DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This written action is responding to the amendment dated July 28, 2022.
In the amendment dated July 28, 2022, claims 1-2, 6 and 11-12 have been amended, 15 has been canceled.
Claims 1-14 are allowed.
Priority

This 371 application filed on November 24, 2020 claims priority of PCT application PCT/KR2019/005729 filed on May 13, 2019. This application also claims priority of a foreign application KR10-2019-00080005 filed on January 22, 2019. This application also claims priority of a foreign application KR10-2018-0062943 filed on May 31, 2018.

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below.  Should the changes and/or additions be unacceptable to Applicant, an amendment may filed as provided by 37 CFR 1.312.  To ensure consideration of such an amendment, it MUST be submitted no later than the payment of issue fee.
Authorization for this examiner’s amendment was given in a telephone interview with Mr. John F. Gallagher, III of registration number 47,234, on August 15, 2022.  During the telephone conference, Mr. Gallagher has agreed and authorized the examiner to further amend Claims 1-14 on the amendment dated July 28, 2022.

Claims

Replacing Claims 1-14 of the amendment dated July 28, 2022 with the following:

Claims:

1. 	A method for controlling a system including an electronic device, a first server, and a second server, the method comprising: 
obtaining, by the electronic device, first biometric information;
obtaining, by the electronic device, first encrypted data, in which the first biometric information is encrypted, by using the obtained first biometric information and a first encryption key, and transmitting the obtained first encrypted data to the first server;
obtaining, by the first server, second encrypted data, in which the first encrypted data is encrypted, by using the first encrypted data received from the electronic device and a second encryption key, and first user identification information corresponding to the first biometric information, and transmitting same to the second server; 
matching, by the second server, the second encrypted data received from the first server and first user identification information corresponding to the first biometric information and storing same based on transmitting a request for confirming whether the first user identification information corresponds to the second encrypted data to a user terminal device corresponding to the first user identification information;
obtaining, by the second server, authentication information based on the matched second encrypted data and the first user identification information and transmitting same to the first server; and
registering, by the first server, the authentication information about the first biometric information to indicate that second encrypted data and the first user identification are authenticated for a service.
2. 	The method of claim 1, wherein the system further comprises a third server providing a service, and the method comprising:
based on receiving, by the first server, a biometric information registration command for using a service of the third server, transmitting, by the first server, the authentication information and biometric information issuance request information to the third server;
checking, by the third server, validity of the received authentication information;
based on the received authentication information being valid, transmitting, by the third server, the authentication information and the biometric information issuance request information to the second server;
transmitting, by the second server, the second encrypted data corresponding to the authentication information and the first user identification information to the third server; and
registering, by the third server, the second encrypted data received from the second server and the first user identification information.

3. 	The method of claim 2, comprising: 
obtaining, by the electronic device, second biometric information;
based on a command for inputting biometric information for performing a service being input, obtaining, by the electronic device, third encrypted data, in which the first biometric information is encrypted, by using the obtained second biometric information and a first encryption key, and transmitting same to the first server;
obtaining, by the first server, fourth encrypted data, in which the third encrypted data is encrypted, by using the third encrypted data received from the electronic device and a second encryption key and transmitting same to the third server; 
identifying, by the third server, whether encrypted data corresponding to the received fourth encrypted data is present in the third server; and
based on the encrypted data corresponding to the fourth encrypted data being present in the third server, performing, by the third server, a service corresponding to a command for inputting biometric information to perform the service.

4. 	The method of claim 3, wherein the identifying whether the encrypted data corresponding to the fourth encrypted data is present in the third server comprises:
comparing, by the third server, a plurality of encrypted data stored in the third server with the received fourth encrypted data and identifying whether encrypted data including biometric information corresponding to the second biometric information is present. 

5. 	The method of claim 3, wherein the obtaining, by the first server, the fourth encrypted data and transmitting same to the third server comprises: 
matching the fourth encrypted data and second user identification information corresponding to the second biometric information and transmitting same to the third server. 

6. 	The method of claim 5, wherein the identifying whether encrypted data corresponding to the fourth encrypted data is present in the third server comprises: 
obtaining, by the third server, identification information that is same as the second user identification information among a plurality of user identification information stored in the third server; and
by comparing the fourth encrypted data and the encrypted data matched with the user identification information that is the same as the second user identification information, identifying whether the second biometric information is the same as the biometric information corresponding to the user identification information that is the same as the second user identification information.

