SYSTEM AND METHOD FOR AUTHENTICATION OF INTERACTIVE VOICE RESPONSE SERVICE

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Status of Claims This office action on the merits in response to the application filed on 09/26/2025. Claims 1-17 are currently pending and have been examined. Response to Arguments Applicant's arguments filed 09/26/2025 with respect to the rejection of claim(s) 1-17 have been fully considered and are persuasive. Therefore, the rejection has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. Claims 1-17 are rejected under 35 U.S.C. 103 as being unpatentable over Jameel et al. (US 20190124078 A1), in view of Zhang et al. (US 20160127369 A1), in view of Randall et al. (US 20190333105 A1), and further in view of Kesanupalli et al. (US 20100083000 A1). 6. Regarding claims 1 and 12, Jameel discloses an authentication service system, and an authentication service method, (Para. 0026)), comprising: a terminal including a voice call application and an identification information providing application, the terminal configured to send a voice call to an interactive voice response (IVR) service server, wherein the user identification information is retrieved from secure storage of the terminal, to an authentication server, (Para. 0020-0021, In embodiments, a user can register with the secured server 120. The secured server 120 can prompt the user to download or cause the user device 102 to download an application 112. When the user, through the user device 102, attempts to use a service provided by the secure server 120, the secure server 120 can use an IVR service 150 to call the user device 102. The IVR service 150 can be used to ensure that the transaction being attempted is from the authorized user, and not from an unauthorized third party. The IVR service 150 can prompt the user to provide a biometric identifier, such as a fingerprint scan, to authenticate herself with the secured server 120. The secure server 120 can authenticate the user using the unique biometric identifier using, e.g., an authentication server 130. FIG. 2 is a process flow diagram 200 for associating an open authorization (OATH) with a fingerprint authentication in accordance with embodiments of the present disclosure. At the outset, a user can register with a secured server (202). The secured server can use an authentication service to create an authentication profile for the user (204). The authentication procedure can be any authentication procedure that can create an authentication key for the user. For example, the user can undergo a public/private certification process with an authentication service. The authentication service can issue an authentication key, such as an open authentication secret key (OATH secret key). The application on the user device can then receive the OATH secret key from the authentication service (206) and can store the OATH secret key in a secure location (208).; and Para. 0025, The secured system can authenticate the user using the OTP using, for example, and authentication service, such as the authentication service the user used to perform the aforementioned authentication or registration process.) the interactive voice response service server configured to provide an interactive voice response service according to a request of a user and authenticate the user using an authentication key received from the authentication server, (Para. 0021-0025 FIG. 2 is a process flow diagram 200 for associating an open authorization (OATH) with a fingerprint authentication in accordance with embodiments of the present disclosure. At the outset, a user can register with a secured server (202). The secured server can use an authentication service to create an authentication profile for the user (204). The authentication procedure can be any authentication procedure that can create an authentication key for the user. For example, the user can undergo a public/private certification process with an authentication service. The authentication service can issue an authentication key, such as an open authentication secret key (OATH secret key). The application on the user device can then receive the OATH secret key from the authentication service (206) and can store the OATH secret key in a secure location (208)…FIG. 3 is a process flow diagram 300 for generating and using a one-time password (OTP) for accessing an interactive voice response application in accordance with embodiments of the present disclosure. At the outset, a user operating a user device can initiate a secured transaction with the secured server (302). For example, the user can use an application associated with the secured server through the user device. The secured server can trigger a cellular or IP call to the user device, which makes use of an IVR system prompting the user to provide biometric information (304). For example, the application can prompt the user to provide a fingerprint scan that the application can use to authenticate the user… The secured system can authenticate the user using the OTP using, for example, and authentication service, such as the authentication service the user used to perform the aforementioned authentication or registration process.) Jameel does not explicitly disclose identify a recipient number of the voice call by analyzing call metadata using a predefined recipient number list stored on the terminal, and transmit authentication information comprising a phone number of the terminal and user identification information. However, Zhang teaches identify a recipient number of the voice call by analyzing call metadata using a predefined recipient number list stored on the terminal, and transmit authentication information comprising a phone number of the terminal and user identification information, (Para. 0058-0059, In some embodiments, the request for voice communication is associated with user authentication when the user attempts to access and/or use the online service to, for example, log in a user interface (e.g., a webpage) of the online service, to make an online transaction, to download data from the server device, and/or the like. In some embodiments, the user needs to perform the user authentication process when the user logs in the online service, and does not need to perform subsequent user authentication after login. In some other embodiments, the user needs to perform the user authentication process for each certain operation within the online service (e.g., a transaction) even after login. In some embodiments, to send the request for voice communication from the terminal device to the server device, the user has previously obtained contact information of the server device such as, for example, a phone number connecting to the server device, an instant messaging ID of the server device, an online chatting ID of the server device, and/or the like. In some embodiments, the contact information of the server device can be displayed on a user interface (e.g., a webpage) associated with the online service, thus accessible to the user. In other embodiments, the contact information of the server device can be made available and/or accessible to the user in any other suitable method. Para. 0061-0062, In some embodiments, in requesting the online service, the user can enter the identification information (e.g., a phone number, a user ID, an email address) into a user interface (e.g., a webpage) of the online service. In some embodiments, once the user enters the identification information (e.g., at login), the user is not requested to enter the identification information again for subsequent user authentication. In such embodiments, the entered identification information can be linked to an account of the