DETAILED ACTION
Continued Examination Under 37 CFR 1.114
1.            A request for continued examination (“RCE”) under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 10/20/2022 has been entered. 
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Acknowledgements
The Examiner notes that citations to US Patent Application Publication paragraphs are formatted as [####], #### representing the paragraph number.
This communication is in response to claim amendments and applicant’s remarks filed on 10/20/2022.
Claims 1, 8, 9, 12, and 18 have been amended.
No claims have been added or canceled.
Claims 1-20 are pending and are presented for examination on the merits.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103(a) are summarized as follows:
1.	Determining the scope and contents of the prior art.
2.	Ascertaining the differences between the prior art and the claims at issue.
3.	Resolving the level of ordinary skill in the pertinent art.
4.	Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claim(s) 1-8, 10-18, and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Trelin (US 20210035666), in view of Li (CN 108092991), further in view of Hassan (US 20200151431).
Regarding claim(s) 1, Trelin discloses:
          receiving first biometric data associated with a user (By disclosing, “a biometric data 1010A may be captured” ([0135] and Fig. 10 of Trelin)); 
          generating one or more first biometric templates based on the first biometric data using a digital rights management (DRM) platform (By disclosing, “the electronic device may generate one or more of the first biometric template or the second biometric template from a biometric” ([0150] of Trelin); and the identification system device [(DRM platform)] is the electronic device ([0090] of Trelin)); 
            transmitting the one or more first biometric templates to the one or more requestors using the DRM (By disclosing, “the first system device 102 may be configured to communicate with the identification system device 101 to identify a person using a biometric template of a first type, retrieve a biometric template of a second type that is associated with the identity and used by the second system device 103 from the identification system device 101, and communicate the biometric template of the second type to the second system device 103 [(requestor)] as part of a records request” ([0060] of Trelin));
            wherein the one or more first biometric templates are configured to be compared to one or more second biometric templates (By disclosing, “the at least one processing unit performs biometric template translation in order to compare the first biometric template to the second biometric template” ([0009] of Trelin)); and 
            wherein the one or more second biometric templates are configured to be generated using the DRM platform based on second biometric data associated with the user (By disclosing, “the electronic device may generate one or more of the first biometric template or the second biometric template from a biometric” ([0150] of Trelin); and “The identification system may store biometric data of a number of different types (e.g., different template types) associated with the identity. As such, upon determining the identity using the first biometric template and determining a type of biometric data to use for comparison with a second biometric template, the identification system can serve as a translator by retrieving stored second biometric data of a corresponding type to the second biometric template” ([0177] of Trelin)).  
            Trelin does not disclose:
            receiving digital identity data comprising access control data from the user, wherein the access control data comprises data indicating one or more time periods during which one or more requestors are permitted to authenticate the user using the one or more first biometric templates; and
           transmitting the access control data to the one or more requestors for a duration indicated by the digital identity data, wherein the one or more first biometric templates are configured to be compared to one or more second biometric templates based on the access control data.
           However, Li teaches:
           receiving digital identity data comprising access control data from the user (By disclosing, “a first communication unit for sending the user identity information [(digital identity data)] for user to TSP” ([0009] of Li); and “the user identity information further comprises the effective period [(access control data)] associated therewith” ([0017] of Li)), and
           transmitting the access control data to the one or more requestors for a duration indicated by the digital identity data (By disclosing, the TSP transmits the user identity data to the Tbox storage of a target vehicle ([0009] of Li); and “Tbox receives the user identity information and the authentication information after storing it in the local. local Tbox with one user identity information database, storing the user identification information of each user. In particular, the user identity information may be associated with an individual set of different user. In an example, user identity information further comprises the effective period [(access control data)] associated therewith. after the validity expires in Tbox locally deleting the user identification information, so that ensure the validity expires and cannot be used by the client and the Tbox subsequent identification.” ([0113]-[0114] of Li)). 
           Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the method of Trelin, in view of Li to include techniques of receiving digital identity data comprising access control data from the user, and transmitting the access control data to the one or more requestors for a duration indicated by the digital identity data.  Doing so would result in an improved invention because this would allow the requestor to authenticate the user based on the user identity data, thus improving the security of the claimed invention.   
           And Hassan teaches:
           wherein the access control data comprises data indicating one or more time periods during which one or more requestors are permitted to authenticate the user using the one or more first biometric templates (By disclosing, a user computing device 106 has a “facial recognition application 218 is configured to associate timing data 236 [(access control data)] with one or more of the transient image template(s) 228 In one embodiment, the timing data 236 includes a transient timer having a predetermined time period, wherein a transient timer is associated with each of the transient image template(s) [(biometric template)] 228” ([0096], Fig. 1 and Fig. 2 of Hassan); “the timing data 236 may include an incremental value that the facial recognition application 218 and/or authentication application 216 uses to increment one or more of the transient timers. … the incremental value is configurable by a user 104 of the computing device 106 via one or more graphical user interfaces displayable by the operating system 214.” ([0097] of Hassan); and “in addition to including timing data 236 with one or more of the transient image template(s) 228, the authentication application 216 and/or the facial recognition application 218 also associates .... These associations further improve the functioning of the computing device 106 because they allow the computing device 106 to authenticate the user 104 based both on time (e.g., whether the timer associated with a transient image template 228 has expired) and…” ([0133] of Hassan)); and
           wherein the one or more first biometric templates are configured to be compared to one or more second biometric templates based on the access control data (By disclosing, “In this regard, where the computing device 106 and/or the authentication server 110 receives a request to authenticate the user 104 using image-based authentication, and the predetermined time period for the transient image template has not expired, the computing device 106 and/or the authentication server 110 compares an acquired image of the user 104 with the transient image template (e.g., through template matching, feature matching, etc.)” ([0062] of Hassan)).
           Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the combination of Trelin and Li, in view of Hassan to include techniques of wherein the access control data comprises data indicating one or more time periods during which one or more requestors are permitted to authenticate the user using the one or more first biometric templates, and wherein the one or more first biometric templates are configured to be compared to one or more second biometric templates based on the access control data. Doing so would result in an improved invention because this would allow the biometric template being authenticated only in a predetermined time period, thus improving the control functionality by the user for the biometric authentication. 