7. 	The method of claim 3, wherein: 
the obtaining the third encrypted data and transmitting same to the first server comprises transmitting, to the first server, a message authentication code along with the third encrypted data,
the obtaining the fourth encrypted data and transmitting same to the third server comprises transmitting, to the third server, the message authentication code received from the electronic device along with the fourth encrypted data,
wherein the controlling method comprises identifying, by the third server, validity of the fourth encrypted data based on the message authentication code received from the first server.

8. 	The method of claim 3, wherein the identifying whether the encrypted data is present in the third server comprises identifying encrypted data corresponding to the fourth encrypted data without decrypting the fourth encrypted data and a plurality of encrypted data stored in the third server. 

9. 	The method of claim 1, wherein the first user identification information is obtained by the first server. 

10. 	The method of claim 2, wherein:
the obtaining, by the second server, authentication information and transmitting same to the first server comprises obtaining the authentication information corresponding to the matched second encrypted data and the first user identification information based on a signature value of the second server, and
checking, by the third server, validity of the received authentication information comprises identifying validity of the authentication information based on the signature value.

11. 	A system comprising:
an electronic device comprising a hardware processor, the hardware processor configured to obtain, via a communicator, first biometric information and first encrypted data, in which the first biometric information is encrypted, by using the obtained first biometric information and a first encryption key;
a first server configured to receive the first encrypted data from the electronic device and obtain second encrypted data, in which the first encrypted data is encrypted, by using the first encrypted data and a second encryption key and first user identification information corresponding to the first biometric information; and
a second server configured to receive the second encrypted data from the first server, obtain authentication information based on the second encrypted data, and transmit the authentication information to the first server,
wherein the second server is further configured to:
match the second encrypted data received from the first server and first user identification information corresponding to the first biometric information and store same based on transmitting a request for confirming whether the first user identification information corresponds to the second encrypted data to a user terminal device corresponding to the first user identification information; and
obtain authentication information based on the matched second encrypted data and the first user identification information and transmitting same to the first server, and
wherein the first server is further configured to register the authentication information received from the second server as the authentication information with respect to the first biometric information to indicate that second encrypted data and the first user identification are authenticated for a service.
12. 	The system of claim 11, wherein: 
the system further comprises a third server providing a service, 
the first server is configured to receive a biometric information registration command for using a service of the third server and transmit the authentication information and biometric information issuance request information to the third server,
the third server is configured to check validity of the received authentication information, and based on the received authentication information being valid, transmit the authentication information and the biometric information issuance request information to the second server,
the second server is configured to transmit the second encrypted data corresponding to the authentication information received from the third server and the first user identification information to the third server, and
the third server is configured to register the second encrypted data received from the second server and the first user identification information.

13. 	The system of claim 12, wherein:
the electronic device is configured to obtain, by the electronic device, second biometric information, based on a command for inputting biometric information for performing a service being input, obtain third encrypted data, in which the first biometric information is encrypted, by using the obtained second biometric information and a first encryption key, and transmit same to the first server,
the first server is configured to obtain fourth encrypted data, in which the third encrypted data is encrypted, by using the third encrypted data received from the electronic device and a second encryption key and transmit same to the third server,
the third server is configured to identify whether encrypted data corresponding to the received fourth encrypted data is present in the third server, and 
based on the encrypted data corresponding to the fourth encrypted data being present in the third server, perform a service corresponding to a command for inputting biometric information to perform the service.

14. 	The system of claim 13, wherein the third server is configured to compare a plurality of encrypted data stored in the third server with the received fourth encrypted data and identify whether encrypted data including biometric information corresponding to the second biometric information is present. 

15. 	(Cancelled) 

Allowable Subject Matter
Claims 1-14 are allowed.

