DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendment
The previous objections to claims 1, 11, and 20, have been removed in view of the applicant's amendments.

Response to Arguments
Applicant’s arguments, filed 5/30/2022, with respect to the rejection(s) of independent claim(s) under 35 USC 102 have been fully considered and are persuasive.  Therefore, the rejection has been withdrawn.  However, upon further consideration, a new ground(s) of 35 USC 103 rejection is made in view of the combination of Lindsay and Chua, wherein Chua has been added to teach the deficiencies of Lindsay.
To the applicant’s specific argument of the paragraph starting at the bottom of page 9 and finishing at the top of page 10:  Applicant's arguments do not comply with 37 CFR 1.111(c) because they do not clearly point out the patentable novelty which he or she thinks the claims present in view of the state of the art disclosed by the references cited or the objections made. Further, they do not show how the amendments avoid such references or objections.


Information Disclosure Statement
The information disclosure statement (IDS) submitted on 8/27/2020 was filed before the first office action.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Rejection Notes
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 1, 5-11, and 15-20, are rejected under 35 U.S.C. 103 as being unpatentable over Lindsay (US 20070250920 A1, published: 10/25/2007), in view of Chua (US 20060015358 A1, published: 1/19/2006).
Claim 1. (Currently Amended):  Lindsay teaches a server comprising: a communications module (I/O device 78 for communicating with other objects and systems [Lindsay, 0112, FIG. 3]); a processor coupled with the communications module (central processor 76 operably associated with an I/O device 78 [Lindsay, 0112, FIG. 3]); and a memory (user account data 74 [Lindsay, 0112, FIG. 3]) coupled to the processor and storing processor-executable instructions which, when executed by the processor, configure the processor to:
receive, via the communications module and from a computing device, a signal representing a request to add an authorized user to an account of an entity hosted by a first institution associated with the server (multiple passwords can be managed with a central account accessible via a network. For example, a user could create an account at a password management site where passwords for other participating services could be securely managed [Lindsay, 0230]);
send, via the communications module and to a second server associated with a second institution hosting an account of the authorized user (an authorizing agency server in communication with the security service server [Lindsay, 0054]), a signal that includes the unique key (user information comprises the permanent unique credential [Lindsay, 0055]) and an identifier of the entity (Limited Use Credential from an authorizing agency [Lindsay, 0051]), the signal causing the second server to store the unique key and the identifier in memory and associate the unique key and the identifier with the account of the authorized user (a system for providing a user with a Limited Use Credential (e.g., a pseudo-Social Security number or Limited User Social Security number) from an authorizing agency (e.g., the IRS) to share with a third party in place of a permanent unique credential from the authorizing agency (e.g., to be used when accessing the account or associated services such as technical support or consumer services) [Lindsay, 0051].  An authorizing agency server in communication with the security service server, the server adapted to operate a Limited Use Credential generator for assigning a Limited Use Credential to a user for use only with the one or more specified third parties [Lindsay, 0054].  An authorizing agency database in communication with the authorizing agency server for linking user information with the Limited Use Credential and the one or more specified third parties, wherein the user information comprises the permanent unique credential from the authorizing agency [Lindsay, 0055]);
receive a signal representing a request to perform an operation for the entity (a client server accesses the security system 302, typically in response to an attempt by a user to login in to an asset access interface (not shown) associated with the client server [Lindsay, 0132, FIG. 8]);
in response to receiving the request to perform the operation, send, via the communications module and to a digital identity network, a request for the unique key associated with the entity (the system obtains a user E1 304 intended to establish user credentials [Lindsay, 0132, FIG. 8]);
receive, via the communications module and from the digital identity network, the unique key; and in response to receiving the unique key, perform the operation (after accessing the system 302, the system obtains a user E1 304 intended to establish user credentials. The system compares E1 or components thereof to stored user access data in a database (not shown) to determine if E1 contains valid login data 306. If the login data is valid (e.g., a recognized primary or secondary password associated with the provided user ID or other credentials), then the user entry E1 is evaluated to determine if it contains information regarding the security setting 310 indicative of a potential security problems (the security-related information may covertly indicate that the user is in an insecure setting, such as being observed by a third party or under duress, or using a computer that may be monitored by a hidden observer). If there is a security issue flagged by security setting data in the user entry E1, the system can then determine the security rules 314 that have been configured for implementation in response to the security setting data 310, and accordingly apply the specified restrictions 316 regarding access to the asset and implement any specified security related actions such as the issuance of alerts, making a telephone call by machine or human operator to contact the asset owner, etc. [Lindsay, 0132, FIG. 8]).

