DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 7/7/2022 has been entered.
Authorization for this Examiner’s Amendment was given in a telephone interview with Applicant’s representative Weisheng “Wilson” Xie on July 21, 2022.

Claims
Please replace claims as following: 
Claim 1 (Currently Amended) A computer program product, the computer program product being tangibly embodied on a non-transitory computer-readable storage medium and comprising instructions that, when executed, are configured to cause at least one computing device to:
receive an authentication request from a first user for access to a network resource via a first communications channel, the authentication request including at least one authentication parameter;
input the at least one authentication parameter into an authentication code generator to generate a user-specific authentication code, wherein the at least one authentication parameter comprises a password of the first user and an expiration time defined with respect to a time of the authentication request;
after receiving the authentication request, generate, using the at least one authentication parameter received from the first user, a user-specific authentication Uniform Resource Locator (URL) for an access page based on the user-specific authentication code;
send the user-specific authentication URL to the first user via a second communications channel;
receive an access request in response to selection of the user-specific authentication URL by a second user, the access request associated with at least one access parameter, wherein the at least one access parameter is not a part of the authentication URL, and wherein the at least one access parameter identifies the second user associated with the access request;
validate the access request, wherein validating the access request comprises matching the at least one authentication parameter with the at least one access parameter to confirm that the first user and the second user are the same, wherein the first user and the second user are the same when the at least one authentication parameter corresponds to the at least one access parameter received from the second user; and
provide the access page to the first user, in response to the matching, the access page indicating grant of access to the network resource.

Claim 3 (Canceled)
Claim 11 (Currently Amended) A computer-implemented method, comprising:
receiving an authentication request from a first user for access to a network resource via a first communications channel, the authentication request including at least one authentication parameter;
inputting the at least one authentication parameter into an authentication code generator to generate a user-specific authentication code, wherein the at least one authentication parameter comprises a password of the first user and an expiration time defined with respect to a time of the authentication request;
after receiving the authentication request, generating, using the at least one authentication parameter received from the first user, a user-specific authentication Uniform Resource Locator (URL) for an access page based on the user-specific authentication code;
sending the user-specific authentication URL to the first user via a second communications channel;
receiving an access request in response to selection of the user-specific authentication URL by a second user, the access request associated with at least one access parameter, wherein the at least one access parameter is not a part of the authentication URL, and wherein the at least one access parameter identifies the second user associated with the access request;
validating the access request, wherein validating the access request comprises matching the at least one authentication parameter with the at least one access parameter to confirm that the first user and the second user are the same, wherein the first user and the second user are the same when the at least one authentication parameter corresponds to the at least one access parameter received from the second user; and
providing the access page to the first user, in response to the matching, the access page indicating grant of access to the network resource.

Claim 13 (Canceled)

Claim 17 (Currently Amended) A computer-implemented system, comprising:
one or more computers; and
one or more computer memory devices interoperably coupled with the one or more computers and having tangible, non-transitory, machine-readable media storing one or more instructions that, when executed by the one or more computers, perform one or more operations comprising:
receiving an authentication request from a first user for access to a network resource via a first communications channel, the authentication request including at least one authentication parameter;
inputting the at least one authentication parameter into an authentication code generator to generate a user-specific authentication code, wherein the at least one authentication parameter comprises a password of the first user and an expiration time defined with respect to a time of the authentication request;
after receiving the authentication request, generating, using the at least one authentication parameter received from the first user, a user-specific authentication Uniform Resource Locator (URL) for an access page based on the user-specific authentication code;
sending the user-specific authentication URL to the first user via a second communications channel;
receiving an access request in response to selection of the user-specific authentication URL by a second user, the access request associated with at least one access parameter, wherein the at least one access parameter is not a part of the authentication URL, and wherein the at least one access parameter identifies the second user associated with the access request;
validating the access request, wherein validating the access request comprises matching the at least one authentication parameter with the at least one access parameter to confirm that the first user and the second user are the same, wherein the first user and the second user are the same when the at least one authentication parameter corresponds to the at least one access parameter received from the second user; and
providing the access page to the first user, in response to the matching, the access page indicating grant of access to the network resource.

Claim 19 (Canceled)

Terminal Disclaimer
The terminal disclaimer filed on 7/25/2022 disclaiming the terminal portion of any patent granted on this application which would extend beyond the expiration date of US Patent 10,635,792 has been reviewed and is accepted.  The terminal disclaimer has been recorded.










Examiner's Statement of Reason for Allowance

Claims 1, 2, 4-12, 14-18, 20 and 21 are allowed.
The following is an examiner’s statement of reasons for allowance: 
The present invention is directed to providing multi-factor authentication with Uniform Resource Locator (URL) validation (MFAUV). One of the multiple authentication factors used may include a unique, user-specific URL that is sent to the user within a message. In this way, the user may simply click on, or otherwise execute or select, the provided URL, directly from within the message in which the URL is provided.

