DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Amendment
This office action is in response to applicant’s amendment filed, 09 September 2022, of application filed, with the above serial number, on 19 February 2021 in which claims 1, 3-5, 7-9, 11-13, 15-17, and 20 have been amended. Claims 1-20 are pending in the application. 

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claim 3, 11, 19 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention. The claim recites “initiate, via the first communication channel, the access identifier request to the user in response to determining that the authorization level of the user meets the authorization requirement to reconfigure the access management protocol”, however, claim 1 from which claim 3 depends recites the initiate step of the same access identifier request, it is indefinite if the same step is being performed twice.
Claim 4, 12, 20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention. The claim recites ‘further configured to: initiate, via the preferred communication channel, the access reconfiguration protocol to the user, wherein initiating further comprises”. Claim 1 from which claim 4 depends recites such initiation already, further it is unclear which initiation ‘wherein initiating further comprises’ refers to.
Claim 7-8, 15-16 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention. It is indefinite if a generated user portfolio in cl. 7 is different from the added portfolio of cl. 1. Further it is not clear if the received initial access identifier the preferred comm. channel is integrated with the portfolio or used to trigger the initiation of the reconfig. protocol as the claim appears to suggest it doing both? Claim 7 recites the limitation "the one or more authentication credentials" in line 5. There is insufficient antecedent basis for this limitation in the claim.
The following is a quotation of 35 U.S.C. 112(d):
(d) REFERENCE IN DEPENDENT FORMS.—Subject to subsection (e), a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.

The following is a quotation of pre-AIA  35 U.S.C. 112, fourth paragraph:
Subject to the following paragraph [i.e., the fifth paragraph of pre-AIA  35 U.S.C. 112], a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.

Claims 8, 16 are rejected under 35 U.S.C. 112(d) or pre-AIA  35 U.S.C. 112, 4th paragraph, as being of improper dependent form for failing to further limit the subject matter of the claim upon which it depends, or for failing to include all the limitations of the claim upon which it depends.  The claim recites the attempt to reconfigure being unsuccessful if the match is not made, however, the independent claim recites a confirmation (successful) of the reconfiguration. Applicant may cancel the claim(s), amend the claim(s) to place the claim(s) in proper dependent form, rewrite the claim(s) in independent form, or present a sufficient showing that the dependent claim(s) complies with the statutory requirements.
 
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claim(s) 1-20 is/are rejected under 35 U.S.C. 102a1 as being anticipated by Jiron et al (hereinafter “Jiron”, 10,313,511).
As per Claim 1, Jiron discloses a system for enhanced reconfiguration of access management protocols, the system comprising: 
at least one non-transitory storage device (at least Fig. 2); and 
at least one processing device coupled to the at least one non-transitory storage device (at least Fig. 2), wherein the at least one processing device is configured to: 
electronically receive, via a first communication channel, a user request from a user to reconfigure an access management protocol (at least col. 10:40-67; control unit 38 may receive a request from the user device of the customer to review customer account access settings 46 for the account of the customer); 
initiate, via the first communication channel, an access identifier request to the user (at least col. 15:5-19; authentication methods include the last four digits of a customer's social security number (SSN-4), the customer's mother's maiden name, the last several transactions performed using at least one of the accounts of the customer, and a personal identification number (PIN). The actions field indicates a list of actions performed by either IVR systems 22 or agent desktop systems 24 to service the inbound call); 
electronically receive, via the first communication channel, an access identifier in response to the access identifier request (at least col. 15:5-19; authentication methods include the last four digits of a customer's social security number (SSN-4), the customer's mother's maiden name, the last several transactions performed using at least one of the accounts of the customer, and a personal identification number (PIN). The actions field indicates a list of actions performed by either IVR systems 22 or agent desktop systems 24 to service the inbound call); 