Examiner’s Statement of Reasons for Allowance
The following is an examiner’s statement of reasons for allowance:
Independent claim 1 is allowable based on the amendment presented in the request for amendment dated on July 28, 2022 and the examiner’s amendment dated on August 19, 2022.
Specifically, the independent claim 1 now recites limitations as follows:
“A method for controlling a system including an electronic device, a first server, and a second server, the method comprising: 
obtaining, by the electronic device, first biometric information;
obtaining, by the electronic device, first encrypted data, in which the first biometric information is encrypted, by using the obtained first biometric information and a first encryption key, and transmitting the obtained first encrypted data to the first server;
obtaining, by the first server, second encrypted data, in which the first encrypted data is encrypted, by using the first encrypted data received from the electronic device and a second encryption key, and first user identification information corresponding to the first biometric information, and transmitting same to the second server; 
matching, by the second server, the second encrypted data received from the first server and first user identification information corresponding to the first biometric information and storing same based on transmitting a request for confirming whether the first user identification information corresponds to the second encrypted data to a user terminal device corresponding to the first user identification information;
obtaining, by the second server, authentication information based on the matched second encrypted data and the first user identification information and transmitting same to the first server; and
registering, by the first server, the authentication information about the first biometric information to indicate that second encrypted data and the first user identification are authenticated for a service”.
The cited reference Yasuda et al. (US PGPUB. # US 2016/0182226) discloses a personal computer (PC) or a smart phone, for example, and is a terminal device from which user's biological information is registered and matched in the authentication system 1. Before registering or matching biological information, the terminal device 10 acquires user's biological information, and encrypts the acquired biological information with homomorphic encryption, and transmits the encrypted biological information to the calculation server 100. Illustrated in the embodiment is an example in which palm veins are acquired as user's biological information, but the biological information may be a finger print, as another example, without any limitation. The terminal device 10 collects the user's biological information using a sensor not illustrated, for example, and generates a feature vector A as feature information based on the collected biological information (S20). The terminal device 10 then generates (converts) an ascending order polynomial (Pm.sub.1(A)) for the generated feature vector A. The terminal device 10 then homomorphically encrypts the polynomial Pm.sub.1(A) using an algorithm enabled for Hamming distance (secrecy distance) calculation with encrypted information, e.g., using a public key of homomorphic encryption (S21). The terminal device 10 then transmits the homomorphically encrypted data E(Pm.sub.1(A)) to the calculation server 100. When the homomorphically encrypted data E(Pm.sub.1(A)) is received from the terminal device 10, the calculation server 100 stores the data E(Pm.sub.1(A)) in a database, for example, as user's registered information (S22). This user's registered information is sometimes referred to as a template in the field of biometric authentication. (Fig. 1, ¶37-¶39). o match biological information, the terminal device 10 generates a feature vector B based on the biological information acquired in the same manner as when the template is registered, as a piece of feature information (S30). The terminal device 10 then generates a descending order polynomial (Pm.sub.2(B)) from the generated feature vector B (converts the generated feature vector B). The terminal device 10 then homomorphically encrypts the generated polynomial Pm.sub.2(B) using an algorithm enabled for Hamming distance (secrecy distance) calculation with the polynomials encrypted, e.g., using a public key of the homomorphic encryption (S31). The terminal device 10 then transmits the homomorphically encrypted data E(Pm.sub.2(B)) to the calculation server 100. When the data E(Pm.sub.2(B)) is received from the terminal device 10, the calculation server 100 calculates a Hamming distance between the data E(Pm.sub.2(B)) and the data E(Pm.sub.1(A)) stored as the registered information, with these pieces of data encrypted (S32). The result of the Hamming distance calculation is transmitted to the authentication server 200 where the secret key of the homomorphic encryption is located. When the result of the Hamming distance calculation is received from the calculation server 100, the authentication server 200 decrypts the result using the secret key of the homomorphic encryption, and compares a plaintext that is the Hamming distance resultant of the decryption with a preset threshold. In this comparison, if the Hamming distance that is the plaintext is smaller than the threshold, the authentication server 200 transmits OK as a result of matching, meaning that the authentication has succeeded, to the terminal device 10. If the Hamming distance that is the plaintext is equal to or larger than the threshold, the authentication server 200 transmits NG as a result of matching, indicating that the authentication has failed, to the terminal device 10 (S33). (Fig. 1, ¶40-¶42).
The reference by Mingjie Dong (WIPO PUB. # WO 2018/059544) discloses, the biometric information management server stores a correspondence table of "service-user identification information-biometric information" and biometric information of the registered users corresponding to different services. The identification information of the user may specifically be one or more of a user name, a name, an email address, a mobile phone number, an employee number, and an ID number. 204. (Page 9, Lines 11-15). The service server obtains a second verification result according to the second biometric information and the response of the authentication request, and performs authentication on the to-be-authenticated service according to the first verification result and the second verification result. And determining, in the case that the first verification result matches the second verification result, that the authentication to be authenticated is passed. Specifically, after acquiring the second biometric information from the biometric information management server, the service server may use the same key generation algorithm as the mobile terminal side (ie, the key generation algorithm corresponding to the to-be-authenticated service), according to the second biometric The feature information generates the key information, and then uses the applicable algorithm to obtain the second verification result according to the key information and the response of the authentication request, if the first verification result obtained by the mobile terminal side and the second verification result obtained by the service server side are If the matching is performed, the service server can determine that the user is a legitimate user, and the authentication of the service to be authenticated is passed, and the mobile terminal is allowed to perform the service process of the service to be authenticated; otherwise, the service server determines that the user is an illegal user, and the authentication of the service to be authenticated does not pass. (Page 9, Lines 37-46).
