DETAILED ACTION

Notice of AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

The present office action is responsive to communications received on 6/1/2020. Claims 1-20 are pending.

Examiner’s Notes
Examiner suggests revisiting language for all the claims to clearly point out “computing device” being associated with an identity provider”, as well as each “communication device” being associated with “a user” or “a verified user” to avoid potential 35 U.S.C. 112(b) rejections.

Claim Objections
Claims 1, 9 and 18 are objected to because of the following informalities: 
Claim 1 recites “A computer-implemented method for use in provisioning identity credentials to a user based on interactions with at least one verified user, the method comprising: receiving, by a computing device, a request for a digital identity from a communication device of a user,…”. The second “a user” should be “the user”. Similar objection applies for claim 18 “receive, from a communication device of a user,…”
Claim 1 recites “receiving, by a computing device, a request for a digital identity from a communication device of a user,… generating a digital identity for the user,…”. The second “a digital identity” should be “the digital identity”. Similar objection applies for claim 9 and 18.
Claim 1 recites “receiving, by a computing device,…”, which should be “receiving, by a computing device associated with an identity provider,…” for clarity.
Claim 18 recites “which, when executed by a processor,…”, which should be “which, when executed by a processor of a computing device associated with an identity provider,…” for clarity. Then refer to “an identity provider” using definite article instead in “wherein an identity of the verified user has previously been verified by an identity provider” limitation.
Appropriate correction is required.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Claim 13 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.

The rejection(s) under 35 U.S.C. 112(b) is/are determined by the following reasons:
Claim 13 recites the limitation "wherein the attestation includes an attestation of a first part of the identifying information for the user included in the attestation request, but not an attestation of a second part of the at least a portion of the identifying information". There is insufficient antecedent basis for this term “the at least a portion of the identifying information” in the claim. Please check method claim 1 and 6 for comparison.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-5, 8-12 and 14-20 are rejected under 35 U.S.C. 103 as being unpatentable over Scruby (US 20190149539 A1) in view of Bryson (US 20190199698 A1) and Ye (US 20140082088 A1).

Regarding claim 1, Scruby teaches a computer-implemented method for use in provisioning identity credentials to a user based on interactions with at least one verified user, the method comprising:
receiving, by a computing device, a request for a [service] from a communication device of a user, the request including identifying information for the user; ([0110-0111] In step 701, user A may begin using an application on device A 720 associated with user A. In some aspects, device A 720 may be a new device that is attempting to authenticate with the server 730 and/or to enroll with one or more services (e.g., resources) provided by the server 730. In step 702, user A may input credentials via the application on device A 720. For example, user A may submit a username and password, biometrics (e.g., a fingerprint, voiceprint, face scan, etc.), a token or certificate, or any other type of credential. Device A 720 may receive the credentials from user A via the application and may transmit the credentials to the server 730.)
transmitting, by the computing device, to a communication device of a verified user, an attestation request for the user, the attestation request including at least a portion of the identifying information for the user; ([0110] one or more other devices, such as device B 740, may already be authenticated and/or enrolled with the server 730. As will be described in further detail below, device B 740 may be used to attest to or verify the identity of user A and/or device A 720. [0112, 0114- 0115] In step 703, the server 730 may generate a request to device A 720 for an authentication attestation. Data included in the attestation request may comprise, … a set of human-understandable information that identifies user A and/or device A 720 (e.g., user A's name, user A's email address, user A's office location, the type of device of device A 720, etc.). In some aspects, the information to send to device B 740 may be stored at the server 730 or another location accessible to device B 740 (or other devices used to attest to user A's identity). Data may be shared between devices via other channels. For example, user A may be instructed to move the device A 720 within range of device B 740 to transmit the challenge code, server identifier, and/or information identifying user A and/or device A 720 to device B 740 via, for example, near-field communication (NFC).) Here server 730 (analogous to claim limitation “computing device”) transmits attestation request to device B 740 (analogous to claim limitation “communication device of a verified user”) via device A 720.
receiving, by the computing device, from the communication device of the verified user, an attestation in response to the attestation request, the attestation relating to the at least a portion of the identifying information for the user included in the attestation request; ([0119] In step 708, device B 740 may transmit, to server 730, one or more pieces of the data from server 730 (e.g., the challenge code and/or information identifying user A and/or device A 720). Device B 740 may also transmit a confirmation that the information from device A 720 is true and that user A's authentication attempt is legitimate. Server 730 may receive, from device B 740, the challenge code, the information identifying user A and/or device A 720, and/or the confirmation.)
[granting access to the service] for the user, based on a number of attestations of the identifying information for the user; and ([0121-0122] In step 710, the server 730 may transmit, to the device 720 A, an indication that user A has been granted access to one or more resources provided by server 730 and/or may register device A 720 to be used for strong authentication in future. The device 720 A may receive the indication from the server 730. In some aspects, device A 720 may now be used to attest to the identity of other users. In some aspects, the server 730 may request attestation from a plurality of users or devices (e.g., two devices, three devices, and the like) before granting user A access to resources and/or registering device A 720. For example, after user B attests to user A's identity, user A may find another user, such as user C, to also attest to user A's identity. The server 730 may track the number of times user A has been verified by other authorized users. Once user A has been verified by a threshold number of other users, server 730 may grant user A access to one or more resources provided by server 730 and/or may register device A 720, as previously described with reference to step 710.)