retrieve, from a user portfolio, a preferred communication channel associated with the user request to reconfigure the access management protocol (at least col. 10:40-11:24; 3:31-38; 14:11-21; For example, customer account access settings 46 for a given account of the customer may include a status (e.g., enabled or disabled) of each of a plurality of different types of authentication methods to access the given account via contact center 12. Customer account access settings 46 for the given account may include a switch by which the customer may require two-factor authentication to access the given account via contact center 12. In addition, customer account access settings 46 for the given account may include a white list of approved phone numbers for calls into contact center 12 attempting to access the given account; Contact center 12 may be especially useful for those customers that prefer to speak to a live person when resolving service issues or that feel more comfortable sharing personal information over a voice channel than an online channel (e.g., website, email, or mobile application); Customer profiles 62 may be generated based on customer base information learned from CRM system 26. Customer profiles 62 may identify multiple different accounts, phone numbers (i.e., ANIs), or other touchpoints that resolve to the same user. In addition, customer profiles 62 may include customer behavior and preferences with respect to authentication and accessing accounts via contact center 12);
initiate, via a preferred communication channel, an access reconfiguration protocol to the user to confirm the user request to reconfigure the access management protocol (at least col. 10:62-11:24; 3:31-38; 14:11-21; UI unit 42 may send data representative of a user interface used to present and receive the changes to customer account access settings 46 for the account of the customer to the user device of the customer via interfaces 34. Through the user interface, the customer may modify customer account access settings 46 for the given account of the customer); 
electronically receive, via the preferred communication channel, a user confirmation to reconfigure the access management protocol in response to the access reconfiguration protocol (at least col. 10:62-11:24; control unit 38 may be configured to update the customer credentials stored in CRM system 26 for the given account of the customer based on the changes to customer account access settings 46); and 
implement one or more actions to initiate the reconfiguration of the access management protocol in response to receiving the user confirmation (at least Fig. 5; col. 10:62-11:24; control unit 38 may be configured update the customer credentials stored in CRM system 26 for the given account of the customer based on the changes to customer account access settings 46. In this way, the front-end systems, e.g., IVR systems 22 or agent desktop systems 24, performing authentication of the subsequent calls into contact center 12 based on the customer credentials accessible from CRM system 26 may apply the appropriate restrictions on accessing the given account of the customer via contact center 12. In other examples, control unit 38 may be configured to provide customer account access settings 46 for the given account of the customer to the front-end systems in response to requests from the front-end systems to lookup customer account access settings 46 for the given account).
As per Claim 2. The system of claim 1, wherein the at least one processing device is further configured to: initiate, via the first communication channel, an authentication request to the user in response to the user request; electronically receive, via the first communication channel, one or more authentication credentials associated with the user in response to the authentication request; and validate the one or more authentication credentials to verify an identity of the user (at least col. 9:26-40; call entry unit 44 may generate each entry in the call history for the given customer to include the date and time at which the call was placed into context center 12, a phone number from which the call was placed (i.e., the Automatic Number Identification (ANI) for the caller), an account type or number of the customer, an authentication method used to access the identified account; col. 7:21-41; authentication of a user may be performed by either an authentication IVR program provided by one of IVR systems 22 or any of the human agents at agent desktop systems 24 based on customer credentials accessible from CRM system 26 and/or contact center control system 18).
As per Claim 3. The system of claim 2, wherein the at least one processing device is further configured to: determine an authorization level of the user based on at least the one or more authentication credentials; determine an authorization requirement associated with the user request to reconfigure the access management protocol; determine that the authorization level of the user meets the authorization requirement to reconfigure the access management protocol; and initiate, via the first communication channel, the access identifier request to the user in response to determining that the authorization level of the user meets the authorization requirement to reconfigure the access management protocol (at least col. 10:13-67; various settings that the user can enable or disable such that based on the user being authenticated, the user may be calling from a white list of approved phone numbers attempting to access the account and being granted access).
