DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Status of Claims
Claims 1, 8, and 15 have been amended. Claims 1-20 are pending.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 11,528,269. Although the claims at issue are not identical, they are not patentably distinct from each other. As highlighted in the table below the current application would have been obvious over the reference patent.

Claims 1-20 are provisionally rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 are of co-pending Application No. 16/985,886 (reference application). Although the claims at issue are not identical, they are not patentably distinct from each other. As highlighted in the table below the current application would have been obvious over the reference application.
This is a provisional nonstatutory double patenting rejection because the patentably indistinct claims have not in fact been patented.
16/985,791
U.S. 11,528,269
Claim 1. A system, comprising: a secure server configured to host one or more secure applications; and a multi-person authentication server comprising: a network interface configured to communicate with the secure server, a first user device associated with a first user, and a second user device associated with a second user; and a processor configured to: receive an authentication request corresponding to a request to provide the first user access to the secure server; in response to receiving the authentication request: provide a challenge-response message to the first user device, wherein the challenge-response message indicates authentication of the first user of the first user device is needed, directs the first user device to capture a first image of a face of the first  user, and indicates a number of confirming users required to achieve a multi-person authentication; and provide a push notification to the second user device, wherein the push notification indicates confirmation of the authentication of the first user of the first user device is needed, directs the second user device to capture a second image of a face of the second user, and instructs the second user device to provide the second image or an authentication result of authenticating the second image to the first user device; 
receive a response to the challenge-response message from the first user device, wherein: the response  indicates that the first user and the second user are verified and that the first user is authorized to access the secure server when the first image is an image of an authorized user of the secure server and the second image is an image of an administrator of the secure server, and the response indicates that the first user and the second user are not verified and that the first user is not authorized to access the secure server when one or both of: the first image is not the image of the authorized user of the secure server and the second image is not the image of the administrator of the secure server; if the received response indicates the first user and the second user are authenticated, allow the first user to access the secure server; and if the received response indicates the first user and the second user are not authenticated, prevent the first user from accessing the secure server.
Claim 1. A system, comprising: a secure server configured to host one or more secure applications; 
and a first user device comprising: a camera operable to capture a first image of a first user of the user device; 
and a processor communicatively coupled to the camera and configured to: following a request for access to the secure server by the first user, receive a challenge-response message, following receipt of the challenge-response message, prompt the first user of the first user device to operate the camera to capture the first image of the first user, wherein the first image comprises an image of at least a portion of a face of the first user; 
receive a second image of a second user of a second user device and an authentication result determined by the second user device, wherein the second image comprises an image of at least a portion of a face of the second user, wherein the authentication result indicates that the face of the second user included in the second image corresponds to a face of an authorized administrator of the secure server; 
determine, using facial recognition, that the face of the first user included in the first image corresponds to a face of an authorized user of the secure server; generate a response to the challenge-response message, wherein: if both the face of the first user corresponds to the face of the authorized user of the secure server and the authentication result indicates that the face of the second user corresponds to the face of the authorized administrator of the secure server, the response indicates the first user is authorized to access the secure server; 
and if one or both of the face of the first user does not correspond to the face of the authorized user of the secure server and the authentication result indicates that the face of the second user does not correspond to the face of the authorized administrator of the secure server, the response indicates the first user is not authorized to access the secure server; and provide the response.
16/985,791
16/985,886
Claim 1. A system, comprising: a secure server configured to host one or more secure applications; and a multi-person authentication server comprising: a network interface configured to communicate with the secure server, a first user device associated with a first user, and a second user device associated with a second user; and a processor configured to: receive an authentication request corresponding to a request to provide the first user access to the secure server; in response to receiving the authentication request: provide a challenge-response message to the first user device, wherein the challenge-response message indicates authentication of the first user of the first user device is needed, directs the first user device to capture a first image of a face of the first user, and indicates a number of confirming users required to achieve a multi-person authentication; and provide  a push notification to the second user device, wherein the push notification indicates confirmation of the authentication of the first user of the first user device is needed, directs the second user device to capture a second image of a face of the second  user, and instructs the second user device to provide the second image or an authentication result of authenticating the second image to the first user device;
receive a response to the challenge-response message from the first user device, wherein: the response  indicates that the first user and the second user are verified and that the first user is authorized to access the secure server when the first image is an image of an authorized user of the secure server and the second image is an image of an administrator of the secure server, and the response indicates that the first user and the second user are not verified and that the first user is not authorized to access the secure server when one or both of: the first image is not the image of the authorized user of the secure server and the second image is not the image of the administrator of the secure server; if the received response indicates the first user and the second user are authenticated, allow the first user to access the secure server; and if the received response indicates the first user and the second user are not authenticated, prevent the first user from accessing the secure server.
Claim 1. A system, comprising: a secure server configured to host one or more secure applications; 
and a first user device comprising: a camera operable to capture a first image of a first user of the first user device; and a processor communicatively coupled to the camera and configured to: receive a push notification, wherein the push notification indicates confirmation of the authentication of a second user of a second user device is needed, wherein the second user is requesting access to the secure server;
determine one or more confirming users authorized to confirm the access to the secure server by the second user;
select a first confirming user from the determined one or more confirming users using confirmation profiles which include information
for matching authentication requests to appropriate confirming users;
contact the selected first confirming user as the first user;
in response to the selected first confirming user not responding to the push notification within a predetermined time limit, contact, from the
one or more confirming users, a subsequent confirming user who is responsive to the push notification within the predetermined time limit;
designate the subsequent confirming user as the first user;
 following receipt of the push notification, prompt the first user of the first user device to operate the camera to capture the first image of the first user, wherein the first image comprises an image of at least a portion of a face of the first user; and provide the first image for presentation on the second user device.



Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more. Next using the 2019 Revised Patent Subject Matter Eligibility Guidance (hereinafter 2019 PEG) the rejection as follows has been applied. 
Under step 1, per MPEP 2106.03, claims 1-7 are a system, claims 8-14 are a method, 12-15, 17, and 19-20 are a device. Thus, each claim 1-20, on its face, is directed to one of the statutory categories (i.e., useful process, machine, manufacture, or composition of matter) of 35 U.S.C. § 101. 
Under step 2A Prong One, per MPEP 2106.04, prong one asks does the claim recite an abstract idea, law of nature, or natural phenomenon? In Prong One examiners evaluate whether the claim recites a judicial exception, i.e. whether a law of nature, natural phenomenon, or abstract idea is set forth or described in the claim. While the terms "set forth" and "described" are thus both equated with "recite", their different language is intended to indicate that there are two ways in which an exception can be recited in a claim. For instance, the claims in Diehr, 450 U.S. at 178 n. 2, 179 n.5, 191-92, 209 USPQ at 4-5 (1981), clearly stated a mathematical equation in the repetitively calculating step, and the claims in Mayo, 566 U.S. 66, 75-77, 101 USPQ2d 1961, 1967-68 (2012), clearly stated laws of nature in the wherein clause, such that the claims "set forth" an identifiable judicial exception. Alternatively, the claims in Alice Corp., 573 U.S. at 218, 110 USPQ2d at 1982, described the concept of intermediated settlement without ever explicitly using the words "intermediated" or "settlement."
Next, per 2019 PEG, to determine whether a claim recites an abstract idea in Prong One, examiners are now to: (I) Identify the specific limitation(s) in the claim under examination (individually or in combination) that the examiner believes recites an abstract idea; and (II) determine whether the identified limitation(s) falls within the subject matter groupings of abstract ideas enumerated in Section I of the 2019 PEG. If the identified limitation(s) falls within the subject matter groupings of abstract ideas enumerated in Section I, analysis should proceed to Prong Two in order to evaluate whether the claim integrates the abstract idea into a practical application.

(I) An abstract idea as recited per claims 1, 8, and 15 (taking recitation of claim 1 as representative as recitation of claims 8 and 15 is substantially similar) is as follows:
-	receive an authentication request corresponding to a request to provide the first user access …; 
- in response to receiving the authentication request: provide a challenge-response message to the first user …, wherein the challenge-response message indicates authentication of the first user … is needed …, indicates a number of confirming users required to achieve a multi-person authentication;

- 	provide a push notification to the second user …, wherein the push notification indicates confirmation of the authentication of the first user … is needed …; 

- receive a response to the challenge-response message from the first user …, wherein: 
the response indicates that the first user and the second user are verified and that the first user is authorized to access … when the first image is an image of an authorized user … and the second image is an image of an administrator or user …, 

- the response indicates that the first user and the second user are not verified and that the first user is not authorized to access … when one or both of: the first image is not the image of the authorized user … and the second image is not the image of the administrator …; 