user. For example, the identification information of the user is stored at the server device when the user is logged in the online service, and retrieved every time when the user authentication process is performed. In some other embodiments, the user is requested to enter identification information for each user authentication. At S203, the server device sends a voice message including a verification code to the terminal device in accordance with a determination that the received identification information matches the stored identification information of a user who is requesting the online service. In accordance with the determination of such a match, the server device determines that the user who has a pending service request for the online service is the one who is making the request for voice communication. In response, the server device sends the voice message including the verification code to the terminal device. The verification code is generated by the server device in response to the service request of the user for the online service. Thus, the user can use the verification code for user authentication at the terminal device.; and Para. 0203, The network interface 214 is also configured to transmit, for example, control instructions for presenting verification methods, verification codes, non-voice messages including verification codes, signals indicating successful user authentication, etc., to other devices (e.g., terminal devices, the network-service server 209, the voice-response server 208, etc.). In some embodiments, operations of the network interface 214 are controlled by instructions or code stored in the network communications module within the memory 215.) Under broad reasonable interpretation, analyzing call metadata using a predefined recipient number list stored on the terminal, and transmit authentication information comprising a phone number of the terminal and user identification information is interpreted as the user or the terminal selecting a known recipient number that is stored identification information –such as the metadata, the user ID and number are collected and used for authentication and the authentication information is then transmitted by the terminal to be users to verify the user in the cited prior art. One of ordinary skill in the art would have recognized that applying the known technique of Jameel to the known invention of Zhang would have been recognized that the application of the technique would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate interactive voice response features into a similar invention. Further, it would have been recognized by those of ordinary skill in the art that modifying the system to include identify a recipient number of the voice call by analyzing call metadata using a predefined recipient number list stored on the terminal, , and transmit authentication information comprising a phone number of the terminal and user identification information result in an improved invention because applying said technique will ensure that the authentication request is sent to the intended user to reduce any security risks, thus improving the overall security of the invention. Jameel does not explicitly disclose verifying that the recipient number is present in a locally stored recipient number list. However, Zhang teaches verifying that the recipient number is present in a locally stored recipient number list, (Para. 0006-0007, In some embodiments, a method for user authentication with respect to providing an online service is disclosed. The method is performed at a server device having one or more processors and memory for storing programs to be executed by the one or more processors. The method includes receiving a service request from a first terminal device associated with the user. The service request includes identification information of the user. The method includes generating a verification code in response to the service request. The method also includes establishing, based on the identification information of the user, a voice communication with a second terminal device associate with the user. In some instances, the first terminal device and the second terminal device are the same terminal device. In other instances, the first terminal device is different from the second terminal device. In some instances, for example, the server device makes a phone call to a phone of the user to establish the voice communication. In some other instances, for example, the server device receives and responds to a phone call from a phone of the user.; and Para. 0009, The method further includes sending, during the voice communication and to the second terminal device, a voice message including the verification code. As a result, the user uses the verification code to authenticate the service request at the first terminal device.) One of ordinary skill in the art would have recognized that applying the known technique of Jameel to the known invention of Zhang would have been recognized that the application of the technique would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate verification features into a similar invention. Further, it would have been recognized by those of ordinary skill in the art that modifying the system to include verifying that the recipient number is present in a locally stored recipient number list result in an improved invention because applying said technique will ensure that the authentication information is only sent to authorized recipients to prevent fraudulent activity, thus improving the overall security of the invention. Jameel does not explicitly disclose the authentication server configured to receive the authentication information from the terminal, receive an authentication request from the IVR service server including the phone number of the terminal, extract the user identification information from the authentication information matching the phone number, generate the authentication key using the extracted user identification information. However, Randall teaches the authentication server configured to receive the authentication information from the terminal, receive an authentication request from the IVR service server including the phone number of the terminal, extract the user identification information from the authentication information matching the phone number, generate the authentication key using the extracted user identification information, (Para. 0024-0025, The proxy gateway is typically located remote to the network addressable screen, the content server and the communications device, and is typically linked to the content server and the screen by the first network, while being linked to the communications device by the second network. Bridging between the networks typically includes automatically generating a proxy command for the commands received from the communications device. The proxy commands may also be automatically associated with the appropriate content server and automatically routed to that content server over the first network. Having two such networks bridged by a proxy server allows a number of applications to function, including the ability for a search, or journey, started on one network to be continued on another. For instance, a user may surf to a website on a home computer and, after research, locate a desired type of object, and a place that the object is on sale. The user may bookmark that object and location by providing their cellular phone number and bookmark that object. The user may then physically go to the location where the object is available, and phone a number on a network addressable screen at that location. When the system receives the call, it will recognize