Regarding claim(s) 2 and 17, Trelin discloses:
          wherein receiving the first/second biometric data comprises acquiring the first biometric data using a camera, one or more biometric sensors, or combinations thereof (By disclosing, “ the first system device 102 and/or the second system device 103 may include one or more biometric reader devices 114, 119 (such as a fingerprint scanner, a blood vessel scanner, a palm-vein scanner, an optical fingerprint scanner, a phosphorescent fingerprint scanner, a still image and/or video camera, a 2D and/or 3D image sensor, a capacitive sensor, a saliva sensor, a deoxyribonucleic acid sensor, a heart rhythm monitor, a microphone, and so on)” ([0058] of Trelin)).  

Regarding claim(s) 3, Trelin discloses:
          wherein the first biometric data comprises data relating to one or more fingerprints, one or more palm veins, one or more finger veins, one or more facial features, DNA, one or more palm prints, hand geometry, one or more iris features, one or more retinal features, odor, typing rhythm, gait, voice, or combinations thereof (By disclosing, “ the first system device 102 and/or the second system device 103 may include one or more biometric reader devices 114, 119 (such as a fingerprint scanner, a blood vessel scanner, a palm-vein scanner, an optical fingerprint scanner, a phosphorescent fingerprint scanner, a still image and/or video camera, a 2D and/or 3D image sensor, a capacitive sensor, a saliva sensor, a deoxyribonucleic acid sensor, a heart rhythm monitor, a microphone, and so on)” ([0058] of Trelin)).    

Regarding claim(s) 4, Trelin discloses:
          transmitting the first biometric data to an identification verification provider for validation using the DRM platform (By disclosing, “the identification system device 101 [(identification verification provider)] may be operative to receive one or more digital representations of biometrics, determine one or more identities by comparing the digital representations of biometrics to stored biometric data associated with the identity information 109” ([0043] of Trelin); and “an identification system may be used to locate a first record in a first system and a second record in a second system using identity information, determine that the first record and second record cannot be verified as associated with a same person within a threshold certainty, and determine whether a person associated with the first record is associated with the second record using a digital representation of a biometric for the person” (Abstract of Trelin)).  