- if the received response indicates the first user and the second user are authenticated, allow the first user to access …; and if the received response indicates the first user and the second user are not authenticated, prevent the first user from accessing …;


Further, dependent claims 2-7, 9-14, and 16-20, recite the same abstract idea as they further specify the abstract idea in a descriptive manner with the exception of additional elements as analyzed under step 2A prong two and step 2B inquiries below. They further describe the abstract idea using abstract recitation as follows:
per claims 2, 9, and 16, wherein: the request to access … comprises a request to access a first secure application hosted on the secure server; and … determine an initial administrator in a list of authorized administrators of the first secure application; and determine the second user is the initial administrator in the list of authorized administrators

per claims 3, 10, and 17, determine that the second user … is not responsive to the push notification within a threshold period of time; following determining that the second user … is not responsive to the push notification within the threshold period of time: determine a next administrator in the list of authorized administrators of the first secure application; and determine the second user is the initial administrator in the list of authorized administrators.

per claims 4, 11, and 18, determine that the first user … is not responsive to the challenge-response message within a threshold period of time; and following determining that the first user … is not responsive to the challenge-response message within the threshold period of time, prevent the first user from accessing the secure server. 

per claims 5, 12, and 19, … prior to allowing access … if the received response indicates the first user is authenticated: confirm that a first identity of the first user determined from the first image corresponds to a user identity associated with the received request to access the secure server; and confirm that a second identity of the second user determined from the second image corresponds to a user identity associated with the second … to which the push notification was provided.

per claims 6, 13, and 20 wherein the push notification includes instructions for the second user to provide an input to confirm or deny whether the first user is authorized to access the secure server.

per claims 7, and 14 wherein: the received authorization request includes security credentials for the first user; and …, prior to providing the challenge-response message to the first user …, determine that the security credentials correspond to predetermined credentials for the first user.



(II) Thus, based on the foregoing abstract recitation, the claims recite an abstract idea which pertains to sending and receiving an authentication request from a first user, providing a response to an authentication challenge from the first user, sending an authentication challenge to a second user, providing a response to an authentication challenge from the second user, comparing the responses from the first and second user to stored data to authenticate the users and provide the requested access, which is a mental process.
The phrase “mental process” applies to concepts that can be performed in the human mind (including an observation, evaluation, judgment, opinion). The courts have found that claims recite a mental process when they contain limitations that can practically be performed in the human mind, including for example, observations, evaluations, judgments, and opinions. An examples of a claim that recite mental processes include: a claim to collecting and comparing known information (claim 1), which are steps that can be practically performed in the human mind, Classen Immunotherapies, Inc. v. Biogen IDEC, 659 F.3d 1057, 1067, 100 USPQ2d 1492, 1500 (Fed. Cir. 2011). Further, see MPEP 2106.04(a)(2) III. A-D.
Therefore, the identified limitations fall within the subject matter groupings of abstract ideas enumerated in Section I of 2019 PEG, thus analysis now proceeds to Prong Two in order to evaluate whether the claim integrates the abstract idea into a practical application.
Under step 2A Prong Two, per MPEP 2106.04, prong two asks does the claim recite additional elements that integrate the judicial exception into a practical application? In Prong Two, examiners evaluate whether the claim as a whole integrates the exception into a practical application of that exception. If the additional elements in the claim integrate the recited exception into a practical application of the exception, then the claim is not directed to the judicial exception (Step 2A: NO) and thus is eligible at Pathway B. This concludes the eligibility analysis. If, however, the additional elements do not integrate the exception into a practical application, then the claim is directed to the recited judicial exception (Step 2A: YES), and requires further analysis under Step 2B (where it may still be eligible if it amounts to an ‘‘inventive concept’’).
Next, per 2019 PEG, Prong Two represents a change from prior guidance. The analysis under Prong Two is the same for all claims reciting a judicial exception, whether the exception is an abstract idea, a law of nature, or a natural phenomenon. Examiners evaluate integration into a practical application by: (I) Identifying whether there are any additional elements recited in the claim beyond the judicial exception(s), and (II) evaluating those additional elements individually and in combination to determine whether they integrate the exception into a practical application, using one or more of the considerations laid out by the Supreme Court and the Federal Circuit.
Accordingly, the examiner will evaluate whether the claims recite one or more additional element(s) that integrate the exception into a practical application of that exception by considering them both individually and as a whole.