The closest prior art, as previously recited, are Hoard et al. (US 2014/0095871 A1), Marci Carpenter, “WebEx Frequently Asked Questions,” August 11, 2008 (hereinafter WebEx:FAQ), Wang (US 7,359,493 B1) and Brothers et al. (US 20020083178 A1) in which, Hoard disclose access to online collaborative resources such as an online meeting, web conference, online chat room, an online video conference, an online audio conference, a collaboratively edited document, a collaborative browsing session, an online social networking group, or a web site is secured by providing a first user-specific URL to a first user for addressing collaborative resource; responsive to the first user accessing the first user-specific URL, granting by a computing system access to the collaborative event to the first user; and responsive to a second user accessing the first user-specific URL, preventing by a computing system access to the collaborative event to the second user. Optionally, time criteria for accessing the first user-specific URL may be used to invalidating the first user-specific URL, wherein access to the collaborative resource is disabled; and in which WebEx:FAQ teaches session owner scheduling a future meeting, they may choose to have a copy of the invitation email sent to the session owner; and in which Wang teaches a login server verifies the identity of a user of the recipient system prior to allowing the user to access the mail services offered by the mail system. To do so, the login server accesses the registration data store to determine whether a given user attempting to access mail services has, in fact, been registered for such services. The login server prevents users that have not been registered for mail services from accessing the mail services provided by the mail system. The secure URL generated by the authentication server may be generated based on one or more of the following: time of the request, date of the request, user identifier (i.e., of the recipient), audio file storage pointer information, and the Internet Protocol (IP) address of the authentication server. Secure URLs are only generated by the authentication server at the request of a trusted mail retrieval server. To further enhance security, the secure URL may be time-sensitive such that, after a predetermined amount of time, requests using the secure URL are no longer authenticated by the authentication server when submitted for authentication by the playback server (e.g., a secure URL may be valid for only 30 seconds after the generation of the secure URL); and in which Brothers teaches a resource provider subsystem ("RPS") secures and combines resource access right data with a universal resource locator (URL) as a secure URL in a web page document. The RPS transmits the web page document with the secure URL including resource access right data, to a web access device ("WAD") via a network. The WAD executes a browser application to display the secure URL of the web page document. A user of the WAD can activate the secure URL to generate a signal. The signal includes the secure URL and is transmitted from the WAD to the resource distribution subsystem ("RDS"). The RDS receives the signal, authenticates the request, and verifies that the resource access right data has not been changed after it was established by the RPS. If the request is authenticated and verified, the RDS uses the resource access right data to determine the rights the WAD and/or user thereof has with respect to the resource. If authorized, the RDS provides access to the resource to the WAD. The resource can include data, text, image(s), applet(s), and/or a downloadable program module. Alternatively, the resource can be a server application optionally programmed to permit the user of the web access device to interact therewith. Through use of the secure URL, the RPS can control access to the resource even though it is hosted at distributed sites of a network.

However, none of Hoard et al. (US 2014/0095871 A1), Marci Carpenter, “WebEx Frequently Asked Questions,” August 11, 2008 (hereinafter WebEx:FAQ), Wang (US 7,359,493 B1) and Brothers et al. (US 20020083178 A1), teaches or suggests, alone or in combination, the particular combination of steps or elements as recited in the independent Claim 1, and similarly Claim 11 and Claim 17.  For example, none of the cited prior art teaches or suggest the steps of Claim 1 and similarly Claim 11 and Claim 17: receive an authentication request from a first user for access to a network resource via a first communications channel, the authentication request including at least one authentication parameter; input the at least one authentication parameter into an authentication code generator to generate a user-specific authentication code, wherein the at least one authentication parameter comprises a password of the first user and an expiration time defined with respect to a time of the authentication request; after receiving the authentication request, generate, using the at least one authentication parameter received from the first user, a user-specific authentication Uniform Resource Locator (URL) for an access page based on the user-specific authentication code; send the user-specific authentication URL to the first user via a second communications channel; receive an access request in response to selection of the user-specific authentication URL by a second user, the access request associated with at least one access parameter, wherein the at least one access parameter is not a part of the authentication URL, and wherein the at least one access parameter identifies the second user associated with the access request; validate the access request, wherein validating the access request comprises matching the at least one authentication parameter with the at least one access parameter to confirm that the first user and the second user are the same, wherein the first user and the second user are the same when the at least one authentication parameter corresponds to the at least one access parameter received from the second user; and provide the access page to the first user, in response to the matching, the access page indicating grant of access to the network resource.

Therefore the claims are allowable over the cited prior art.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”







Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. See PTO-892 attached.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KARI L SCHMIDT whose telephone number is (571)270-1385.  The examiner can normally be reached on Monday-Friday 10am - 6pm (MDT).
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on (571)270-5002.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/KARI L SCHMIDT/Primary Examiner, Art Unit 2439