Scruby teaches requesting/granting access to a service, but does not explicitly teach this service being generating a digital identity as well as sharing a digital identity notice with the user, at the communication device of the user, the digital identify notice including an identifier for the user, whereby the user is permitted to share the digital identity with a relying party via the identifier. This aspect of the claim is identified as a difference.
However, Bryson in an analogous art explicitly teaches
receiving, by a computing device, a request for a digital identity from a communication device of a user, ([0056] (a) receiving a request for an identity code for a user, the user associated with identifying information and the identifying information including multiple attributes of the user;) Here Bryson discloses identity code generally based on user's digital identity by reciting “identifying the user based on the identity code includes identifying the user to the digital identity in the memory based on the identity code” (claim 8).
generating a digital identity for the user, ([0056] (b) generating and transmitting the identity code for the user to the user at a computing device associated with the user,)
sharing a digital identity notice with the user, at the communication device of the user, the digital identify notice including an identifier for the user, whereby the user is permitted to share the digital identity with a relying party via the identifier. ([0056] (b) generating and transmitting the identity code for the user to the user at a computing device associated with the user, thereby permitting the user to present the identity code to a requesting party; (c) receiving an identity request from the requesting party including at least one query related to at least one of the multiple attributes of the user and including the identity code for the user; (d) identifying the user based on the identity code; (e) compiling a response to the at least one query of the identity request based on the identifying information of the user from at least one attributed provider; (f) transmitting the response to the requesting party, thereby permitting the requesting party to be informed about the identity of the user;)
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the “secure authentication of a device through attestation by another device” concept of Scruby, and the “digital identities” approach of Bryson. One of ordinary skill in the art would have been motivated to perform such a modification to permit users to provision digital identities to an identity host and provide improved/enhanced security of personal identifying information (Bryson [0011]).

Scruby in view of Bryson teaches requesting/generating a digital identity, but does not explicitly teach receiving, by a computing device, a request from a communication device of a user, the request including identifying information for the user and at least one verified user identifier; transmitting, by the computing device, to a communication device of a verified user associated with the at least one verified user identifier. This aspect of the claim is identified as a difference.
However, Ye in an analogous art explicitly teaches
receiving, by a computing device (server 20), a request from a communication device of a user (first client device 10-1), the request including identifying information for the user and at least one verified user identifier (an identifier of the second user); ([0093] FIG. 8, the first user at the first client device 10-1 selects (801) a second user (or an identifier of the second user) and decides to add the second user to his/her contact list by sending (803) a user addition request to the server 20.) Reference Scruby discloses user identifier being “verified” in ¶110. Therefore the combination discloses the entire limitation.
transmitting, by the computing device, to a communication device of a verified user associated with the at least one verified user identifier. ([0095-0096] the server 20 also sends (812) a user verification request to the second client device 10-2 associated with the second user. The second client device 10-2 displays (813) the user verification request. Upon detection (817) of a response from the second user at the second client device, the second client device 10-2 then sends (818) the response back to the server 20.)
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the “secure authentication of a device through attestation by another device” concept of Scruby, and the “server sending user verification request to second device” approach of Ye. One of ordinary skill in the art would have been motivated to perform such a modification to improve information security by server sending a user verification request to a second client device associated with the second user, and establishing relationship only when the verification succeeds (Ye [0016]).