The claim elements in addition to the abstract idea, i.e. additional elements, as recited in claims 1-20 at least are per claim 1 a system, comprising: a secure server configured to host one or more secure applications; and a multi-person authentication server comprising: a network interface configured to communicate with the secure server, a first user device associated with a first user, and a second user device associated with a second user; and a processor configured to…, a first user device to capture a first image of a face of the first user, …a second user device to capture a second image of a face of the second user and instructs the second user device to provide the second image or an authentication result of authenticating the second image to the first user device; per claim 8, the additional element(s) are similar to the ones noted per claim 1; per claim 15 the additional element(s) are similar to the ones noted per claims 1 and 8. Remaining dependent claims, namely 2-7, 9-14, and 16-20, either recite the same additional element(s) as already noted above or simply lack recitation of an additional element, in which case note prong one as set forth above.
As would be readily apparent to a person having ordinary skill in the art (hereinafter PHOSITA), the additional elements are generic computer components, for example note at least a system, comprising: a secure server configured to host one or more secure applications, … a multi-person authentication server comprising: a network interface configured to communicate with the secure server, … a first user device associated with a first user, … a second user device associated with a second user; and a processor, …the first user device to receive challenge-response messages and capture a first image of a face of the first user, …a second user device to receive push notifications, capture a second image of a face of the second user, and provide the second image to the first user device. The additional elements are simply utilized as generic tools to implement the abstract idea or plan as "apply it" instructions (see MPEP 2106.05(f)). The additional elements are generic as they are described at a high level of generality, see at least as-filed Figs. 4, 6, 8, and spec. para. [0041] - [0044]. Further, the claims appear to be implementing a commercial solution to a commercial problem of crediting consumer accounts in real time, see at least as-filed spec. page 8, line 27 – page 10, line 10.
The server/processor of the system executing the "apply it" or performing the comparison of captured image data from the first and second users and authorizing access to the secure server if the images are found to be authorized users is connected to plurality of generic devices (e.g. a first user device, a second user device) merely receiving/capturing/sending data over a network. As noted in MPEP 2106.05(d)II the courts have recognized some computer functions as well‐understood, routine, and conventional functions when they are claimed in a merely generic manner (e.g., at a high level of generality) or as insignificant extra-solution activity. For example, receiving or transmitting data over a network, (e.g., using the Internet to gather data, See Symantec, 838 F.3d at 1321, 120 USPQ2d at 1362 (utilizing an intermediary computer to forward information); TLI Communications LLC v. AV Auto. LLC, 823 F.3d 607, 610, 118 USPQ2d 1744, 1745 (Fed. Cir. 2016) (using a telephone for image transmission); OIP Techs., Inc., v. Amazon.com, Inc., 788 F.3d 1359, 1363, 115 USPQ2d 1090, 1093 (Fed. Cir. 2015) (sending messages over a network); buySAFE, Inc. v. Google, Inc., 765 F.3d 1350, 1355, 112 USPQ2d 1093, 1096 (Fed. Cir. 2014) (computer receives and sends information over a network)); electronic recordkeeping, (See Alice Corp. Pty. Ltd. v. CLS Bank Int'l, 573 U.S. 208, 225, 110 USPQ2d 1984 (2014) (creating and maintaining "shadow accounts"); Ultramercial, 772 F.3d at 716, 112 USPQ2d at 1755 (updating an activity log)); and electronically scanning or extracting data from a physical document, (see Content Extraction and Transmission, LLC v. Wells Fargo Bank, 776 F.3d 1343, 1348, 113 USPQ2d 1354, 1358 (Fed. Cir. 2014) (optical character recognition)).  The requesting, obtaining, and comparison of image data from two users in order to authorize access to a secure server fails to contain meaningful limitations beyond generally linking the use of an abstract idea to a particular technological environment (see MPEP 2106.05(h)).
Accordingly, viewed as a whole, these additional claim element(s) do not provide any additional element that integrates the abstract idea (prong one), into a practical application (prong two) upon considering the additional elements both individually and as a combination or as a whole as they fail to provide: an additional element that reflects an improvement in the functioning of a computer, or an improvement to other technology or technical field; or an additional element that implements a judicial exception with, or uses a judicial exception in conjunction with, a particular machine or manufacture that is integral to the claim; or an additional element that effects a transformation or reduction of a particular article to a different state or thing; or an additional element that applies or uses the judicial exception, again, in some other meaningful way beyond generally linking the use of the judicial exception to a particular technological environment, such that the claim as a whole is more than a drafting effort designed to monopolize the exception as explained above.
Thus, the abstract idea which pertains to sending and receiving an authentication request from a first user, providing a response to an authentication challenge from the first user, sending an authentication challenge to a second user, providing a response to an authentication challenge from the second user, comparing the responses from the first and second user to stored data to authenticate the users and provide the requested access, which is a mental process (prong one) is not integrated into a practical application upon consideration of the additional element(s) both individually and as a combination (prong two). 
Therefore, under step 2A, the claims are directed to the abstract idea, and require further analysis under Step 2B.
Under step 2B, per MPEP 2106.05, as it applies to claims 1-20, the Examiner will evaluate whether the foregoing additional elements analyzed under prong two, when considered both individually and as a whole provide an inventive concept (i.e., whether the additional elements amount to significantly more than the exception itself). The abstract idea which pertains to pertains to sending and receiving an authentication request from a first user, providing a response to an authentication challenge from the first user, sending an authentication challenge to a second user, providing a response to an authentication challenge from the second user, comparing the responses from the first and second user to stored data to authenticate the users and provide the requested access, which is a mental process (prong one) - has not been applied in an eligible manner.  The claim elements in addition to the abstract idea are simply being utilized as generic tools to execute "apply it" instructions and amount to no more than general linking to a technical environment and/or technical field of use - as they are described at a high level of generality (prong two).

