or samples with the reconstructed original biometric template, the biometric data from the subsequently collected biometric sample or samples may be processed by Feature Extractor Logic 131 in order to extract the appropriate biometric information for comparison with the reconstructed original biometric.” (emphasis added) Earlier in Machani, in (Col. 7, lines 6-10 (16)) it states, “The Feature Extractor Logic 131 extracts biometric information from the initial sample (enrollment sample) to generate a biometric template that identifies the user.” 
Thus, the feature extractor 131, when extracting the subsequent biometric sample (i.e., authentication sample) used for authentication, also extracts a biometric template (“biometric authentication template”) from the biometric sample taken at the time of authentication, much like the feature extractor 131 extracts a biometric template from the sample at the time of enrollment.
obtaining, by the resource provider application, biometric matching information related to the biometric authentication template, wherein the biometric matching information comprises the biometric enrollment template; 
The Examiner interprets the “biometric matching information” as corresponding to the initial biometric template of Machani, which is used in the enrollment process, (“previously-obtained biometric enrollment template”) and the identification information of the user / user’s devices. Machani in (Col. 7, lines 3-10 (16)) states, “For example, during an enrollment process performed through User Device 1 120, at least one initial biometric sample for the user may be captured using the Biometric Sensor 125 of User Device 1 120. The Feature Extractor Logic 131 extracts biometric information from the initial sample to generate a biometric template that identifies the user, and that describes at least one distinct physiological or behavioral biometric characteristic of the user.” (emphasis added)
This biometric template from the initial biometric sample, used for enrollment, is then stored in template share 132. Machani in (Col. 8, lines 11-15 (20)) states, “In the example in which the user enrolls with Biometric System 50 through User Device 1 120, one of the template shares may be stored as a local share in User Device 1 120, shown in FIG. 1 by Template Share 132.” 
Machani teaches the following features, with the exception of the underlined features,
authenticating, by the resource provider application, the user of the mobile device based on the biometric authentication template, the biometric matching information, and a cryptographic comparison protocol, the cryptographic comparison protocol including one or more of: secure multi-party computation, homomorphic encryption, or a fuzzy extractor, the fuzzy extractor being configured to:
generate two cryptographic keys from the biometric authentication template and the biometric enrollment template and 
use the two cryptographic keys to authenticate the user; and (emphasis added)
Machani teaches in (Col. 9, lines 39-51 (26-27)) a matcher logic 128 that performs a comparison between the initial biometric template and the subsequent biometric sample that has been processed by the feature extractor logic 131 (i.e., biometric matching information) which is extracted to create a biometric template, as described above.) Machani in (Col. 9, lines 39-51 (26-27)) states, “… The biometric information extracted by Feature Extractor Logic 131 from the subsequently collected biometric sample or samples is then passed to Matcher Logic 128 for comparison with the reconstructed biometric template. If Matcher Logic 128 determines that there is a match between the reconstructed biometric template and the biometric information extracted by Feature Extractor Logic 131 from the subsequently captured biometric sample(s), then Matcher Logic 128 outputs a result indicating that the identity of the user that provided the subsequently collected biometric samples is verified as being the same as the user associated with the original biometric template.” (emphasis added)
Mechani teaches the use of fuzzy matching / comparisons (“cryptographic comparison protocol, the cryptographic comparison protocol including one or more of: … fuzzy extractor”) of biometric templates. (Machani, Col. 1, lines 47-52) Machani further teaches that one or more keys are used to encrypt the biometric templates in order to protect the templates. (Machani, Col. 1, lines 65-67) Also, Machani teaches that the biometric templates may be split, so that a number of key shares may be combined to reconstruct the biometric template. (Machani, Col. 3, lines 22-25)
Please see [0045-46] of the applicant’s printed publication for a description of the fuzzy extractor’s use, as recited above.
However, Nelsen teaches the above emphasized features, 
Nelsen teaches the concept of fuzzy extractors at a high level, by stating, “a fuzzy extractor may correspond to a mechanism used to generate cryptographic keys from biometric templates in a way that if the mechanism generates a particular cryptographic key from a first biometric template, the mechanism will generate an identical cryptographic key from a second biometric template so long as the second biometric template matches (i.e., is not necessarily identical to, but close enough to) the first biometric template.” (Nelsen [0098])  
Machani and Bhatt both teach the following,
wherein the cryptographic comparison protocol is configured to compare the biometric authentication template to the biometric enrollment template without retrieving the biometric enrollment sample of the user;
Machani teaches performing a match between the reconstructed biometric (enrollment) template and that does not require retrieving a raw biometric sample used during enrollment. (Machani, Abstract, last sentence)   
Bhatt also teaches that an externally provided (enrollment) biometric template is matched to a biometric, and does not require that the raw biometric sample of the biometric template be used in the comparison. (Bhatt, Abstract)
Machani teaches the following,
executing, by the resource provider application, at least one operation in response to the user being authenticated.
Machani in (Col. 9. Lines 62-67 (27)) states, “the access to the resource is only granted when the result output from Matcher 128 indicates that the identity of the user providing the subsequently collected biometric sample(s) has been verified as being the same as the identity of the user associated with the original biometric template.” (emphasis added)
Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to combine the teachings of Machani, which teaches logics (i.e., applications) that interact with a matcher logic, where one of the applications provides biometric enrollment templates to the matcher logic and the use of fuzzy logic,  with Nelsen, which teaches the use of fuzzy extractors to perform comparisons / matches between two keys, where the two keys are generated based on a an enrollment biometric template and an authentication biometric template. 
One of ordinary skill in the art would have been motivated to perform such an addition to provide Machani, which teaches fuzzy logic, with the capability of performing matching using keys generated from biometric templates.
Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to combine the teachings of Machani, which teaches logics (i.e., applications) that interact with a matcher logic, where one of the applications provides biometric enrollment templates to the matcher logic (application), with Bhatt, which teaches an authentication app that stores biometric authentication templates and a resource application that interacts with the authentication in order to perform authentication.
One of ordinary skill in the art would have been motivated to perform such an addition to provide Machani’s matching logic, which performs authentication with the additional capability of providing resources such as connections to a merchant or merchant website.