Lindsay does not teach generate a unique key that is associated with the account of the entity, the unique key required by the server to perform an operation.
However, Chua teaches generate a unique key that is associated with the account of the entity, the unique key required by the server to perform an operation ((b) validating the first password using the token identifier and returning a first validation to the first service provider; (c) receiving the token identifier and the second password from a second service provider; and (d) validating the second password using the token identifier and returning a second validation to the second service provider [Chua, Claim 9].  The method of claim 9, wherein the validating of (b) and (d) is performed by an authentication provider server, wherein the first service provider maintains a first account for a user, wherein the second service provider maintains a second account for the user, wherein the user uses the token to generate the first password and the second password, and wherein the authentication provider server performs the validating of (b) without receiving from the first service provider information indicative of the identity of the first account, and wherein the authentication provider server performs the validating of (d) without receiving from the second service provider information indicative of the identity of the second account [Chua, Claim 10]).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the security service that links multiple user accounts of multiple entities to a single associated user invention of Lindsay to generate an unique key associated with an entity's account to perform an operation feature of Chua.
One would have been motivated to make this modification to ensure that any keys generated to gain account access is unique and secure.  By generating a unique key required to perform an operation, security checks can insure that only the correct user with the correct key may gain access for performing operations at the same.

Claim 5:  The combination of Lindsay and Chua, teaches the server of claim 1.  Lindsay further teaches wherein the unique key is received from the digital identity network in a blind manner such that the first institution does not know an identity of the second institution and the second institution does not know an identity of the first institution (shared information 622A between the IRS 612A and the PIN Safety Service 608A includes user information (name, optionally address, birthdate, etc.), the user's Social Security number, the agency name or identifier associated with the agency, and the Limited-Use Social Security number (LUSSN) for use with that particular agency. Multiple agencies can be used (not shown), each with their own LUSSN for the user, if desired, or multiple agencies can use a single LUSSN, if desired, as specified by user-selected rules or other rules associated with the user's account with the PIN Safety Service 608A [Lindsay, 0157]; Examiner's Note: the user may choose to share or not share the same identifier with two different institutions.  Thus, when not sharing, each institution does not know the other institution identity).
 
Claim 6:  The combination of Lindsay and Chua, teaches the server of claim 1.  Lindsay further teaches wherein the processor-executable instructions, when executed by the processor, further configure the processor to: in response to receiving the request to add the authorized user, generate the unique key and the identifier of the entity (a user could create an account at a password management site where passwords for other participating services could be securely managed [Lindsay, 0230].  Providing a user with a Limited Use Credential (e.g., a pseudo-Social Security number or Limited User Social Security number) from an authorizing agency (e.g., the IRS) to share with a third party in place of a permanent unique credential from the authorizing agency [Lindsay, 0051]).
 
Claim 7:  The combination of Lindsay and Chua, teaches the server of claim 1.  Lindsay further teaches wherein the unique key is received from the second institution when the authorized user has indicated consent to the operation (FIG. 4 depicts one portion of an administrative interface showing a configuration page 100 for a security management system for defining security rules for a secure electronic account [Lindsay, 0114, FIG. 4].  A "confirm" button overwrites previous settings for the selected account with the criteria entered on the configuration page, making the new settings go live relative to the selected account [Lindsay, 0119, FIG. 4]).
 
Claim 8:  The combination of Lindsay and Chua, teaches the server of claim 1.  Lindsay further teaches wherein the signal representing the request to add the authorized user to the account of the entity includes one or more parameters defining permissions granted to the authorized user (in response to selecting "covert cues", additional content has been displayed on the configuration page 100 of the administrative interface, providing a covert cue specification area 114 with various radio buttons to specify what the covert cue will signify when coupled with the primary password. These significations include "full access" (meaning that use of the specified covert cue coupled with the overt password will constitute a primary password providing full access or a relatively high level of access to the asset), "limited access", "feigned access", and "alert" (indicating that a security alert should be issued should the covert cue be received). Here, "full access" has been selected in the covert cue specification area 114 [Lindsay, 0116, FIG. 4]).
 