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-2, 4-9, 11-16, and 18-20 are rejected under 35 U.S.C. 103 as being unpatentable over Achyuth et al. US Patent Application Publication 2020/0314104 A1 (hereinafter Achyuth) in view of Horton US Patent Application Publication 2015/0140964 A1 (hereinafter Horton).

Regarding claims 1, 8 and 15, Achyuth teaches a system, comprising: a secure server configured to host one or more secure applications (Para 0022 teaches regulating access to one or more applications); and a multi-person authentication server comprising (See, Fig. 1): a network interface configured to communicate with the secure server, a first user device associated with a first user, and a second user device associated with a second user; and a processor configured to: (Para. 0008, FIG. 2A is a diagram of a network computing environment. Para. 0101.), a method comprising (Para. 0003), and a device comprising: a network interface configured to communicate with a secure server, a first user device associated with a first user, and a second user device associated with a second user; and a processor configured to: (Para. 0073-0074),
receive an authentication request corresponding to a request to provide the first user access to the secure server (Para. 0034-0035, the system 102 may receive, at step 114, a request for access to data (e.g., a file) by the first device 104 operated by the first user 106. In some embodiments, for example, the first user 106 may be an authorized user of the system 102 and may gain access to a list of files available for download or on-line viewing after successfully authenticating his or her identity to the system 102 (e.g. via biometric authentication).  Para. 0139-0140, at step 702 the system receives a request to access a file from a secure storage system.); 
in response to receiving the authentication request: (Para. 0146, In some embodiments, for example, a file may be designated as “Highly-Sensitive Classified.” In such a case, authentication of both the first user 106 and the second user(s) 110 may be requested each time the first device 104 is to be provided access to the file.); 
provide a challenge-response message to the first user device (Para. 0148, the authentication process for the first user 106 may involve requesting to collect information input by the first user 106 to the first device 104, and comparing the collected information with stored authentication information associated with an account of the first user 106.), wherein the challenge-response message indicates authentication of the first user of the first user device is needed, directs the first user device to capture a first image of a face of the first user (Para. 0154, in embodiments the first user's authentication may require a facial image acquired by a camera on a user's smartphone device. Para. 0156, the identity of the first user 106 may additionally be authenticated by sending a confirmation request to a device known to be accessible by a second user(s) 110 only upon proper authentication of the first user's identity.); and
provide a push notification to the second user device, wherein the push notification indicates confirmation of the authentication of the first user of the first user device is needed, (Para. 0041, in some implementations, a request for confirmation that the first user 106 should be permitted to access a particular file (or other data) may be sent to a proprietary mobile device associated with the second user 110 (push notification). In such implementations, receipt of an affirmative confirmation from the associated device or service may be relied upon, at least in part, to authenticate the identity of the second user 110 (confirmation of the user authentication is needed). Para. 0148, in order to complete the process, the routine proceeds to step 710 and request authentication from the second user. Para. 0150, the authentication process invoked in step 712 for each second user 110 may also involve collecting information input by the person operating the second device 108, and comparing the collected information with stored authentication information associated with an account of the second user 110. If the collected information matches the stored information, then the identity of the second user 110 may be confirmed at a step 714.) directs the second user device to capture a second image of a face of the second user (Para. 0040, the system may send a message to the second device 108 prompting the second user 110 to provide one or more inputs (e.g., a biometric input) to the second device 108, and the second device 108 may communicate such inputs to the system 102 for comparison with stored authentication information. Para. 0154, the biometric information may be a facial image acquired by a camera. Para. 0156, authentication can further include sending confirmation information to a first user device to authenticate a second user's identity.); 
receive a response to the challenge-response message from the first user device, wherein: the response indicates that the first user and the second user are verified and that the first user is authorized to access the secure server when the first image is an image of an authorized user of the secure server and the second image is an image of an administrator of the secure server (Para. 0147-0150, the authentication processes for the first and second users may be the same, and after the first user has authenticated their identity by submitting biometric information for comparison the second user information is requested at step 710. The system requires comparing the collected information with the stored authentication information before authorizing access. Para. 0154, the compared information may be a facial image.), and 