Cheon et al. (US PGPUB. # US 2019/0349362) discloses, a computer-implemented method for authenticating secret information according to an aspect of the present disclosure, comprises receiving, by an authentication server, Q{right arrow over (X)} from a terminal for registering secret information; storing, by the authentication server, the received Q{right arrow over (X)}; receiving, by the authentication server, a vector {right arrow over (Z)} from a terminal for requesting authentication of secret information; calculating, by the authentication server, the inner product of Q{right arrow over (X)} and {right arrow over (Z)}; calculating, by the authentication server, ½(n−the inner product); and determining, by the authentication server, that the authentication is successful if ½(n−the inner product) is within a predetermined value and that the authentication fails otherwise. (Abstract).
Sakemi et al. (US PGPUB. # US 2017/0104752) discloses, a method of processing a ciphertext, the method includes: acquiring a part of a plurality of encrypted elements included in the ciphertext, each of the plurality of encrypted elements being an encrypted element in which values of a plurality of elements in a multidimensional determination target vector are respectively encrypted by homomorphic encryption; decrypting the acquired part of the plurality of encrypted elements; and determining validity of the determination target vector based on a relationship between at least one value obtained by the decrypting and both of 0 and 1. (Abstract).
Cho et al. (US PGPUB. # US 2017/0017963) discloses, an electronic device includes a communication module configured to communicate with an external device, a biometric authentication module configured to perform biometric authentication, and a processor. The processor is configured to obtain biometric information of a user of the electronic device if a payment request is received, perform biometric authentication using the biometric information, send information associated with the biometric authentication to a first server located outside the electronic device, receive a session key, corresponding to the biometric authentication, from a second server located outside the electronic device, and send the session key and a payment token request to a third server located outside the electronic device. (Abstract).
Shimoyama et al. (US PGPUB. # US 2015/0207630) discloses, a non-transitory computer-readable recording medium stores an information processing program that causes a computer to execute a process including, generating feature information based on organism information of a user; calculating a first cryptogram based on a logical operation of the feature information generated and a random number; and encrypting the first cryptogram into a second cryptogram by using a cryptographic algorithm capable of calculating a Hamming distance in an encrypted state. (Abstract).
BONASTRE JEAN-FRANCOIS (WIPO PUB. # WO 2012/153030) discloses, a method of biometric authentication of a user implementing at least one item of equipment 1 of the user and a biometric authentication server 2, according to which the server: receives 110 an identifier of the user; recovers 111, on the basis of the identifier, a double-encrypted binary biometric vector 7, previously stored in the server, and a public key 51; decrypts 112, with the aid of the public key, the double-encrypted binary biometric vector so as to generate a first single-encrypted biometric vector 61; receives 113 a second single-encrypted binary biometric vector 62 originating from the item of equipment of the user; compares 114 the first and second single-encrypted binary biometric vectors; and decides 115, as a function of a result of the comparison, whether to authenticate the user. The invention also relates to a server and a system 30 for biometric authentication. (Abstract).
However, each of the cited references or reference from the updated search, at least, fails to teach or suggest the limitations regarding “………matching, by the second server, the second encrypted data received from the first server and first user identification information corresponding to the first biometric information and storing same based on transmitting a request for confirming whether the first user identification information corresponds to the second encrypted data to a user terminal device corresponding to the first user identification information; obtaining, by the second server, authentication information based on the matched second encrypted data and the first user identification information and transmitting same to the first server…”, in combination with the rest of the limitations recited in the independent claim(s).

None of the previous cited prior art references or reference(s) from the updated search yield any specific references that would reasonably, either singularly or in combination with previous cited reference, result a reasonable and proper rejection for each of the cited feature limitations of the independent claim 1 under 35 U.S.C. 102 or 35 U.S.C. 103 with proper motivation.
Claims 11 is a system claim of above method claim 1 and therefore, it is also allowed.
Claims 2-10 depend on the allowed claim 1, and therefore, they are also allowed.
Claims 12-14 depend on the allowed claim 11, and therefore, they are also allowed.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled "Comments on Statement of Reasons for Allowance".

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DARSHAN I DHRUV whose telephone number is (571)272-4316. The examiner can normally be reached M-F 9:00 AM-5:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 571-272-8878. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/DARSHAN I DHRUV/Primary Examiner, Art Unit 2498