Regarding claim 3, Machani teaches, 
The computer-implemented method of claim 1, wherein the biometric matching information comprises the biometric enrollment template, … 
The Examiner interprets the “biometric enrollment template” of claim 3 as corresponding to the initial biometric template of Machani that is used in the enrollment, as described above in the rejection of claim 1. The “biometric matching information” corresponds to the initial biometric template and the identification information of the user, as discussed above.  Further, Bhatt in [0018] describes a unique device ID that identifies a user device which may also correspond to an identifier associated with biometric information.
… the biometric enrollment template being obtained from at least one of: 
Machani fails to specifically teach a “resource provider application” on a mobile device that is separate from “authentication application” on the same mobile device.  Thus, Machani fails to teach,
the authentication application on the mobile device or from the authentication gateway computer.	However, Bhatt teaches the above features,
Bhatt teaches an authentication app 116 (“authentication application of a mobile device” of claim 3), and Bhatt also teaches resource app 112 (“resource provider application” of claim 1).  The resource app 112 is describe in Bhatt in [0014] which states, “In another example, user 120 uses user device 102 to select an item or service for procurement from web interface 132 of resource 130. Web interface 132 is for example a website and user 120 uses a resource app 112 running on user device 102 to select items to procure.” 
Additionally, Machani teaches storing a template (see template share 132, 152, and 172 of figure 1 and template share 1 310 to template share 3 314 of figure 3 of Machani) of a previously enrolled user internally in the user device. For example, Machani in (12) states, “A Template Share 112 may include or consist of a share of an original biometric template that was split according to polynomial-based secret sharing techniques. Template Share 112 may, for example, be stored within a secure template store made up of a database or the like containing multiple template shares, each of which is associated with a previously enrolled user of the biometric system 50.” (emphasis added) While Machani describes splitting the enrollment template between user devices 120, 140, and 160, at least a portion of the initial biometric template (“biometric enrollment data” of claim 3) is stored in the user device 120 in the template share 132) Thus, Machani teaches a mobile device which retrieves a biometric template, that was used for enrollment, from the same user device, and then performing a comparison using that enrollment biometric template for the purpose of authentication.