Regarding claim 2, Scruby in view of Bryson and Ye teaches all the features with respect to claim 1, as outlined above. The combination further teaches
wherein the identifying information received from the user in the request includes a facial image of the user; and ([Scruby 0111] In step 702, user A may input credentials via the application on device A 720. For example, user A may submit a username and password, biometrics (e.g., a fingerprint, voiceprint, face scan, etc.), a token or certificate, or any other type of credential.)
wherein the at least a portion of the identifying information for the user included in the attestation request includes the facial image, such that the facial image is displayed to the verified user, at the communication device of the verified user, as part of the attestation request. ([Scruby 0116-0117] device B 740 may access the challenge code from the server 730, server identifier, and/or information identifying user A and/or device A 720. In step 706, the application on device B 740 may display one or more pieces of the data from server 730 (e.g., the challenge code, server identifier, and/or information identifying user A and/or device A 720). User B may review the displayed information and confirm that the information is accurate. For example, user B may confirm user A's location, email address, username, photograph, device information, etc.)

Regarding claim 3, Scruby in view of Bryson and Ye teaches all the features with respect to claim 1, as outlined above. The combination further teaches
determining whether the number of attestations of the identifying information for the user exceeds a threshold; and ([Scruby 0122] the server 730 may request attestation from a plurality of users or devices (e.g., two devices, three devices, and the like) before granting user A access to resources and/or registering device A 720. The server 730 may track the number of times user A has been verified by other authorized users.)
transmitting an attestation request to at least one additional verified user, when the number of attestations fails to satisfy the threshold; (([Scruby 0122] after user B attests to user A's identity, user A may find another user, such as user C, to also attest to user A's identity. The server 730 may also transmit, to device A 720, an indication of the number, and device A 720 may display the number to user A so that user A knows how many more attestations are needed.)
wherein generating the digital identity includes generating the digital identity when the number of attestations satisfies the threshold. ([Scruby 0122] Once user A has been verified by a threshold number of other users, server 730 may grant user A access to one or more resources provided by server 730 and/or may register device A 720, as previously described with reference to step 710.) Reference Bryson discloses granting access to resources being generating the digital identity. Therefore the combination discloses the entire limitation.

Regarding claim 4, Scruby in view of Bryson and Ye teaches all the features with respect to claim 3, as outlined above. The combination further teaches wherein generating the digital identity further includes:
compiling, into the digital identity, the identifying information received from the user in the request and/or the at least a portion of the identifying information attested to by the verified user; and ([Bryson 0028] Then, once the personal identifying information is received from the user 114 (via the network-based interface) and authentication of the user 114 is received and/or complete, the identity host 102 is configured to compile a digital identity for the user 114 and store the digital identity in memory, thereby completing enrollment of the user 114 with the identity host 102.)
associating the digital identity with the identifier. ([Bryson 0030] generate the identity code, store the identity code in memory, and associate the identity code with the digital identity of the user 114.)

Regarding claim 5, Scruby in view of Bryson and Ye teaches all the features with respect to claim 1, as outlined above. The combination further teaches
wherein transmitting the attestation request to the communication device of the verified user includes transmitting the attestation request to multiple communication devices each associated with one of multiple verified users; and ([Scruby 0110] one or more other devices, such as device B 740, may already be authenticated and/or enrolled with the server 730. As will be described in further detail below, device B 740 may be used to attest to or verify the identity of user A and/or device A 720. [Scruby 0122] the server 730 may request attestation from a plurality of users or devices (e.g., two devices, three devices, and the like) before granting user A access to resources and/or registering device A 720. The server 730 may track the number of times user A has been verified by other authorized users.)
wherein receiving the attestation includes receiving the attestation from ones of the multiple verified users. ([Scruby 0122] For example, after user B attests to user A's identity, user A may find another user, such as user C, to also attest to user A's identity. The method may repeat steps 705, 706, 707, 708, and/or 709 described above for another client device. Once user A has been verified by a threshold number of other users, server 730 may grant user A access to one or more resources provided by server 730 and/or may register device A 720, as previously described with reference to step 710.)