Claim 9:  The combination of Lindsay and Chua, teaches the server of claim 8.  Lindsay further teaches wherein the permissions include at least one of sending payments, sending payments only to defined parties, and sending payments less than a threshold amount (FIG. 9 shows a flowchart of a payment processing method 350 wherein a signature of a user is required. In response to receiving a payment request 352 (e.g., a request from a merchant to authorize a proposed transaction), the system receives credit card information 354, such as information obtained buy swiping a credit card for a "card present" transaction, or stored information on a computer (e.g., a cookie) for a "card remote" transaction [Lindsay, 0133, FIG. 9]).
 
Claim 10:  The combination of Lindsay and Chua, teaches the server of claim 1.  Lindsay further teaches wherein the unique key is one of a plurality of unique keys, each unique key being associated with a different authorized user and wherein the operation is performed when all unique keys have been received (providing a user with a Limited Use Credential (e.g., a pseudo-Social Security number or Limited User Social Security number) from an authorizing agency (e.g., the IRS) to share with a third party in place of a permanent unique credential from the authorizing agency [Lindsay, 0051].  An authorizing agency server in communication with the security service server, the server adapted to operate a Limited Use Credential generator for assigning a Limited Use Credential to a user for use only with the one or more specified third parties [Lindsay, 0054].  Shared information 622A between the IRS 612A and the PIN Safety Service 608A includes user information (name, optionally address, birthdate, etc.), the user's Social Security number, the agency name or identifier associated with the agency, and the Limited-Use Social Security number (LUSSN) for use with that particular agency. Multiple agencies can be used (not shown), each with their own LUSSN for the user, if desired, or multiple agencies can use a single LUSSN, if desired, as specified by user-selected rules or other rules associated with the user's account with the PIN Safety Service 608A [Lindsay, 0157]).
 
Claim 11. (Currently Amended):  Lindsay teaches a method comprising:
receiving, via a communications module (I/O device 78 for communicating with other objects and systems [Lindsay, 0112, FIG. 3]) and from a computing device, a signal representing a request to add an authorized user to an account of an entity hosted by a first institution associated with a first server (multiple passwords can be managed with a central account accessible via a network. For example, a user could create an account at a password management site where passwords for other participating services could be securely managed [Lindsay, 0230]);
sending, via the communications module and to a second server associated with a second institution hosting an account of the authorized user (an authorizing agency server in communication with the security service server [Lindsay, 0054]), a signal that includes the unique key (user information comprises the permanent unique credential [Lindsay, 0055]) and an identifier of the entity (Limited Use Credential from an authorizing agency [Lindsay, 0051]), the signal causing the second server to store the unique key and the identifier in memory and associate the unique key and the identifier with the account of the authorized user (a system for providing a user with a Limited Use Credential (e.g., a pseudo-Social Security number or Limited User Social Security number) from an authorizing agency (e.g., the IRS) to share with a third party in place of a permanent unique credential from the authorizing agency (e.g., to be used when accessing the account or associated services such as technical support or consumer services) [Lindsay, 0051].  An authorizing agency server in communication with the security service server, the server adapted to operate a Limited Use Credential generator for assigning a Limited Use Credential to a user for use only with the one or more specified third parties [Lindsay, 0054].  An authorizing agency database in communication with the authorizing agency server for linking user information with the Limited Use Credential and the one or more specified third parties, wherein the user information comprises the permanent unique credential from the authorizing agency [Lindsay, 0055]);
receiving a signal representing a request to perform an operation for the entity (a client server accesses the security system 302, typically in response to an attempt by a user to login in to an asset access interface (not shown) associated with the client server [Lindsay, 0132, FIG. 8]);
in response to receiving the request to perform the operation, sending a request, via the communications module and to a digital identity network, for the unique key associated with the entity (the system obtains a user E1 304 intended to establish user credentials [Lindsay, 0132, FIG. 8]);
receiving, via the communications module and from the digital identity network, the unique key; and in response to receiving the unique key, performing the operation (after accessing the system 302, the system obtains a user E1 304 intended to establish user credentials. The system compares E1 or components thereof to stored user access data in a database (not shown) to determine if E1 contains valid login data 306. If the login data is valid (e.g., a recognized primary or secondary password associated with the provided user ID or other credentials), then the user entry E1 is evaluated to determine if it contains information regarding the security setting 310 indicative of a potential security problems (the security-related information may covertly indicate that the user is in an insecure setting, such as being observed by a third party or under duress, or using a computer that may be monitored by a hidden observer). If there is a security issue flagged by security setting data in the user entry E1, the system can then determine the security rules 314 that have been configured for implementation in response to the security setting data 310, and accordingly apply the specified restrictions 316 regarding access to the asset and implement any specified security related actions such as the issuance of alerts, making a telephone call by machine or human operator to contact the asset owner, etc. [Lindsay, 0132, FIG. 8]).