Regarding claim 4, Machani teaches,The computer-implemented method of claim 1, further comprising: 
initiating, by the resource provider application of the mobile device, the authentication process for authenticating the user of the mobile device; 
Machani, figure 2B teaches an authentication process, as further described in [0029-37] of Machani.
Machani fails to teach,
sending, by the resource provider application, a user identifier to the authentication gateway computer; 
However, Bhatt teaches the above features,
Bhatt teaches a biometric ID that is associated with the biometric template and also a login ID. Bhatt in [0015] states, “… biometric template 184 in association with a biometric ID 182. Biometric ID 182 is an identifying label (e.g., one or more of a social security number, a driving license number, a tax ID, a passport number, and so on) that uniquely identifies user 120.” Bhatt in [0016] states, “For example, user 120 may enroll with biometric authentication server 160 and provide an association between a login ID 114, utilized by user device 102 to access web interface 132, and biometric ID 182, such that ID lookup 164 may determine biometric ID 182 from login ID 114 received from user authenticator 134 of resource 130.” Additionally, it would be inherent that Machani would send some kind of identification or identifier of the user being authenticated to the template share 132 of Machani in order to retrieve the initial biometric template.  Bhatt states in [0033] “In step 262, method 250 sends the biometric ID of step 254 to external database to request a corresponding biometric template. In one example of step 262, authenticator 162 invokes database interface 166 to send message 170 including biometric ID 182 to external database 180. [0034] In step 264, method 250 receives the corresponding biometric template from the external database. In one example of step 264, authenticator 162 receives biometric template 184, corresponding to biometric ID 182, from external database 180.”
receiving, by the resource provider application, user enrollment information from the authentication gateway computer, the user enrollment information comprising an indication of enrollment and one or more identifiers managed by an authentication computer.
Bhatt teaches an “enrolled template” that has been enrolled and that is then send to the user devices to be used for latter non-enrollment uses (i.e., authentication). Bhatt in (2) states, “(2) The initial biometric sample or samples used to create an individual's biometric template may be captured the first time an individual uses the biometric system, and used as inputs to a process referred to as “enrollment” that generates an “enrolled template” for the individual. In subsequent, non-enrollment uses, the biometric system compares biometric information from one or more subsequently collected samples with biometric information stored in one or more of the enrolled templates.” Additionally, Machani describes enrollment, by sending a biometric template and user information to an enrollment server.  Thus, Bhatt and Machani together teach of a biometric template which also corresponds to “user enrollment information.” 
This information is later used in authentication. For example, Machani in (50) states, “Based on the comparison performed at step 508, at step 510 the disclosed system verifies the identity of the user from whom the biometric samples were captured at step 500. If the biometric information extracted from the biometric sample captured at step 500 matches the reconstructed biometric template, then at step 510 the disclosed system generates an indication that the user from whom the biometric sample was captured at step 500 is the user identified by the original biometric template, i.e. is the user from whom the initial biometric sample was captured that was used to generate the original biometric template.”