the response indicates that the first user and the second user are not verified and that the first user is not authorized to access the secure server when one or both of: the first image is not the image of the authorized user of the secure server and the second image is not the image of the administrator of the secure server (Para. 0148-0150, if the collected information does not match the stored information, then the identity of the first or second users may not be confirmed at the steps 708 and 714, and the routine 700 may instead proceed to a step 716 at which the approval processes is aborted.); 
if the received response indicates the first user and the second user are authenticated, allow the first user to access the secure server (Para. 0160-0162, in embodiments in which the authentication is required to access a server the authentication may allow the first user access, step 720.); and 
if the received response indicates the first user and the second user are not authenticated, prevent the first user from accessing the secure server (Para. 0163, if the identity of the first user 106 or the second user 110 cannot be confirmed at the step 708 or step 714, then the data access control system 102 may, at step 716, abort the access approval process and thus deny access to the requested files.).  
Achyuth does not explicitly teach providing a message to the user device that indicates a number of confirming users required to achieve a multi-person authentication; and providing a push notification to the second user device that instructs the second user device to provide the second image or an authentication result of authenticating the second image to the first user device.
However, Horton teaches providing a message to the user device that indicates a number of confirming users required to achieve a multi-person authentication (Para. 0034-0036, the central access control server 230 determines if a two-person authorization is required, and using rule-system sets, determines authentication and authorization parameters. The rules may define (a) the number of authorizing users from whom authorization is required to access the resource, and (b) the identity of the authorizing users who can authorize access by particular users to particular resources. The access control server may then transmit to the requesting user's mobile device a verification 319 that the request has been received.); and providing a push notification to the second user device that instructs the second user device to provide the second image or an authentication result of authenticating the second image to the first user device (Para. 0041, the  central access control server 230 sends details 330 of the transaction request to the mobile applications of the authorizing users 240, for use in a decision whether to grant authorization. Para. 0048, the authorization from the authorizing user(s) 240 may include biometric authentication (authenticating the second image).  The authorization may require authentication at the time of authorization (an authentication result).).
Therefore, it would have been obvious to one of ordinary skill in the art, at the time the invention was made, to modify the teachings of Achyuth to include providing a message to the user device that indicates a number of confirming users required to achieve a multi-person authentication; and providing a push notification to the second user device that instructs the second user device to provide the second image or an authentication result of authenticating the second image to the first user device, as taught by Horton, in order to identify of one or more additional individuals that need to be authenticated to allow access to file data, and authenticating the additional users through biometric inputs (Achyuth, Paras. 0039-0040).

Regarding claims 2, 9 and 16, the combination of Achyuth, and Horton teaches all of the limitations of claims 1, 8, and 15 above; Achyuth also teaches wherein: the request to access the secure server comprises a request to access a first secure application hosted on the secure server (Para. 0037, step 114 in Figure 1 shows the request to access an encrypted or otherwise secure application.); 
and the processor is further configured to: determine an initial administrator in a list of authorized administrators of the first secure application; and determine the second user is the initial administrator in the list of authorized administrators. (Para. 0037, in embodiments, the author of the file, application, etc. (e.g., the second user 110) may have saved the data with one or more security settings and communicated the file, application, etc., to the first device 104. In any such embodiment, the first device 104 may cause the access request to be generated and sent to the system 102 when the first user 106 attempts to open or access the file, application, etc. Para. 0039, as further shown in FIG. 1, upon receiving an access request, the system 102 may determine, in step 116, that an identity of one or more additional individuals (e.g., the second user 110) (list of authorized administrators) needs to be authenticated to allow access to the file. Examination of the records associated with the data may indicate that authentication by the second user or one member of a delegate group may be required (initial administrator).)