Lindsay does not teach generating a unique key that is associated with the account of the entity, the unique key required by the server to perform an operation.
However, Chua teaches generating a unique key that is associated with the account of the entity, the unique key required by the server to perform an operation ((b) validating the first password using the token identifier and returning a first validation to the first service provider; (c) receiving the token identifier and the second password from a second service provider; and (d) validating the second password using the token identifier and returning a second validation to the second service provider [Chua, Claim 9].  The method of claim 9, wherein the validating of (b) and (d) is performed by an authentication provider server, wherein the first service provider maintains a first account for a user, wherein the second service provider maintains a second account for the user, wherein the user uses the token to generate the first password and the second password, and wherein the authentication provider server performs the validating of (b) without receiving from the first service provider information indicative of the identity of the first account, and wherein the authentication provider server performs the validating of (d) without receiving from the second service provider information indicative of the identity of the second account [Chua, Claim 10]).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the security service that links multiple user accounts of multiple entities to a single associated user invention of Lindsay to generate an unique key associated with an entity's account to perform an operation feature of Chua.
One would have been motivated to make this modification to ensure that any keys generated to gain account access is unique and secure.  By generating a unique key required to perform an operation, security checks can insure that only the correct user with the correct key may gain access for performing operations at the same.

Claim 15:  The combination of Lindsay and Chua, teaches the method of claim 11.  Lindsay further teaches wherein the unique key is received from the digital identity network in a blind manner such that the first institution does not know an identity of the second institution and the second institution does not know an identity of the first institution (shared information 622A between the IRS 612A and the PIN Safety Service 608A includes user information (name, optionally address, birthdate, etc.), the user's Social Security number, the agency name or identifier associated with the agency, and the Limited-Use Social Security number (LUSSN) for use with that particular agency. Multiple agencies can be used (not shown), each with their own LUSSN for the user, if desired, or multiple agencies can use a single LUSSN, if desired, as specified by user-selected rules or other rules associated with the user's account with the PIN Safety Service 608A [Lindsay, 0157]; Examiner's Note: the user may choose to share or not share the same identifier with two different institutions.  Thus, when not sharing, each institution does not know the other institution identity).
 
Claim 16:  The combination of Lindsay and Chua, teaches the method of claim 11.  Lindsay further teaches further comprising: in response to receiving the request to add the authorized user, generating the unique key and the identifier of the entity (a user could create an account at a password management site where passwords for other participating services could be securely managed [Lindsay, 0230].  Providing a user with a Limited Use Credential (e.g., a pseudo-Social Security number or Limited User Social Security number) from an authorizing agency (e.g., the IRS) to share with a third party in place of a permanent unique credential from the authorizing agency [Lindsay, 0051]).
 
Claim 17:  The combination of Lindsay and Chua, teaches the method of claim 11.  Lindsay further teaches wherein the unique key is received from the second institution when the authorized user indicated consent to the operation (FIG. 4 depicts one portion of an administrative interface showing a configuration page 100 for a security management system for defining security rules for a secure electronic account [Lindsay, 0114, FIG. 4].  A "confirm" button overwrites previous settings for the selected account with the criteria entered on the configuration page, making the new settings go live relative to the selected account [Lindsay, 0119, FIG. 4]).
 
Claim 18:  The combination of Lindsay and Chua, teaches the method of claim 11.  Lindsay further teaches wherein the signal representing the request to add the authorized user to the account of the entity includes one or more parameters defining permissions granted to the authorized user (in response to selecting "covert cues", additional content has been displayed on the configuration page 100 of the administrative interface, providing a covert cue specification area 114 with various radio buttons to specify what the covert cue will signify when coupled with the primary password. These significations include "full access" (meaning that use of the specified covert cue coupled with the overt password will constitute a primary password providing full access or a relatively high level of access to the asset), "limited access", "feigned access", and "alert" (indicating that a security alert should be issued should the covert cue be received). Here, "full access" has been selected in the covert cue specification area 114 [Lindsay, 0116, FIG. 4]).
 