Regarding claim 5, Bhatt teaches,
The computer-implemented method of claim 1, wherein the resource provider application operates on the mobile device and/or as an application on a web server.
These features are taught by the resource app 112 of fig.1 of Bhatt.
Regarding claim 6, Machani teaches,
The computer-implemented method of claim 4, wherein the biometric matching information comprises the biometric enrollment template or an obfuscated matching circuit configured to provide an output from which a match between two biometric templates is identifiable.
The Examiner interprets the “previously-obtained biometric enrollment template” as recited above as corresponding to the initial biometric template of Machani that is used in the enrollment, as described above in the rejection of claim 1.
Regarding claim 7, Bhatt teaches,
The computer-implemented method of claim 6, further comprising: 
requesting, by the resource provider application from the authentication gateway computer, the biometric matching information, …
Bhatt in 170 of figure 1 depicts a send message 170 that corresponds to a request for biometric information. Bhatt in [0033] states, “In step 262, method 250 sends the biometric ID of step 254 to external database to request a corresponding biometric template. In one example of step 262, authenticator 162 invokes database interface 166 to send message 170 including biometric ID 182 to external database 180.” Additionally, message 470 of Bhatt figure 4 also corresponds to a request for biometric information.
… the biometric matching information comprising the biometric enrollment template; and 
The Examiner interprets the “biometric enrollment template” as corresponding to the initial biometric template of Machani that is used in the enrollment, as described above in the rejection of claim 1. The “biometric matching information” corresponds to the initial biometric template and the identification information of the user, as discussed above. Further, Bhatt in [0018] also describes a unique device ID that identifies a user device which may also correspond to an identifier associated with biometric information. Additionally, Machani in figure 3 depicts an enrollment process 300 that provides information for an identity verification process 302.
Machani teaches,
receiving, by the resource provider application, the biometric enrollment template from the authentication gateway computer.
See (48) of Machani which describes server 100 providing at least part of the template, which from enrollment, to user device. Machani (48) states, “For example, in the case where two of the template shares are required to reconstruct the original biometric template, the Template Splitting and Reconstruction Logic 150 in Device 2 140 of FIG. 1 may operate to obtain its local Template Share 152 at step 502, and then at step 504 obtain Template Share 112 from Remote Server 100 at step 504.”

Regarding claim 8, Machani teaches,
The computer-implemented method of claim 4, further comprising: 
generating, by the authentication application, the biometric matching information comprising the biometric enrollment template of the user from the biometric enrollment sample obtained by the mobile device during the enrollment process;
Machani in (Col. 1, lines 21-29), quoted above, where an “enrolled template” is generated.
Machani fails to teach the following,
associating, by the authentication application, the biometric enrollment template of the user to at least one of: 
the user identifier or an identifier of the one or more identifiers managed by the authentication computer; and 
However, Bhatt teaches the above features,
Bhatt also describes a biometric ID that is associated with the biometric template and also a login ID. Bhatt in [0015] states, “… biometric template 184 in association with a biometric ID 182. Biometric ID 182 is an identifying label (e.g., one or more of a social security number, a driving license number, a tax ID, a passport number, and so on) that uniquely identifies user 120.”
storing, by the authentication application, the biometric enrollment template.
Machani describes storing at least part of biometric template, which is used for enrollment, in template share 132 of the user’s device 120.

Regarding claim 10, Bhatt teaches,
The computer-implemented method of claim 1, wherein the at least one operation comprises delivering access to a resource provided by a resource provider based on the user being authenticated.
The resource app 112 is describe in Bhatt in [0014] which states, “In another example, user 120 uses user device 102 to select an item or service for procurement from web interface 132 of resource 130.