Regarding claim(s) 5 and 13, Trelin discloses:
          wherein generating the one or more first biometric templates comprises converting the first biometric data to the one or more first biometric templates using a one-way function, and wherein the one or more second biometric templates are configured to be generated using the one-way function (By disclosing, “Both of the biometric template of the first type and the biometric template of the second type may include hashes and/or other digital representations of the biometrics” ([0130] of Trelin)).  

Regarding claim(s) 6 and 14, Trelin discloses:
          wherein the one-way function comprises a one-way hash algorithm  (By disclosing, “Both of the biometric template of the first type and the biometric template of the second type may include hashes and/or other digital representations of the biometrics” ([0130] of Trelin)).    

Regarding claim(s) 7, Trelin discloses:
          wherein generating the one or more first biometric templates comprises: transmitting the first biometric data to the DRM platform (By disclosing, “the identification system device 101 may store identity information 109 associated with identification information 108 (such as biometric data, logins, passwords, account identifiers, and so on) and may use the identification information 108 to control access to the identity information 109” which means the biometric data is transmitted to the identification system device such that the identification system device can store the biometric data ([0043] of Trelin)); and 
         receiving the one or more first biometric templates from the DRM platform (By disclosing, “the first system device 102 may be configured to communicate with the identification system device 101 to identify a person using a biometric template of a first type, retrieve a biometric template of a second type that is associated with the identity and used by the second system device 103 from the identification system device 101, and communicate the biometric template of the second type to the second system device 103 as part of a records request” ([0060] of Trelin)).  

Regarding claim(s) 8, Trelin discloses:
           transmitting the one or more first biometric templates to the DRM platform; storing the one or more first biometric templates as digital identity data associated with the user through a user-side software development kit application associated with the DRM platform; or combinations thereof (By disclosing, “the identification system may identity people by matching received biometric templates to stored biometric data that is associated with identities” ([0134] of Trelin)).  

Regarding claim(s) 10 and 15, Trelin does not disclose:
           wherein authentication data is configured to be generated based on the comparison, wherein the authentication data comprises: 
           data indicating a successful authentication if the one or more first biometric templates match the one or more second biometric templates; and 
           data indicating a failed authentication if the one or more first biometric templates do not match the one or more second biometric templates.  
           However, Hassan teaches:
           wherein authentication data is configured to be generated based on the comparison (By disclosing, “where the facial recognition application 218 determines that there is not a sufficient match of at least one acquired image and at least one of the transient image template(s)” ([0121] and Fig. 4B step 416 of Hassan)), wherein the authentication data comprises: 
           data indicating a successful authentication if the one or more first biometric templates match the one or more second biometric templates (By disclosing, “the authentication application 216 instructs and/or informs the operating system 214 that the user 104 is authorized to use the computing device 106” ([0122] and Fig. 4B step 424 of Hassan)); and 
           data indicating a failed authentication if the one or more first biometric templates do not match the one or more second biometric templates (By disclosing, “Where the authentication application 216 determines that the user 104 is not authenticated (e.g., the “NO” branch of Operation 420), the method 402 proceeds to Operation 422, where the authentication application 216 and/or the operating system 214 denies the user 104 access to the computing device 106” ([0121] and Fig. 4B step 422 of Hassan)).  
          Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the combination of Trelin and Li, in view of Hassan to include authentication data is configured to be generated based on the comparison, wherein the authentication data comprises: data indicating a successful authentication if the one or more first biometric templates match the one or more second biometric templates; and data indicating a failed authentication if the one or more first biometric templates do not match the one or more second biometric templates.  Doing so would result in an improved invention because this would allow the requestor being notified about the result of the authentication, thus improving the user convenience and functionality of the claimed invention. 