As per Claim 4. The system of claim 1, wherein the at least one processing device is further configured to: initiate, via the preferred communication channel, the access reconfiguration protocol to the user, wherein initiating the access reconfiguration protocol further comprises: transmitting a notification to the user indicating the user request to reconfigure the access management protocol; initiating a confirmation input for the user request to reconfigure the access management protocol; and electronically receiving a user input confirming the user request to reconfigure the access management protocol in response to the confirmation input (at least Fig. 5; col. 16:1-58; eg. user entering UI displayed in Fig. 5, viewing the status of an auth. method, changing a setting from enabled to disabled, notifying the user of a ‘Disabled’ status for the authentication method and clicking on Submit 88).
As per Claim 5. The system of claim 1, wherein the access identifier comprises a unique personal identification number (PIN) associated with the user (at least col. 15:5-19; authentication methods include the last four digits of a customer's social security number (SSN-4), the customer's mother's maiden name, the last several transactions performed using at least one of the accounts of the customer, and a personal identification number (PIN). The actions field indicates a list of actions performed by either IVR systems 22 or agent desktop systems 24 to service the inbound call).
As per Claim 6. The system of claim 1, wherein the at least one processing device is further configured to: receive a request from the user to establish the access management protocol, wherein the access management protocol is used to allow the user to access one or more resources; and initiate a user onboarding protocol in response to receiving the request from the user to establish the access management protocol (at least col. 3:21-38; using the method of claim 1 via the contact center to establish or change the authentication method for a new customer; Contact center 12 includes several disparate computing systems configured to handle customer service inquiries focused on customer accounts with the organization, i.e., servicing existing accounts and opening new accounts. In some examples described in this disclosure, contact center 12 may be a contact center of a bank or other financial institution. Contact center 12 may be especially useful for those customers that prefer to speak to a live person when resolving service issues or that feel more comfortable sharing personal information over a voice channel than an online channel (e.g., website, email, or mobile application). Contact center 12 may also provide certain services that may not be available via online channels, such as opening new accounts with the organization).
As per Claim 7. The system of claim 6, wherein the at least one processing device is further configured to: implement the user onboarding protocol, wherein implementing further comprises: generating a user portfolio; receiving the one or more authentication credentials from the user; integrating the one or more authentication credentials received from the user with the user portfolio; receiving an initial access identifier from the user, wherein the initial access identifier is used to trigger the initiation of the access reconfiguration protocol and the reconfiguration of the access management protocol; receiving the preferred communication channel from the user to be used to reconfigure the access management protocol (at least col. 10:40-11:24; 3:31-38; 14:11-21; For example, customer account access settings 46 for a given account of the customer may include a status (e.g., enabled or disabled) of each of a plurality of different types of authentication methods to access the given account via contact center 12. Customer account access settings 46 for the given account may include a switch by which the customer may require two-factor authentication to access the given account via contact center 12. In addition, customer account access settings 46 for the given account may include a white list of approved phone numbers for calls into contact center 12 attempting to access the given account; Contact center 12 may be especially useful for those customers that prefer to speak to a live person when resolving service issues or that feel more comfortable sharing personal information over a voice channel than an online channel (e.g., website, email, or mobile application); Customer profiles 62 may be generated based on customer base information learned from CRM system 26. Customer profiles 62 may identify multiple different accounts, phone numbers (i.e., ANIs), or other touchpoints that resolve to the same user. In addition, customer profiles 62 may include customer behavior and preferences with respect to authentication and accessing accounts via contact center 12); and integrating the initial access identifier and the preferred communication channel with the user portfolio (at least col. 4:12-26; customer profile associated with customer account having contact center 12 may comprise one or more data centers including a plurality of servers configured to provide account services interconnected with a plurality of databases and other storage facilities in which customer credentials, customer profiles, and customer accounts are stored; col. 13:66-14:21; Customer profiles 62 may be generated based on customer base information learned from CRM system 26. Customer profiles 62 may identify multiple different accounts, phone numbers (i.e., ANIs), or other touchpoints that resolve to the same user. In addition, customer profiles 62 may include customer behavior and preferences with respect to authentication and accessing accounts via contact center 12. In some examples, customer profiles 62 maintained by event log system 28 may be updated based on changes to account access settings received from customers via contact center control system 18).