	Regarding claim 11, Machani teaches,A user device (user device 102 in figure 1 of Machani) comprising: 
one or more biometric capture devices; (Machani figure 1, user devices 120, 140, and 160)
one or more processors; and  (Machani figure 1, proc. Circ. 124)
one or more memories (Machani, figure 1, memory 128) comprising computer-executable instructions, wherein executing the computer-executable instructions by the one or more processors causes the user device to: 
Machani teaches that the system includes processors and memory for executing programming code. (Machani, Col. 6, lines 1-15)
during an enrollment process: (emphasis added)
Machani teaches using feature extractor logic 131 to extract a subsequent biometric sample, where the subsequent biometric sample is used for authentication and the initial biometric sample is used for the (initial) enrollment. 
Machani, in (Col. 7, lines 6-10 16) states, “The Feature Extractor Logic 131 extracts biometric information from the initial sample (enrollment sample) to generate a biometric template that identifies the user.”
See below citation to Machani (Col. 9. Lines 32-39) for description of subsequent biometric sample, used for authentication / verification.
initiating, by an authentication application on the user device, the enrollment process for enrolling a user in an authentication program;  (emphasis added)
Machani in fig. 1 teaches a template splitting an reconstruction logic 130, 150, and 170 and template share 132, 152, and 172 (“authentication application”), and also teaches a matcher logic 128, 148, and 168 (“resource provider application” as recited below).
capturing a biometric enrollment sample of the user using the user device; 
generating, by the authentication application, a biometric enrollment template using the biometric enrollment sample of the user; 
Machani describes an enrollment process. Machani in (Col. 1, lines 21-29) states, “The initial biometric sample or samples used to create an individual's biometric template may be captured the first time an individual uses the biometric system, and used as inputs to a process referred to as “enrollment” that generates an “enrolled template” for the individual. In subsequent, non-enrollment uses, the biometric system compares biometric information from one or more subsequently collected samples with biometric information stored in one or more of the enrolled templates.”
Machani teaches the following, with the exception of the underlined features,
storing the biometric enrollment template locally or at an authentication gateway computer; 
Machani, figure 1, template share 132 stores at least part of a biometric template internal to the user device, and remote server 100 has a template share 112 that may also store a biometric template, to store the initial (enrollment) biometric template.
Machani teaches the following, with the exception of the underlined features,
during an authentication process initiated by a resource provider application on the user device: (emphasis added)
Machani in fig. 1 teaches a template splitting an reconstruction logic 130, 150, and 170 and feature extractor logic 131, 151, and 171 (“authentication application” as recited above), and also teaches a matcher logic 128, 148, and 168 (“resource provider application”), where the feature extractor logic 131 passes 
Bhatt teaches the above underlined features,
Machani’s matcher logic 128 does explicitly teaches providing resources.  However, Bhatt teaches resource app 112 (“resource provider application” of claim 1).  The resource app 112 is describe in Bhatt in [0014] which states, “In another example, user 120 uses user device 102 to select an item or service for procurement from web interface 132 of resource 130. Web interface 132 is for example a website and user 120 uses a resource app 112 running on user device 102 to select items to procure.”  Bhatt’s resource app 112 provides Machani’s matching logic, which performs authentication with the additional capability of providing resources such as connections to a merchant or merchant website.
Bhatt also teaches a resource app 412 of fig. 4, which invokes an authentication app 416 to perform authentication. (Bhatt, [0045]) Although, Bhatt does not appear to teach the resource app receiving a biometric template from the authentication app 416, where the resource app then used the received biometric template to perform the authentication.
obtain, by the resource provider application operating on the user device, a biometric authentication sample utilizing the one or more biometric capture devices (Camera 108 of figure 1 of Machani) of the user device; 
Machani in (Col. 6, line 64 to Col. 7, line 2 (15)) states, “After the user is enrolled through one of the user devices, the biometric system 50 may thereafter operate to verify the user's identity based on biometric samples that are subsequently captured by any one of the user devices and a reconstructed original biometric template, as further described below.” (emphasis added) It is noted that the “subsequent” biometric samples of Machani are used for authentication, while the “initial” biometric sample of Machani is used for enrollment.
generate, by the resource provider application, a biometric authentication template from the biometric authentication sample;
Machani describes using feature extractor logic 131 to extract a subsequent biometric sample, where the subsequent biometric sample is used for authentication and the initial biometric sample is used for the (initial) enrollment. Machani (Col. 9. Lines 32-39 (26)) states, “For example, in order to compare the biometric data in the subsequently collected biometric sample or samples with the reconstructed original biometric template, the biometric data from the subsequently collected biometric sample or samples may be processed by Feature Extractor Logic 131 in order to extract the appropriate biometric information for comparison with the reconstructed original biometric.” (emphasis added) Earlier in Machani, in (Col. 7, lines 6-10 (16)) it states, “The Feature Extractor Logic 131 extracts biometric information from the initial sample (enrollment sample) to generate a biometric template that identifies the user.” 
Thus, the feature extractor 131, when extracting the subsequent biometric sample (i.e., authentication sample) used for authentication, also extracts a biometric template (“biometric authentication template”) from the biometric sample taken at the time of authentication, much like the feature extractor 131 extracts a biometric template from the sample at the time of enrollment.
 obtain, by the resource provider application, biometric matching information related to the biometric authentication template, wherein the biometric matching information comprises the biometric enrollment template; 