Regarding claim(s) 11 and 16, Trelin does not disclose:
          using the DRM platform to generate authentication data indicating a failed authentication if the one or more requestors access the one or more first biometric templates after the one or more time periods have expired.  
           However, Hassan teaches:
           using the DRM platform to generate authentication data indicating a failed authentication (By disclosing, “Where the authentication application 216 determines that the user 104 is not authenticated (e.g., the “NO” branch of Operation 420), the method 402 proceeds to Operation 422, where the authentication application 216 and/or the operating system 214 denies the user 104 access to the computing device 106” ([0121] and Fig. 4B step 422 of Hassan)) (Note: the limitation “if the one or more requestors access the one or more first biometric templates after the one or more time periods have expired” is a contingent limitation. The broadest reasonable interpretation of a method (or process) claim having contingent limitations requires only those steps that must be performed and does not include steps that are not required to be performed because the condition(s) precedent are not met. (MPEP 2111.04 II)).  
          Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the combination of Trelin and Li, in view of Hassan to include techniques of using the DRM platform to generate authentication data indicating a failed authentication.  Doing so would result in an improved invention because this would allow the requestor being notified about the result of the authentication, thus improving the user convenience and functionality of the claimed invention. 

Regarding claim(s) 12, Trelin discloses:
          receiving one or more first biometric templates generated based on first biometric data associated with a user and generated using a digital rights management (DRM) platform (By disclosing, “The first system [(DRM platform)] may generate or obtain the first biometric template, transmit the first biometric template to the identification system” ([0168] of Trelin); and “FIG. 10 depicts an example 1000 of generating a biometric template 1010D from a biometric data 1010A” ([0135] and Fig. 10 of Trelin));
            receiving second biometric data associated with the user (By disclosing, “The processing units 110, 115 may respectively execute one or more sets of instructions stored in the non-transitory storage media 111, 116 to perform various functions, such as using the biometric reader devices 114, 119 to obtain one or more digital representations of one or more biometrics (such as…) for a person, …, communicating with the identification system device 101 and/or each other via the network 104 using the communication units 112, 117, providing one or more obtained digital representations of biometrics, and so on.” ([0058] of Trelin); and “the digital representation of the biometric and the biometric data may be biometric templates of different types (e.g., formatted differently)” ([0101] of Trelin)); 
           generating one or more second biometric templates based on the second biometric data using the DRM platform (By disclosing, “The processing units 110, 115 may respectively execute one or more sets of instructions stored in the non-transitory storage media 111, 116 to perform various functions, such as using the biometric reader devices 114, 119 to obtain one or more digital representations of one or more biometrics (such as…) for a person, …, communicating with the identification system device 101 and/or each other via the network 104 using the communication units 112, 117, providing one or more obtained digital representations of biometrics, and so on.” ([0058] of Trelin); and “the digital representation of the biometric and the biometric data may be biometric templates of different types (e.g., formatted differently)” ([0101] of Trelin)); 
           comparing the one or more first biometric templates and the one or more second biometric templates (By disclosing, “at least one processing unit may perform biometric template translation in order to compare the first biometric template to the second biometric template” ([0117] of Trelin)).      
           Trelin does not disclose:
           receiving digital identity data comprising access control data associated with the user, wherein the access control data comprises data indicating one or more time periods during which one or more requestors are permitted to authenticate the user using the one or more first biometric templates;
          generating authentication data based on the access control data; and
          generating the authentication data based on the comparison for a duration indicated by the digital identity data using the DRM platform.  
          However, Li teaches:
          receiving digital identity data comprising access control data associated with the user (By disclosing, “a first communication unit for sending the user identity information for user to TSP” ([0009] of Li); and “the user identity information further comprises the effective period [(access control data)] associated therewith” ([0017] of Li)), 