Regarding claims 4, 11, and 18, the combination of Achyuth, and Horton teaches all of the limitations of claims 1, 8, and 15 above; Achyuth also teaches wherein the processor is further configured to: determine that the first user device is not responsive to the challenge-response message within a threshold period of time; and following determining that the first user device is not responsive to the challenge-response message within the threshold period of time, prevent the first user from accessing the secure server. (Para. 0152, a determination may be made as to whether the first user's identity has been authenticated within a first window of time following receipt of the request at the step 702 (within a threshold period of time), and the routine 700 may proceed to the step 720 to provide access to the secured data only if it is determined that the first user's identity was authenticated within such a first window, otherwise the access approval is not granted (prevent the first user from accessing the secure server).)
Regarding claims 5, 12 and 19, the combination of Achyuth, and Horton teaches all of the limitations of claims 1, 8, and 15 above; Achyuth also teaches wherein the processor is further configured to, prior to allowing access to the secure server if the received response indicates the first user is authenticated: confirm that a first identity of the first user determined from the first image corresponds to a user identity associated with the received request to access the secure server (Para. 0148, If the collected information matches the stored information then, then the identity of the first user 106 may be confirmed at a step 708, and the routine 700 may proceed to authenticating the second user; para 0154 teaches facial image); 
and confirm that a second identity of the second user determined from the second image corresponds to a user identity associated with the second device to which the push notification was provided. (Para. 0150, if the collected information matches the stored information, then the identity of the second user 110 may be confirmed at a step 714, and the routine 700 may proceed to provide access to the secured data.)

Regarding claims 6, 13 and 20, the combination of Achyuth, and Horton teaches all of the limitations of claims 1, 8, and 15 above; Achyuth also teaches wherein the push notification includes instructions for the second user to provide an input to confirm or deny whether the first user is authorized to access the secure server. (Para. 0146, in some implementations, a request for confirmation of the first user’s identity may be sent to a proprietary mobile device or email account associated with the second user 110 (the push notification). In such implementations, receipt of an affirmative confirmation (an input) from the associated device or service may be relied upon, at least in part, to authenticate the identity of the first user to allow access.)

Regarding claims 7 and 16, the combination of Achyuth, and Horton teaches all of the limitations of claims 1, 8, and 15 above; Achyuth also teaches wherein: the received authorization request includes security credentials for the first user (Para. 0035, the first user 106 may be an authorized user of the system 102 and may gain access to a list of files available for download or on-line viewing after successfully authenticating his or her identity to the system 102 by entering a user name or password (security credentials). The access request of the step 114 may be generated, for example, in response to the authenticated first user selecting one of the items on such a list.); and the processor is further configured to, prior to providing the challenge-response message to the first user device, determine that the security credentials correspond to predetermined credentials for the first user. (Para. 0046, in some embodiments, the system 102 may, upon receiving an access request from the first device 104, additionally invoke another authentication process using biometric authentication (challenge-response) to authenticate the identity of the first user 106 of the first device 104 prior to providing access to the file or other data by the first device 104. In such embodiments, the system 102 may ensure not only that a particular individual (the second user 110) is granting access privileges but also that the first user 106 is the intended recipient of such privileges.)


Claims 3, 10, and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Achyuth in view of Horton and further  in view of Tomlinson et al. US Patent 11,097,187 (hereinafter Tomlinson).
Regarding claims 3, 10, and 17, the combination of Achyuth, and Horton teaches all of the limitations of claims 2, 9 and 16 above; Achyuth further teaches wherein the processor is further configured to: determine that the second user device is not responsive to the push notification within a threshold period of time. (Para. 0152, a determination may additionally or alternatively be made as to whether the identity of each indicated second user 110 has been authenticated within a second window of time following receipt of the request at the step 702, and the routine may proceed to the step 720 only if it is determined that each such second user's identity was authenticated within such a second window.)
The combination of Achyuth, and Horton does not explicitly teach following determining that the second user device is not responsive to the push notification within the threshold period of time: determine a next administrator in the list of authorized administrators of the first secure application; and determine the second user is the initial administrator in the list of authorized administrators.   
However, Tomlinson teaches following determining that the second user device is not responsive to the push notification within the threshold period of time: determine a next administrator in the list of authorized administrators of the first secure application; and determine the second user is the initial administrator in the list of authorized administrators. (Col. 10:63- Col. 11:14, a user match engine is transferring a message to user among a set of users (push notification). If the engine does not receive a response within a threshold period of time it will identify the next highest ranked user (the initial administrator) among a set of users (the list of authorized administrators).)
Therefore, it would have been obvious to one of ordinary skill in the art, at the time the invention was made, to modify the teachings of Achyuth to include following determining that the second user device is not responsive to the push notification within the threshold period of time: determine a next administrator in the list of authorized administrators of the first secure application; and determine the second user is the initial administrator in the list of authorized administrators, as taught by Tomlinson in order to allow authentication of and by one or more members of a delegate group (Achyuth, Paras. 0043, and 0145).