As per Claim 8. The system of claim 7, wherein the at least one processing device is configured to: determine that the access identifier received from the user does not match the initial access identifier associated with the user portfolio; and initiate, via the preferred communication channel, a notification of an unsuccessful attempt to reconfigure the access management protocol to the user based on at least determining that the access identifier received from the user does not match the initial access identifier associated with the user portfolio (at least col. 9:41-61; Control unit 38 may send a notification that includes the data representative of the call history to the user device of the customer on a periodic basis, e.g., once per week, once per month, or the like. In one scenario, the notification may be in the form of an email, text, or other communication that includes a link to the organization's website through which the customer may login and view the call history. In another scenario, the notification may be embedded within an application, such as a mobile banking application, running on the customer's user device in the form of a push notification or an in-app reminder that appears upon opening the application. In this scenario, the customer may be able to login and view the call history directly in the application. The call history notification settings may be configurable by the customer via the customer account access settings 46).
Claims 9-20 do not, in substance, add or define any additional limitations over claims 1-8 and therefore are rejected for similar reasons, supra. Claims 9-16 recite corresponding product claims to claims 1-8. Claims 17-20 recite corresponding method claims to claims 1-4.

Response to Arguments
Applicant's arguments filed 09 September 2022 have been fully considered but they are not persuasive.
The 112 Rejections above are still outstanding and have not been fully addressed by way of amendment. The dependent claims appear to need amending to resolve antecedent basis issues.
Applicant argues, in substance, that Jiron does not disclose the amended limitation of claim 1, namely: 
retrieve, from a user portfolio, a preferred communication channel associated with the user request to reconfigure the access management protocol 
Thus, the claim has been amended to recite retrieving a ‘preferred communication channel’ from a ‘user portfolio’. The specification outlines:
[0051] “In some embodiments, the user portfolio may be a directory of stored user records, applicable settings, access management protocols, information associated with the user, associated authentication credentials, and/or the like.”
[0049] “Examples of communication channels may include face-to-face communication, broadcast media, mobile channels, electronic communication (e.g., email, Internet, intranet, social media platforms, and/or the like), and/or written communication.”
[0055] “during the user onboarding process, the user may indicate, as part of the access management protocol, a preferred communication channel, should the user request reconfiguration of the access management protocol at any time during an existing relationship with the entity.”
Thus, within the scope of the terminology of the specification the claim has been amended to
retrieve, from a user portfolio [user settings]/[information associated with the user], a preferred communication channel [user defined communication method such as email or mobile voice] associated with the user request to reconfigure the access management protocol
Jiron discloses, see at least col. 10:40-11:24, that the user can enable or disable different authentication and communication methods that the user wishes to use for accessing the customer account settings. Jiron uses an example of “Customer account access settings 46 for the given account may include a switch by which the customer may require two-factor authentication to access the given account via contact center 12.” Jiron further teaches why the user enables or disables certain authentication and communication methods by teaching in col. 3:31-38 that “Contact center 12 may be especially useful for those customers that prefer to speak to a live person when resolving service issues or that feel more comfortable sharing personal information over a voice channel than an online channel (e.g., website, email, or mobile application).” Finally, Jiron teaches in col. 14:11-21 “Customer profiles 62 may be generated based on customer base information learned from CRM system 26. Customer profiles 62 may identify multiple different accounts, phone numbers (i.e., ANIs), or other touchpoints that resolve to the same user. In addition, customer profiles 62 may include customer behavior and preferences with respect to authentication and accessing accounts via contact center 12.”
Thus, Jiron clearly teaches that the user/customer has preferences regarding certain methods of communications that are enabled by the user and stored in a profile/portfolio and used to communicate with the user when the user is trying to reconfigure security settings of their accounts.	

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to GREGORY TODD whose telephone number is (303)297-4763. The examiner can normally be reached 8:30-5 MST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Nicholas Taylor can be reached on 571-272-3889. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/GREGORY TODD/Primary Examiner, Art Unit 2443