           generating authentication data based on the access control data (By disclosing, “the TSP 120 stored locally with the owner identity information database, wherein the stored in association with the owner identification information and bound with the vehicle VIN. Thus, the TSP [(DRM platform)] 120 only needs to search determining owner identity information in the database is matched with the request the identity information of the identity information. step 303: in response to successful authentication, the authorization information of the owner [(authentication data)] is sent to the Tbox130m storage of the target authorized vehicle and Tbox the target authorization information of the vehicle transmitted to the client 110-N1. The authorization information includes requesting the user identification information, authorization category, authorization valid periods …” ([0060]-[0062] of Li); After receiving the user identity information by the TSP, if the authorization verification is successful, the TSP sends the user identity information as the authentication information to the Tbox of the target vehicle ([0098] of Li)); and
           generating the authentication data based on the comparison for a duration indicated by the digital identity data using the DRM platform (By disclosing, “the TSP 120 stored locally with the owner identity information database, wherein the stored in association with the owner identification information and bound with the vehicle VIN. Thus, the TSP [(DRM platform)] 120 only needs to search determining owner identity information in the database is matched with the request the identity information of the identity information. step 303: in response to successful authentication, the authorization information of the owner [(authentication data)] is sent to the Tbox130m storage of the target authorized vehicle and Tbox the target authorization information of the vehicle transmitted to the client 110-N1. The authorization information includes requesting the user identification information, authorization category, authorization valid periods …” ([0060]-[0062] of Li); After receiving the user identity information by the TSP, if the authorization verification is successful, the TSP sends the user identity information as the authentication information to the Tbox of the target vehicle ([0098] of Li); and “Tbox receives the user identity information and the authentication information after storing it in the local. local Tbox with one user identity information database, storing the user identification information of each user. In particular, the user identity information may be associated with an individual set of different user. In an example, user identity information further comprises the effective period [(access control data)] associated therewith. after the validity expires in Tbox locally deleting the user identification information, so that ensure the validity expires and cannot be used by the client and the Tbox subsequent identification.” ([0113]-[0114] of Li)). 
           Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the method of Trelin, in view of Li to include techniques of receiving digital identity data comprising access control data from the user, generating authentication data based on the access control data, and generating the authentication data based on the comparison for a duration indicated by the digital identity data using the DRM platform.  Doing so would result in an improved invention because this would allow the requestor to authenticate the user based on the user identity data and the duration predefined by the user, thus improving the security of the claimed invention.   
          And Hassan teaches:
          wherein the access control data comprises data indicating one or more time periods during which one or more requestors are permitted to authenticate the user using the one or more first biometric templates (By disclosing, a user computing device 106 has a “facial recognition application 218 is configured to associate timing data 236 [(access control data)] with one or more of the transient image template(s) 228 In one embodiment, the timing data 236 includes a transient timer having a predetermined time period, wherein a transient timer is associated with each of the transient image template(s) 228” ([0096], Fig. 1 and Fig. 2 of Hassan); “the timing data 236 may include an incremental value that the facial recognition application 218 and/or authentication application 216 uses to increment one or more of the transient timers. … the incremental value is configurable by a user 104 of the computing device 106 via one or more graphical user interfaces displayable by the operating system 214.” ([0097] of Hassan); and “in addition to including timing data 236 with one or more of the transient image template(s) 228, the authentication application 216 and/or the facial recognition application 218 also associates .... These associations further improve the functioning of the computing device 106 because they allow the computing device 106 to authenticate the user 104 based both on time (e.g., whether the timer associated with a transient image template 228 has expired) and…” ([0133] of Hassan)).        
          Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the combination of Trelin and Li, in view of Hassan to include techniques of wherein the access control data comprises data indicating one or more time periods during which one or more requestors are permitted to authenticate the user using the one or more first biometric templates. Doing so would result in an improved invention because this would allow the biometric template being authenticated only in a predetermined time period, thus improving the control functionality by the user for the biometric authentication.