The Examiner interprets the “biometric matching information” as corresponding to the initial biometric template of Machani ,which is used in the enrollment process, (“previously-obtained biometric enrollment template”) and the identification information of the user / user’s devices. Machani in (Col. 7, lines 3-10 (16)) states, “For example, during an enrollment process performed through User Device 1 120, at least one initial biometric sample for the user may be captured using the Biometric Sensor 125 of User Device 1 120. The Feature Extractor Logic 131 extracts biometric information from the initial sample to generate a biometric template that identifies the user, and that describes at least one distinct physiological or behavioral biometric characteristic of the user.” (emphasis added)
This biometric template from the initial biometric sample, used for enrollment, is then stored in template share 132. Machani in (Col. 8, lines 11-15 (20)) states, “In the example in which the user enrolls with Biometric System 50 through User Device 1 120, one of the template shares may be stored as a local share in User Device 1 120, shown in FIG. 1 by Template Share 132.”
Machani teaches the following features, with the exception of the underlined features,
authenticate, by the resource provider application, a user of the user device based on the biometric authentication template, the biometric matching information, and a cryptographic comparison protocol, the cryptographic comparison protocol including one or more of: secure multi-party computation, homomorphic encryption, or a fuzzy extractor, the fuzzy extractor being configured to: 
generate two cryptographic keys from the biometric authentication template and the biometric enrollment template and 
use the two cryptographic keys to authenticate the user; and (emphasis added)
Machani teaches in (Col. 9, lines 39-51 (26-27)) a matcher logic 128 that performs a comparison between the initial biometric template and the subsequent biometric sample that has been processed by the feature extractor logic 131 (i.e., biometric matching information) which is extracted to create a biometric template, as described above.) Machani in (Col. 9, lines 39-51 (26-27)) states, “… The biometric information extracted by Feature Extractor Logic 131 from the subsequently collected biometric sample or samples is then passed to Matcher Logic 128 for comparison with the reconstructed biometric template. If Matcher Logic 128 determines that there is a match between the reconstructed biometric template and the biometric information extracted by Feature Extractor Logic 131 from the subsequently captured biometric sample(s), then Matcher Logic 128 outputs a result indicating that the identity of the user that provided the subsequently collected biometric samples is verified as being the same as the user associated with the original biometric template.” (emphasis added)
Mechani teaches the use of fuzzy matching / comparisons (“cryptographic comparison protocol, the cryptographic comparison protocol including one or more of: … fuzzy extractor”) of biometric templates. (Machani, Col. 1, lines 47-52) Machani further teaches that one or more keys are used to encrypt the biometric templates in order to protect the templates. (Machani, Col. 1, lines 65-67) Also, Machani teaches that the biometric templates may be split, so that a number of key shares may be combined to reconstruct the biometric template. (Machani, Col. 3, lines 22-25)
Please see [0045-46] of the applicant’s printed publication for a description of the fuzzy extractor’s use, as recited above.
However, Nelsen teaches the above emphasized features, 
Nelsen teaches the concept of fuzzy extractors at a high level, by stating, “a fuzzy extractor may correspond to a mechanism used to generate cryptographic keys from biometric templates in a way that if the mechanism generates a particular cryptographic key from a first biometric template, the mechanism will generate an identical cryptographic key from a second biometric template so long as the second biometric template matches (i.e., is not necessarily identical to, but close enough to) the first biometric template.” (Nelsen [0098])  
Machani and Bhatt both teach the following,
wherein the cryptographic comparison protocol is configured to compare the biometric authentication template to the biometric enrollment template without retrieving the biometric enrollment sample of the user; and 
Machani teaches performing a match between the reconstructed biometric (enrollment) template and that does not require retrieving a raw biometric sample used during enrollment. (Machani, Abstract, last sentence)   
Bhatt also teaches that an externally provided (enrollment) biometric template is matched to a biometric, and does not require that the raw biometric sample of the biometric template be used in the comparison. (Bhatt, Abstract)
Machani teaches the following,
execute, by the resource provider application, at least one operation in response to the user being authenticated.
Machani in (Col. 9. Lines 62-67) states, “the access to the resource is only granted when the result output from Matcher 128 indicates that the identity of the user providing the subsequently collected biometric sample(s) has been verified as being the same as the identity of the user associated with the original biometric template.” (emphasis added)
Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to combine the teachings of Machani, which teaches logics (i.e., applications) that interact with a matcher logic, where one of the applications provides biometric enrollment templates to the matcher logic and the use of fuzzy logic,  with Nelsen, which teaches the use of fuzzy extractors to perform comparisons / matches between two keys, where the two keys are generated based on a an enrollment biometric template and an authentication biometric template. 
One of ordinary skill in the art would have been motivated to perform such an addition to provide Machani, which teaches fuzzy logic, with the capability of performing matching using keys generated from biometric templates.
Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to combine the teachings of Machani, which teaches logics (i.e., applications) that interact with a matcher logic, where one of the applications provides biometric enrollment templates to the matcher logic (application), with Bhatt, which teaches an authentication app that stores biometric authentication templates and a resource application that interacts with the authentication in order to perform authentication.
One of ordinary skill in the art would have been motivated to perform such an addition to provide Machani’s matching logic, which performs authentication with the additional capability of providing resources such as connections to a merchant or merchant website.