Claim 19:  The combination of Lindsay and Chua, teaches the method of claim 11.  Lindsay further teaches wherein the unique key is one of a plurality of unique keys, each unique key being associated with a different authorized user and wherein the operation is performed when all unique keys have been received (providing a user with a Limited Use Credential (e.g., a pseudo-Social Security number or Limited User Social Security number) from an authorizing agency (e.g., the IRS) to share with a third party in place of a permanent unique credential from the authorizing agency [Lindsay, 0051].  An authorizing agency server in communication with the security service server, the server adapted to operate a Limited Use Credential generator for assigning a Limited Use Credential to a user for use only with the one or more specified third parties [Lindsay, 0054].  Shared information 622A between the IRS 612A and the PIN Safety Service 608A includes user information (name, optionally address, birthdate, etc.), the user's Social Security number, the agency name or identifier associated with the agency, and the Limited-Use Social Security number (LUSSN) for use with that particular agency. Multiple agencies can be used (not shown), each with their own LUSSN for the user, if desired, or multiple agencies can use a single LUSSN, if desired, as specified by user-selected rules or other rules associated with the user's account with the PIN Safety Service 608A [Lindsay, 0157]).
 
Claim 20. (Currently Amended):  Lindsay teaches a non-transitory computer readable storage medium (user account data 74 [Lindsay, 0112, FIG. 3]) comprising computer-executable instructions which, when executed, configure a processor (central processor 76 [Lindsay, 0112, FIG. 3]) to:
receive, via a communications module (I/O device 78 for communicating with other objects and systems [Lindsay, 0112, FIG. 3]) and from a computing device, a signal representing a request to add an authorized user to an account of an entity hosted by a first institution associated with a first server (multiple passwords can be managed with a central account accessible via a network. For example, a user could create an account at a password management site where passwords for other participating services could be securely managed [Lindsay, 0230]);
send, via the communications module and to a second server associated with a second institution hosting an account of the authorized user (an authorizing agency server in communication with the security service server [Lindsay, 0054]), a signal that includes the unique key (user information comprises the permanent unique credential [Lindsay, 0055]) and an identifier of the entity (Limited Use Credential from an authorizing agency [Lindsay, 0051]), the signal causing the second server to store the unique key and the identifier in memory and associate the unique key and the identifier with the account of the authorized user (a system for providing a user with a Limited Use Credential (e.g., a pseudo-Social Security number or Limited User Social Security number) from an authorizing agency (e.g., the IRS) to share with a third party in place of a permanent unique credential from the authorizing agency (e.g., to be used when accessing the account or associated services such as technical support or consumer services) [Lindsay, 0051].  An authorizing agency server in communication with the security service server, the server adapted to operate a Limited Use Credential generator for assigning a Limited Use Credential to a user for use only with the one or more specified third parties [Lindsay, 0054].  An authorizing agency database in communication with the authorizing agency server for linking user information with the Limited Use Credential and the one or more specified third parties, wherein the user information comprises the permanent unique credential from the authorizing agency [Lindsay, 0055]);
receive a signal representing a request to perform an operation for the entity (a client server accesses the security system 302, typically in response to an attempt by a user to login in to an asset access interface (not shown) associated with the client server [Lindsay, 0132, FIG. 8]);
in response to receiving the request to perform the operation, send a request, via the communications module and to a digital identity network, for the unique key associated with the entity (the system obtains a user E1 304 intended to establish user credentials [Lindsay, 0132, FIG. 8]);
receive, via the communications module and from the digital identity network, the unique key; and in response to receiving the unique key, perform the operation (after accessing the system 302, the system obtains a user E1 304 intended to establish user credentials. The system compares E1 or components thereof to stored user access data in a database (not shown) to determine if E1 contains valid login data 306. If the login data is valid (e.g., a recognized primary or secondary password associated with the provided user ID or other credentials), then the user entry E1 is evaluated to determine if it contains information regarding the security setting 310 indicative of a potential security problems (the security-related information may covertly indicate that the user is in an insecure setting, such as being observed by a third party or under duress, or using a computer that may be monitored by a hidden observer). If there is a security issue flagged by security setting data in the user entry E1, the system can then determine the security rules 314 that have been configured for implementation in response to the security setting data 310, and accordingly apply the specified restrictions 316 regarding access to the asset and implement any specified security related actions such as the issuance of alerts, making a telephone call by machine or human operator to contact the asset owner, etc. [Lindsay, 0132, FIG. 8]).
Lindsay does not teach generate a unique key that is associated with the account of the entity, the unique key required by the server to perform an operation.
However, Chua teaches generate a unique key that is associated with the account of the entity, the unique key required by the server to perform an operation ((b) validating the first password using the token identifier and returning a first validation to the first service provider; (c) receiving the token identifier and the second password from a second service provider; and (d) validating the second password using the token identifier and returning a second validation to the second service provider [Chua, Claim 9].  The method of claim 9, wherein the validating of (b) and (d) is performed by an authentication provider server, wherein the first service provider maintains a first account for a user, wherein the second service provider maintains a second account for the user, wherein the user uses the token to generate the first password and the second password, and wherein the authentication provider server performs the validating of (b) without receiving from the first service provider information indicative of the identity of the first account, and wherein the authentication provider server performs the validating of (d) without receiving from the second service provider information indicative of the identity of the second account [Chua, Claim 10]).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the security service that links multiple user accounts of multiple entities to a single associated user invention of Lindsay to generate an unique key associated with an entity's account to perform an operation feature of Chua.
One would have been motivated to make this modification to ensure that any keys generated to gain account access is unique and secure.  By generating a unique key required to perform an operation, security checks can insure that only the correct user with the correct key may gain access for performing operations at the same.