Regarding claim(s) 18, Trelin discloses:
          receiving first biometric data associated with a user (By disclosing, “The processing units 110, 115 may respectively execute one or more sets of instructions stored in the non-transitory storage media 111, 116 to perform various functions, such as using the biometric reader devices 114, 119 to obtain one or more digital representations of one or more biometrics (such as…) for a person, …, communicating with the identification system device 101 and/or each other via the network 104 using the communication units 112, 117, providing one or more obtained digital representations of biometrics, and so on.” ([0058] of Trelin)); 
          generating one or more first biometric templates based on the first biometric data (By disclosing, “The processing units 110, 115 may respectively execute one or more sets of instructions stored in the non-transitory storage media 111, 116 to perform various functions, such as using the biometric reader devices 114, 119 to obtain one or more digital representations of one or more biometrics (such as…) for a person, …, communicating with the identification system device 101 and/or each other via the network 104 using the communication units 112, 117, providing one or more obtained digital representations of biometrics, and so on.” ([0058] of Trelin); and “the digital representation of the biometric and the biometric data may be biometric templates of different types (e.g., formatted differently)” ([0101] of Trelin));         
           receiving a request for the one or more first biometric templates from the one or more requestors (By disclosing, “the first system device 102 may be configured to communicate with the identification system device 101 to identify a person using a biometric template of a first type, retrieve a biometric template of a second type that is associated with the identity and used by the second system device 103 from the identification system device 101, and communicate the biometric template of the second type ([first biometric template]) to the second system device 103 as part of a records request” ([0060] of Trelin)); 
            transmitting the one or more first biometric template to the one or more requestors (By disclosing, “the first system device 102 may be configured to communicate with the identification system device 101 to identify a person using a biometric template of a first type, retrieve a biometric template of a second type that is associated with the identity and used by the second system device 103 from the identification system device 101, and communicate the biometric template of the second type ([first biometric template]) to the second system device 103 as part of a records request” ([0060] of Trelin)); and 
           wherein the one or more first biometric templates are configured to be compared to one or more second biometric templates (By disclosing, “the at least one processing unit performs biometric template translation in order to compare the first biometric template to the second biometric template” ([0009] of Trelin)); and 
          wherein the one or more second biometric templates are configured to be generated based on second biometric data associated with the user (By disclosing, “The identification system may store biometric data of a number of different types (e.g., different template types) associated with the identity. As such, upon determining the identity using the first biometric template and determining a type of biometric data to use for comparison with a second biometric template, the identification system can serve as a translator by retrieving stored second biometric data of a corresponding type to the second biometric template” ([0177] of Trelin)).    
           Trelin does not disclose:
           receiving digital identity data comprising access control data from the user, wherein the access control data comprises data indicating one or more time periods during which one or more requestors are permitted to authenticate the user using the one or more first biometric templates;
           transmitting the one or more first biometric templates to the one or more requestors for a duration indicated by the digital identity data based on the access control data;
           wherein the one or more first biometric templates are configured to be compared to one or more second biometric templates based on the access control data.
           However, Li teaches:
           receiving digital identity data comprising access control data from the user (By disclosing, “a first communication unit for sending the user identity information for user to TSP” ([0009] of Li); and “the user identity information further comprises the effective period [(access control data)] associated therewith” ([0017] of Li)), and