Regarding claim 8, Scruby in view of Bryson and Ye teaches all the features with respect to claim 1, as outlined above. The combination further teaches
wherein the identifying information for the user includes at least: a name, an address, a phone number and a government ID number; and ([Bryson 0026] the identity host 102 is configured to provide a network-based interface to the user 114 at the computing device 112, which solicits entry of personal identifying information (PII) for the user 114 and/or capture of physical documents related to the user's personal identifying information (PII). For example, the network-based interface may solicit entry of the name, mailing address, phone number, birth date, and social security number of the user 114, and may further be configured to capture or otherwise provide an image of the user's passport.)
wherein the at least a portion of the identifying information for the user included in the attestation request includes the phone number, but not the government ID number. ([Scruby 0115] Data may be shared between devices via other channels. For example, user A may be instructed to move the device A 720 within range of device B 740 to transmit the challenge code, server identifier, and/or information identifying user A and/or device A 720 to device B 740 via, for example, near-field communication (NFC).) Here identifying information in the attestation request can include the phone number disclosed by Bryson, but not the social security number disclosed by Bryson. It would have been obvious to one of ordinary skill in the art to use “phone number” instead of “government ID number” in the attestation request, because the former is a less sensitive personal identifying information (PII) compared to the latter. Indeed, it would be obvious that “Omission of an Element and Its Function Is Obvious if the Function of the Element Is Not Desired”; See MPEP 2144.04(II)(A).

Regarding claims 9 and 18, the scope of the claims are similar to that of claim 1, respectively. Accordingly, the claims are rejected using a similar rationale.

Regarding claim 10, the scope of the claim is similar to that of claim 5, respectively. Accordingly, the claim is rejected using a similar rationale.

Regarding claims 11-12 and 19, the scope of the claims are similar to that of claim 3, respectively. Accordingly, the claims are rejected using a similar rationale.

Regarding claim 14, the scope of the claim is similar to that of claim 4, respectively. Accordingly, the claim is rejected using a similar rationale.

Regarding claims 15 and 20, the scope of the claims are similar to that of claim 2, respectively. Accordingly, the claims are rejected using a similar rationale.

Regarding claim 16, Scruby in view of Bryson and Ye teaches all the features with respect to claim 9, as outlined above. The combination further teaches a non-transitory computer-readable storage medium including executable instructions, which when executed by the communication device of the verified user, cause the communication device to:
receive the attestation request from the computing device; ([Scruby 0112, 0114- 0115] In step 703, the server 730 may generate a request to device A 720 for an authentication attestation. Data included in the attestation request may comprise, … a set of human-understandable information that identifies user A and/or device A 720 (e.g., user A's name, user A's email address, user A's office location, the type of device of device A 720, etc.). In some aspects, the information to send to device B 740 may be stored at the server 730 or another location accessible to device B 740 (or other devices used to attest to user A's identity). Data may be shared between devices via other channels. For example, user A may be instructed to move the device A 720 within range of device B 740 to transmit the challenge code, server identifier, and/or information identifying user A and/or device A 720 to device B 740 via, for example, near-field communication (NFC).) Here server 730 (analogous to claim limitation “computing device”) transmits attestation request to device B 740 (analogous to claim limitation “communication device of the verified user”) via device A 720.
authenticate the verified user in response to the attestation request; and ([Scruby 0118] In step 707, user B (or user A) may authenticate with server 730 using device B 740 via, for example, strong authentication. Server 730 may authenticate device B 740 based on the security certificate or other credentials.) Here Scruby discloses various examples of authenticating user B/device B 740 in ¶118.
display the attestation request to the verified user only in response to authentication of the verified user by the communication device. ([Scruby 0118] Server 730 may authenticate device B 740 based on the security certificate or other credentials. [Scruby 0117] In step 706, the application on device B 740 may display one or more pieces of the data from server 730 (e.g., the challenge code, server identifier, and/or information identifying user A and/or device A 720).). It would have been obvious to one of ordinary skill in the art to perform action only in response to authentication of the user, such as Scruby reciting “receiving, by a server device and from a client device, credentials for authenticating a user of the client device. The user of the client device may be authenticated based on the credentials. In response to authenticating the user, the server device may …” in ¶4. Indeed, it would be obvious to rearrange these functions (“authenticate” and “display”) if it is desired; See MPEP 2144.04(VI)(C).