Claims 2-4 and 12-14, are rejected under 35 U.S.C. 103 as being unpatentable over Lindsay (US 20070250920 A1, published: 10/25/2007), in view of Douglas et al. (US 20160048846 A1, published: 2/18/2016).
Claim 2:  The combination of Lindsay and Chua, teaches the server of claim 1, authenticate the authorized user at the second institution (an authorizing agency database in communication with the authorizing agency server for linking user information with the Limited Use Credential and the one or more specified third parties [Lindsay, 0055]).  Lindsay does not teach wherein the processor-executable instructions, when executed by the processor, further configure the processor to: send, via the communications module and to a remote device associated with the authorized user, a link which, when selected, directs the remote device to authenticate the authorized user.
However, Douglas teaches wherein the processor-executable instructions, when executed by the processor, further configure the processor to: send, via the communications module and to a remote device associated with the authorized user, a link which, when selected, directs the remote device to authenticate the authorized user (where authentication data is transmitted in a push notification, the push notification may include a link to open a website, a mobile application, an authentication request notification, and/or an SMS message to input the authentication code and/or response. In the same manner, an SMS message, MMS message, e-mail, and the like may include a link to direct a customer to input the authentication data and/or authentication response for transmission to the customer authentication system 120 and/or customer authentication device 122 [Douglas, 0038]).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the security service that links multiple user accounts of multiple entities to a single associated user invention of the combination of Lindsay and Chua, to include a weblink that directs remote devices to authenticate said device feature of Douglas.
One would have been motivated to make this modification to simplify the process of authenticating a device by using a link that easily directs a user to an authentication service.  Such would limit difficult multi-step authentication methods by offering a simplified approach of merely clicking on a link that associates and authenticates the user's device as being authorized by the user.

Claim 3:  The combination of Lindsay, Chua, and Douglas, teaches the server of claim 2.  Lindsay further teaches wherein the processor-executable instructions, when executed by the processor, further configure the processor to: receive, via the communications module and from the remote device of the authorized user, a signal indicating that the authorized user has been authenticated by the second institution; and in response to receiving the signal indicating that the authorized user has been authenticated, send the signal including the unique key and the identifier of the entity to the second institution (after accessing the system 302, the system obtains a user E1 304 intended to establish user credentials. The system compares E1 or components thereof to stored user access data in a database (not shown) to determine if E1 contains valid login data 306. If not, the access attempt is rejected 308. If the login data is valid (e.g., a recognized primary or secondary password associated with the provided user ID or other credentials), then the user entry E1 is evaluated to determine if it contains information regarding the security setting 310 indicative of a potential security problems (the security-related information may covertly indicate that the user is in an insecure setting, such as being observed by a third party or under duress, or using a computer that may be monitored by a hidden observer). If there is no indication of security problems or risks, the default settings for user access may be applied 312, which typically can be a full level of access [Lindsay, 0132, FIG. 8]).
 