           transmitting authentication data to the one or more requestors for a duration indicated by the digital identity data based on the access control data (By disclosing, “the TSP 120 stored locally with the owner identity information database, wherein the stored in association with the owner identification information and bound with the vehicle VIN. Thus, the TSP 120 only needs to search determining owner identity information in the database is matched with the request the identity information of the identity information. step 303: in response to successful authentication, the authorization information of the owner [(authentication data)] is sent to the Tbox130m storage of the target authorized vehicle and Tbox the target authorization information of the vehicle transmitted to the client 110-N1. The authorization information includes requesting the user identification information, authorization category, authorization valid periods …” ([0060]-[0062] of Li); After receiving the user identity information by the TSP, if the authorization verification is successful, the TSP sends the user identity information as the authentication information to the Tbox of the target vehicle ([0098] of Li); and “Tbox receives the user identity information and the authentication information after storing it in the local. local Tbox with one user identity information database, storing the user identification information of each user. In particular, the user identity information may be associated with an individual set of different user. In an example, user identity information further comprises the effective period [(access control data)] associated therewith. after the validity expires in Tbox locally deleting the user identification information, so that ensure the validity expires and cannot be used by the client and the Tbox subsequent identification.” ([0113]-[0114] of Li)). 
           Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the method of Trelin in view of Li to include techniques of receiving digital identity data comprising access control data from the user.  Doing so would result in an improved invention because this would allow the requestor to authenticate the user based on the user identity data, thus improving the security of the claimed invention.   It would also have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the method of Trelin that using the first biometric template as the authentication data to authenticate the user, in view of Li to include techniques of transmitting authentication data to the one or more requestors for a duration indicated by the digital identity data based on the access control data, therefore to achieve: transmitting the one or more first biometric templates to the one or more requestors for a duration indicated by the digital identity data based on the access control data. Doing so would result in an improved invention because this would allow the requestor to authenticate the user based on the user identity data only during the period defined by the user, thus improving the user control functionality of the claimed invention. 
           And Hassan teaches:
           wherein the access control data comprises data indicating one or more time periods during which one or more requestors are permitted to authenticate the user using the one or more first biometric templates (By disclosing, a user computing device 106 has a “facial recognition application 218 is configured to associate timing data 236 [(access control data)] with one or more of the transient image template(s) 228 In one embodiment, the timing data 236 includes a transient timer having a predetermined time period, wherein a transient timer is associated with each of the transient image template(s) 228” ([0096], Fig. 1 and Fig. 2 of Hassan); “the timing data 236 may include an incremental value that the facial recognition application 218 and/or authentication application 216 uses to increment one or more of the transient timers. … the incremental value is configurable by a user 104 of the computing device 106 via one or more graphical user interfaces displayable by the operating system 214.” ([0097] of Hassan); and “in addition to including timing data 236 with one or more of the transient image template(s) 228, the authentication application 216 and/or the facial recognition application 218 also associates .... These associations further improve the functioning of the computing device 106 because they allow the computing device 106 to authenticate the user 104 based both on time (e.g., whether the timer associated with a transient image template 228 has expired) and…” ([0133] of Hassan)); and
           wherein the one or more first biometric templates are configured to be compared to one or more second biometric templates based on the access control data (By disclosing, “In this regard, where the computing device 106 and/or the authentication server 110 receives a request to authenticate the user 104 using image-based authentication, and the predetermined time period for the transient image template has not expired, the computing device 106 and/or the authentication server 110 compares an acquired image of the user 104 with the transient image template (e.g., through template matching, feature matching, etc.)” ([0062] of Hassan)).
           Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the combination of Trelin and Li, in view of Hassan to include techniques of wherein the access control data comprises data indicating one or more time periods during which one or more requestors are permitted to authenticate the user using the one or more first biometric templates; wherein the one or more first biometric templates are configured to be compared to one or more second biometric templates based on the access control data. Doing so would result in an improved invention because this would allow the biometric template being authenticated only in a predetermined time period, thus improving the control functionality by the user for the biometric authentication.