Response to Arguments
After careful review of Applicant’s remarks/arguments filed on 12 Aug 2022, the Applicant’s amendments have been entered. Applicant’s arguments with respect to claims 1-20 have been fully considered.
With regard to claim objections 
Applicant’s amendment has been entered. The objections are withdrawn.

With regard to claim rejections under Double Patenting
Applicant will consider filing terminal disclaimers upon receiving indication that the claims are otherwise allowable. The rejection is maintained.

With regard to claim rejections under Claim Rejections - 35 USC § 101
Argument One
Applicant argues that the subject matter of the claims is not directed to an Abstract idea, much less to "a mental process" as asserted by the Office Action. According to, MPEP Section 2106.04, Step 2A checks whether the claim as a whole is directed to a judicial exception. Applicant submits that the Office Action has failed to consider the claims as a whole in determining that the claims are directed to the abstract idea of "a mental process". The details go beyond an abstract idea of "a mental process". Specifically, the steps of "provide a challenge-response message to the first user device", "provide a push notification to the second user device", and "receive a response to the challenge-response message from the first user device" cannot be performed by the human mind, even with the aid of pencil and paper. Applicant further argues that even if the pending claims involve an abstract idea, the claims recite elements that are integrated into a practical application and are therefore not directed to an abstract idea according to a proper analysis pursuant to MPEP 2106.
Applicant’s arguments have been fully considered but they are not persuasive. 
The amended claims receive a request to access a server, and verifies biometric image data for both a first user and one or more administrators in order to determine if access should be granted.  The steps performed in the claims of "provide a challenge-response message to the first user device", "provide a push notification to the second user device", and "receive a response to the challenge-response message from the first user device" are merely instructions to implement the abstract idea on a computer, or use a computer as a tool to perform the abstract idea.
The claims do not state that the captured first image of the face of the first user, or the captured second image of the face of the second user, are verified using facial recognition to determine if they match the image of an authorized user and an authorized administrator. The claims also do not specify if the captured image of the first user is authenticated by the first user’s device, or sent to an authentication server. The claims also do not specify which device authenticates the second user image. The features of a secure multi-person authentication based on facial recognition and performed entirely by a user device is taught by the written disclosure, PG Pub para. 0009, would amount to significantly more than the abstract idea. 
With regard to claim rejections under Claim Rejections - 35 USC § 102
Argument One
Applicant argues that Achyuth fails to teach or suggest "in response to receiving the
authentication request: provide a challenge-response message to the first user device, wherein the challenge-response message ... indicates a number of confirming users required to achieve a multi-person authentication; and provide a push notification to the second user device, wherein the push notification ... directs the second user device to capture a second image of a face of the second user, and instructs the second user device to provide the second image or an authentication result of authenticating the second image to the first user device" as recited in amended claim 1.
This argument is persuasive, and the rejection is withdrawn. 
However, upon further consideration, a new grounds of rejection is made for independent claims 1, 8, and 15 under 35 USC 103 in view of Achyuth, and Horton.
Horton teaches a system and method in which access to a resource requires verification of the requesting user, as well as verification of an authorizing user. The authentication method to perform the authorization may be biometrics.
 
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ROBERT C JOHNSON whose telephone number is (571)272-6450. The examiner can normally be reached Monday - Friday; 9am - 6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Waseem Ashraf can be reached on (571) 270-3948. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/ROBERT C JOHNSON/Examiner, Art Unit 3682                                                                                                                                                                                                        
/DAVID J STOLTENBERG/Primary Examiner, Art Unit 3682