Regarding claim 13, the combination of Machani, Nelsen, and Bhatt teach,
The user device of claim 11, wherein the biometric matching information comprises the biometric enrollment template, the biometric enrollment template being obtained from at least one of: 
the authentication application on the user device or from the authentication gateway computer.Claim 13 is rejected using the same basis of arguments used to reject claim 3 above.

Regarding claim 14, the combination of Machani, Nelsen, and Bhatt teach,
The user device of claim 11, wherein the one or more processors further cause the user device to: 
initiate, by the resource provider application, the authentication process for authenticating the user of the user device; 
send, by the resource provider application, a user identifier to authentication gateway computer; and 
receive, by the resource provider application, user enrollment information from the authentication gateway computer, the user enrollment information comprising an indication of enrollment and one or more identifiers managed by an authentication computer.
Claim 14 is rejected using the same basis of arguments used to reject claim 4 above.

Regarding claim 15, the combination of Machani, Nelsen, and Bhatt teach,
The user device of claim 11, wherein the resource provider application operates on the user device or as an application on a web server.
Claim 15 is rejected using the same basis of arguments used to reject claim 5 above.

Regarding claim 16, the combination of Machani, Nelsen, and Bhatt teach,
The user device of claim 14, wherein the biometric matching information comprises the biometric enrollment template or an obfuscated matching circuit configured to provide an output from which a match between two biometric templates is identifiable.
Claim 16 is rejected using the same basis of arguments used to reject claim 6 above.

Regarding claim 17, the combination of Machani, Nelsen, and Bhatt teach,
The user device of claim 16, 
wherein executing the instructions by one or more processors further causes the user device to: 
request, by the resource provider application from the authentication gateway computer, the biometric matching information, the biometric matching information comprising the biometric enrollment template; and 
receive, by the resource provider application, the biometric enrollment template from the authentication gateway computer.
Claim 17 is rejected using the same basis of arguments used to reject claim 7 above.

Regarding claim 18, the combination of Machani, Nelsen, and Bhatt teach,
The user device of claim 14, wherein executing the instructions by the one or more processors further causes the user device to: 
generating, by the authentication application, the biometric matching information comprising the biometric enrollment template of the user from an initial biometric sample obtained by the user device during the enrollment process;
associating, by the authentication application, the biometric enrollment template of the user to at least one of: 
the user identifier or an identifier of the one or more identifiers managed by the authentication computer; and 
storing, by the authentication application, the biometric enrollment template.Claim 18 is rejected using the same basis of arguments used to reject claim 8 above.

Regarding claim 20, the combination of Machani, Nelsen, and Bhatt teach,
The user device of claim 11, wherein the at least one operation comprises delivering access to a resource provided by a resource provider based on the user being authenticated.
Claim 20 is rejected using the same basis of arguments used to reject claim 10 above.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRIAN WILLIAM AVERY whose telephone number is (571) 272-3942.  The examiner can normally be reached on 9AM-5PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on (571) 272-3739.  
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/B.W.A./

/FARID HOMAYOUNMEHR/Supervisory Patent Examiner, Art Unit 2495