Regarding claim(s) 20, Trelin discloses:
          transmitting the one or more first biometric templates to the one or more requestors if the one or more time periods have not expired (By disclosing, “the first system device 102 may be configured to communicate with the identification system device 101 to identify a person using a biometric template of a first type, retrieve a biometric template of a second type that is associated with the identity and used by the second system device 103 from the identification system device 101, and communicate the biometric template of the second type ([first biometric template]) to the second system device 103 as part of a records request” ([0060] of Trelin)).
          Trelin does not disclose:
          transmitting the one or more first biometric templates to the one or more requestors if the one or more time periods have not expired.
          However, Hassan teaches:
          deleting the biometric templates after the one or more time periods expire (By disclosing, “At the expiration of the predetermined time period, the computing device deletes the transient image template” (Abstract of Hassan)).
           Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the method of transmitting the one or more first biometric templates to the one or more requestors, in view of Hassan to include techniques of deleting the biometric templates after the one or more time periods expire (so that the biometric template can only be transmitted if the one or more time periods have not expired). Doing so would result in an improved invention because this would allow the biometric template being compared and authenticated by the requestor only in a predetermined time period, thus improving the control functionality by the user for the biometric authentication.

Claim(s) 9 is/are rejected under 35 U.S.C. 103 as being unpatentable over Trelin (US 20210035666), in view of Li (CN 108092991), further in view of Hassan (US 20200151431), and Kamal (US 20190320039).
Regarding claim(s) 9, Trelin discloses:        
           storing the one or more first biometric templates and the image data as digital identity data at the DRM platform (By disclosing, “The identification system may store biometric data of a number of different types (e.g., different template types) associated with the identity” ([0177] of Trelin); “the first system device 102 may be configured to communicate with the identification system device 101 to identify a person using a biometric template of a first type, retrieve a biometric template of a second type that is associated with the identity and used by the second system device 103 from the identification system device 101, and communicate the biometric template of the second type to the second system device 103 as part of a records request” ([0060] of Trelin); “the identification system may associate the first stored biometric data with the identity and may match the first biometric template to the first stored biometric data to determine the identity and/or control access to information associated with the identity” ([0175] of Trelin); and biometric data includes image data ([0058] of Trelin)).  
            Trelin does not disclose:
            receiving image data corresponding to one or more identification documents for the user.
         However, Kamal teaches:
        receiving image data corresponding to one or more identification documents for the user (By disclosing, “When the user 110 opts into the provisioning of the digital identity, the communication device 108 is configured, by the native code 114, to instruct the user 110 to scan an image of a physical document associated with the user 110, such as the physical document 112 (e.g., the user's driver’s license, etc.). In response to one or more inputs from the user 110, the communication device 108 is configured, by the native code 114, to capture an image of the physical document 112” ([0029] of Kamal)).
           Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the combination of Trelin, Li, and Hassan, in view of Kamal to include techniques of receiving image data corresponding to one or more identification documents for the user.  Doing so would result in an improved invention because this would allow a more comprehensive user information being collected for future identity authentication, thus improving the accuracy of the identity authentication. 

Claim(s) 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Trelin (US 20210035666), in view of Li (CN 108092991), further in view of Hassan (US 20200151431), and Nakajima (US 20200281470).
Regarding claim(s) 19, Trelin does not disclose:
          receiving consent data from the user, wherein the consent data comprises data indicating an affirmative consent by the user to allow the one or more requestors to access the one or more first biometric templates; and
           transmitting the one or more first biometric templates to the one or more requestors based on the consent data.  
           However, Nakajima teaches:
           receiving consent data from the user, wherein the consent data comprises data indicating an affirmative consent by the user to allow the one or more requestors to access the one or more first biometric data (By disclosing, “The present invention identifies whether or not a user consents to providing personal information including biological information to a third party” (Abstract of Nakajima); and “Further, information indicating whether or not the user has consented to providing, to a third party, the biological information and the personal information in association with each other on the basis of this necessary content can be received. …. This allows the communication device to provide the biological information and the personal information of the user in association with each other to a third party” ([0017] of Nakajima)); and
           transmitting the one or more first biometric data to the one or more requestors based on the consent data (By disclosing, “Further, information indicating whether or not the user has consented to providing, to a third party, the biological information and the personal information in association with each other on the basis of this necessary content can be received. …. This allows the communication device to provide the biological information and the personal information of the user in association with each other to a third party” ([0017] of Nakajima)).
          Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the combination of Trelin, Li, Hassan, in view of Nakajima to include techniques of receiving consent data from the user, wherein the consent data comprises data indicating an affirmative consent by the user to allow the one or more requestors to access the one or more first biometric templates; and transmitting the one or more first biometric templates to the one or more requestors based on the consent data. Doing so would result in an improved invention because this would allow only the authorized requestors to utilize the biometric information of the user, thus improving the security of the personal biometric information of the user. 


Response to Arguments
Applicant’s arguments with regard to the 35 U.S.C. § 103 rejection have been considered but are moot in view of new grounds of rejection initiated by applicant’s amendment to the claims.
	

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
US 9774596 to Mandal for disclosing using biometric data to generate a biometric template to authenticate an identity of a user.
WO 2018222211 to Wang for disclosing secure biometric authentication using electronic identity. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to DUAN ZHANG whose telephone number is (571)272-4642. The examiner can normally be reached Mon - Fri 10 AM-5 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neha Patel can be reached on 5712701492. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/DUAN ZHANG/Examiner, Art Unit 3685