Claim 4:  The combination of Lindsay, Chua, and Douglas, teaches the server of claim 3.  Lindsay further teaches wherein the signal indicating that the authorized user has been authenticated includes an identifier of the second institution (shared information 622A between the IRS 612A and the PIN Safety Service 608A includes user information (name, optionally address, birthdate, etc.), the user's Social Security number, the agency name or identifier associated with the agency, and the Limited-Use Social Security number (LUSSN) for use with that particular agency. Multiple agencies can be used (not shown), each with their own LUSSN for the user [Lindsay, 0157]).

Claim 12:  The combination of Lindsay and Chua, teaches the method of claim 11, authenticate the authorized user at the second institution (an authorizing agency database in communication with the authorizing agency server for linking user information with the Limited Use Credential and the one or more specified third parties [Lindsay, 0055]).  Lindsay does not teach further comprising: sending, via the communications module and to a remote device associated with the authorized user, a link which, when selected, directs the remote device to authenticate the authorized user.
However, Douglas teaches further comprising: sending, via the communications module and to a remote device associated with the authorized user, a link which, when selected, directs the remote device to authenticate the authorized user (where authentication data is transmitted in a push notification, the push notification may include a link to open a website, a mobile application, an authentication request notification, and/or an SMS message to input the authentication code and/or response. In the same manner, an SMS message, MMS message, e-mail, and the like may include a link to direct a customer to input the authentication data and/or authentication response for transmission to the customer authentication system 120 and/or customer authentication device 122 [Douglas, 0038]).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the security service that links multiple user accounts of multiple entities to a single associated user invention of the combination of Lindsay and Chua, to include a weblink that directs remote devices to authenticate said device feature of Douglas.
One would have been motivated to make this modification to simplify the process of authenticating a device by using a link that easily directs a user to an authentication service.  Such would limit difficult multi-step authentication methods by offering a simplified approach of merely clicking on a link that associates and authenticates the user's device as being authorized by the user.

Claim 13:  The combination of Lindsay, Chua, and Douglas, teaches the method of claim 12.  Lindsay further teaches further comprising: receiving, via the communications module and from the remote device of the authorized user, a signal indicating that the authorized user has been authenticated by the second institution; and in response to receiving the signal indicating that the authorized user has been authenticated, sending the signal including the unique key and the identifier of the entity to the second institution (after accessing the system 302, the system obtains a user E1 304 intended to establish user credentials. The system compares E1 or components thereof to stored user access data in a database (not shown) to determine if E1 contains valid login data 306. If not, the access attempt is rejected 308. If the login data is valid (e.g., a recognized primary or secondary password associated with the provided user ID or other credentials), then the user entry E1 is evaluated to determine if it contains information regarding the security setting 310 indicative of a potential security problems (the security-related information may covertly indicate that the user is in an insecure setting, such as being observed by a third party or under duress, or using a computer that may be monitored by a hidden observer). If there is no indication of security problems or risks, the default settings for user access may be applied 312, which typically can be a full level of access [Lindsay, 0132, FIG. 8]).
 
Claim 14:  The combination of Lindsay, Chua, and Douglas, teaches the method of claim 13.  Lindsay further teaches wherein the signal indicating that the authorized user has been authenticated includes an identifier of the second institution (shared information 622A between the IRS 612A and the PIN Safety Service 608A includes user information (name, optionally address, birthdate, etc.), the user's Social Security number, the agency name or identifier associated with the agency, and the Limited-Use Social Security number (LUSSN) for use with that particular agency. Multiple agencies can be used (not shown), each with their own LUSSN for the user [Lindsay, 0157]).

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SETH A SILVERMAN whose telephone number is (571)272-9783. The examiner can normally be reached Mon-Fri, 8AM-4PM MST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Adam Queler can be reached on (571) 272-4140. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/Seth A Silverman/Primary Examiner, Art Unit 2145