DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 

Allowable Subject Matter
Claims 1-20 are allowed.
The following is an Examiner’s statement of reasons for allowance: 
Applicant’s claims presented on 08/05/2020 constitute the basis for the reasons of allowance as the current prior art of record, considered individually or in combination, fails to teach or reasonably suggest the claimed features of claims 1, 8, and 15 structurally and functionally interconnected with other limitations in the manner as cited in the claims and dependent claims. Examiner notes that the current invention as disclosed in the independent claims is allowed in its entirety.  Each and every limitation working together in concert realizes the current claimed invention’s novelty.  No single limitation alone accomplishes the allowability of the inventive independent claim(s), rather each and every limitation of the claim(s) and their disclosed relationships are integral.  

None of the references, either singularly or in combination, teach or fairly suggest a system, comprising: a secure server configured to host one or more secure applications; and
a first user device comprising: a camera operable to capture a first image of a first user of the user device; and a processor communicatively coupled to the camera and configured to:
following a request for access to the secure server by the first user, receive a challenge-response message, following receipt of the challenge-response message, prompt the first user of the first user device to operate the camera to capture the first image of the first user, wherein the first image comprises an image of at least a portion of a face of the first user; receive a second image of a second user of a second user device and an authentication result determined by the second user device, wherein the second image comprises an image of at least a portion of a face of the second user, wherein the authentication result indicates that the face of the second user included in the second image corresponds to a face of an authorized administrator of the secure server; determine, using facial recognition, that the face of the first user included in the first image corresponds to a face of an authorized user of the secure server; generate a response to the challenge-response message, wherein: if both the face of the first user corresponds to the face of the authorized user of the secure server and the authentication result indicates that the face of the second user corresponds to the face of the authorized administrator of the secure server, the response indicates the first user is authorized to access the secure server; and if one or both of the face of the first user does not correspond to the face of the authorized user of the secure server and the authentication result indicates that the face of the second user does not correspond to the face of the authorized administrator of the secure server, the response indicates the first user is not authorized to access the secure server; and provide the response.

U.S. Patent Application Publication 2020/0314104 A1 to Achyuth et al. discloses system 102 that communicates with other computing devices via one or more networks 112, including a first device 104 operated by a first user 106 and a second device 108 operated by a second user 110. System 102 may receive (step 114) a request for access to data (e.g., a file) by the first device 104 operated by the first user 106. Upon receiving an access request, the system 102 may determine (step 116) that an identity of one or more additional individuals (e.g., the second user 110) needs to be authenticated to allow access to the file (or other data) by the first device 104. System 102 may evaluate one or more records associated with the file (or other data) identified in the received access request to determine whether those records indicate authentication by any additional individuals is required. If it is determined by the system 102 that authentication by an additional user is not required, then access to the file (or other data) may be provided without requiring any action by another user. If, on the other hand, examination of the records indicate that authentication by one or more additional individuals (e.g., the second user 110 or one or more members of a delegate group) is required, then an authentication process may be invoked (step 118) to authenticate the identity of such individual(s) prior to allowing access to the file or other data by the first device 104. As a result of the authentication process that was invoked at the step 118, the system 102 may determine (step 120) that the identity of the second user 110 (and possibly one or more additional individuals in a delegate group) has been authenticated and, based at least in part on that determination, may provide (step 122) access to the file or other data by the first device 104.

U.S. Patent Application Publication 2022/0046009/A1 to Bronstein (commonly assigned to Bank of America) discloses method 700 of multi-person authentication. The method 700 may be implemented using the requesting user device 102 a,b of FIGS. 1, 2A-C, and 6. The method 700 may begin at step 702 where a request 106 for access to the secure server 108 is sent. At step 704, the requesting device 102 a,b (which may be the same device 102 a,b that sent the request 106 at step 702 or a different device 102 a,b) receives a challenge-response message 130. At step 706, the requesting device 102 a,b receives security credentials for beginning multi-person authentication operations. At step 708, the requesting device 102 a,b determines if the received security credentials are authenticated. For example, the requesting device 102 a,b may use the authentication instructions 614 to determine if the security credentials received at step 706 match predefined credentials for the user 104. If the security credentials are not authenticated at step 708, the method 700 generally ends. Otherwise, if the security credentials are authenticated at step 708, the requesting device 102 a,b proceeds to step 710. At step 710, the requesting device 102 a,b captures an image 224 of the requesting user 104 and receives an image 222 of the confirming user 136 a,b at the same time (see FIGS. 2B-2C). At step 712, the requesting device 102 a,b receives an image 222 (e.g., image 532 of FIG. 3B) of the confirming user 136 a,b. At step 714, the images 222 and 224 of the confirming user 136 a,b and requesting user 104 may be presented on the display of the device 102 a,b. For example, images 222, 224 may be presented in different portions of the display 204 of the device 102 a,b, as illustrated in FIG. 2B. At step 716, the requesting device 102 a,b uses facial recognition to identify the requesting user 104 based on image 224. For example, in cases where facial recognition is performed by the both the requesting user device 102 a,b and the confirming user device 134 a,b, the requesting device 102 a,b may use the facial recognition instructions 610 to identify user 104 and receive authentication results from device 134 a,b regarding whether the confirming user 136 a,b is authenticated. The facial recognition instructions 610 may be used to identify the user 104 based on a comparison of his/her corresponding image 224 (see FIGS. 2B and 2C) to previously obtained images of the user 104. At step 718, the requesting device 102 a,b determines, based on the results of facial recognition at step 716, if both users 104 and 136 a,b are confirmed to be authorized users and/or administrators. At step 720, the requesting device 102 a,b generates a verification response 138 that indicates that the user 104 should be granted access to the secure server 108. At step 722 the verification response 138 is sent to the multi-person authentication server 124 described above with respect to FIGS. 1, 4, and 5. After the verification response 138 is sent, the user device 102 a,b may access the secure server 108 at step 724. For example, the requesting device 102 a,b may access requested data 110 and/or application(s) 112, such that the user 104 may view requested data 110 and/or use requested application(s) 112.

However, none of the above teach or fairly suggest the system and associated with it the method as claimed.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ABHISHEK SARMA whose telephone number is (571)272-9887.  The examiner can normally be reached on Mon - Fri 8:00-5:00.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Alexander Eisen can be reached on 571-272-7687.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/ABHISHEK SARMA/

Primary Examiner, Art Unit 2622