Regarding claim 17, Scruby in view of Bryson and Ye teaches all the features with respect to claim 16, as outlined above. The combination further teaches wherein the executable instructions, when executed by the communication device of the user, cause the communication device to compile the request for the digital identity and transmit the request to the computing device. ([Scruby 0110-0111] In step 701, user A may begin using an application on device A 720 associated with user A. In some aspects, device A 720 may be a new device that is attempting to authenticate with the server 730 and/or to enroll with one or more services (e.g., resources) provided by the server 730. In step 702, user A may input credentials via the application on device A 720. For example, user A may submit a username and password, biometrics (e.g., a fingerprint, voiceprint, face scan, etc.), a token or certificate, or any other type of credential. Device A 720 may receive the credentials from user A via the application and may transmit the credentials to the server 730.)

Allowable Subject Matter
Claims 6-7 and 13 are allowable over prior art. Claims 6-7 and 13 are objected to over prior art as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. Claim 13 is rejected under 35 U.S.C. 112(b) as well.

The following is a statement of reasons for the indication of allowable subject matter:
In interpreting the currently amended claims, in light of the specification, the Examiner finds the claimed invention to be patentably distinct from the prior art of record.

Scruby (US 20190149539 A1) teaches secure authentication of a device through attestation by one or more other devices. Challenge code, server identifier, and/or information identifying user and/or device are transmitted to the one or more other devices.

Bryson (US 20190199698 A1) teaches managing user identities and providing responses to inquiries for certain users based on confirmation of digital identities related to the users, with the user associated with an identity, and with certain attributes that form the user's identity.

The prior art of record fails to teach or suggest, individually or in combination, each and every limitation of the claimed invention as a whole. For example, Scruby and Bryson in combination do not disclose “attestation request including an attestation of a first part of the identifying information for the user, but not an attestation of a second part of the identifying information, wherein the digital identity including only the first part of the identifying information”, within the context of the claimed invention as a whole, as recited in claim 6 and 13.
Thus, the Examiner finds that the prior art does not provide sufficient teaching or motivation for anticipating or rendering obvious, within the claimed invention as a whole, without the usage of impermissible hindsight reasoning.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
US 20190319808 A1, "Identity attestation system and method", by Fallah, teaches determining an attestation or identity score of a user of a communication device employs metadata stored in a plurality of client devices, such as IoT devices. A request for attestation, comprises a unique identifier associated with the communication device and an input or shared value. The unique identifier is used to identify, in a distributed ledger (blockchain), client devices that are paired with the communication device. Metadata stored in association with each of the client devices is retrieved and compared to the input or shared value, and a sub-identity score is determined based on the extent to which there is a match and the reliability of the client device. The sub-identity scores are combined to obtain an identity score reflecting a confidence level in the user and/or communication device.
US 20200184482 A1, "Systems and methods for provisioning accounts", by Sharma, teaches receiving, at a mobile device, a request to provision an account to a mobile device; prompting a user associated with the account for authentication at a wireless device associated with the account; receiving an account credential from the wireless device, via a local wireless communication between the mobile device and the wireless device, when the user is authenticated at the wireless device; transmitting the account credential toward a first party associated with the account, whereby the account credential is indicative of the authentication of the user; and provisioning the account to the mobile device, in response to an approval received from the first party.
US 20170346815 A1, "Multifactor authentication processing using two or more devices", by Andrews, teaches that a first user request may be received to access a particular resource. A first authentication credential from a first client device may be received based on a first authentication challenge being issued to a user of the first client device. A second client device of the user may be notified to prompt the user to provide a second authentication credential to complete at least a second authentication challenge. The access to the particular resource may require at least successfully completing the first authentication challenge on the first client device and the second authentication challenge on the second client device.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to HAN YANG whose telephone number is (408)918-7638.  The examiner can normally be reached on Monday to Friday, 9:00-5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on 571-272-3862.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/HAN YANG/Examiner, Art Unit 2493