the cellular number, and display instructions related to the bookmarked object such as, but not limited to, displaying the particular aisle the object is located in, or the nature of accessories available at the location that may be useful with the bookmarked object.; and Para. 0050] An Interactive Voice Response (IVR) system communications interface 107, may for instance, receive and interpret consumer commands that are proxy commands for those inputted on their mobile communications device and relays those commands to a system manager 110. The system manager 110 may log consumer information and pass the commands over the Internet to the client manager 105 that may then update the screen 101.) One of ordinary skill in the art would have recognized that applying the known technique of Jameel to the known invention of Randall as modified would have been recognized that the application of the technique would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate interactive voice response features into a similar invention. Further, it would have been recognized by those of ordinary skill in the art that modifying the system to include the authentication server configured to receive the authentication information from the terminal, receive an authentication request from the IVR service server including the phone number of the terminal, extract the user identification information from the authentication information matching the phone number, generate the authentication key using the extracted user identification information, result in an improved invention because applying said technique will make sure that the authentication process is more clearly defined by including personal information, thus improving the overall performance of the invention. Jameel does not explicitly disclose a push service server, configured to transmit web paqe access information including the authentication key to the terminal, wherein the terminal accesses a web page associated with the IVR service by using the received web page access information and renders a login-free personalized user interface. However, Randall teaches a push service server, configured to transmit web paqe access information including the authentication key to the terminal, wherein the terminal accesses a web page associated with the IVR service by using the received web page access information and renders a login-free personalized user interface, (Para. 0151-0153, In a further embodiment of the invention, the system may be used to facilitate an IVR trivia contest, a poll, an election or other related games. For instance, the network addressable screen may display questions with answer options. Users may then select a number on their phone corresponding with the answer they believe is right. Multiple users may play and the network addressable screen shows how many people are voting on each answer. The person/people with the most right questions may be recognized by the system and can be called back or displayed on screen in some manner such as, but not limited to, their name, their picture, or their icon. The same feedback and recognition may be applied to the poll, election and other game applications detailed above… In a further embodiment the user may bookmark or phone mark an item or a site. This may be done by URL forwarding or by the system logging the information. For instance, a user may find information on a location-based network addressable screen that may be bookmarked by selecting a number corresponding with an instruction in the system to record that page as a bookmark. When the user later enters an identifier, such as their user ID, pin or phone number in an enabled website, the information that they found at the location-based network identifiable screen may be presented to them. In this way the system effectively enables a user to continue a search or journey begun on one network to be continued on another network. The continuation may occur in either direction, so that a user researching product information on a web using a home PC may, by bookmarking or phone marking that information with an identifier such as their cellular phone number, may continue that search at a location-based network addressable screen using their cellular phone to control the further interaction.). Under broad reasonable interpretation, is interpreted as the system storing/transmitting information related to the user via URL forwarding or backend logging –such as a push service. The user’s phone number and or IP to enable automatic personalizing without requiring re-authentication in the cited prior art. One of ordinary skill in the art would have recognized that applying the known technique of Jameel to the known invention of Randall as modified would have been recognized that the application of the technique would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate interactive voice response features into a similar invention. Further, it would have been recognized by those of ordinary skill in the art that modifying the system to a push service server, configured to transmit web paqe access information including the authentication key to the terminal, wherein the terminal accesses a web page associated with the IVR service by using the received web page access information and renders a login-free personalized user interface, result in an improved invention because applying said technique will make sure that the authentication process is more clearly defined by including personal information and eliminate re-authentication as the system automatically recognizes the user when accessing the webpage, thus improving the overall user convenience of the invention. Jameel does not explicitly disclose wherein the terminal is configured to transmit the authentication information only after acquiring the user identification through a present authentication, including biometric authentication, password authentication, or single sign-on (SSO). However, Kesanupalli teaches wherein the terminal is configured to transmit the authentication information only after acquiring the user identification through a present authentication, including biometric authentication, password authentication, or single sign-on (SSO), (Para. 0015-0017, The present invention provides devices, systems and methods by which biometric authentication may be incorporated into existing access verification infrastructures, and in which remote storage of biometric data is not required. As illustrated in FIG. 1, a user 102 may input biometric data, such as but not limited to a fingerprint 104, into a biometric sensor 112 of a local device 110. In order to validate fingerprint 104, local device 110 may compare user fingerprint 104 to locally stored biometric data, such as stored fingerprint 114. This validation process may be performed by either the operating system of local device 110 or the sensor 112 itself, or both. If user fingerprint 104 is validated successfully, local device 110 may output user information 130 to remote device 120. Remote device 120 may be, for example, a server related to an e-commerce site, a financial institution, wireless carrier, or company data server, amongst various other systems related to secure sites. User information 130 may include, for example, a username, a password, answers to personal or targeted questions, or other identifying information. The user identification may be a unique user ID or a randomly assigned number such as a number generated by a Physical Unclonable Function (PUF). Remote device 120 may, upon receiving user information 130, attempt to authenticate user information 130. If successful, remote device 130 may send to local device 110 a request 132 for a token 134 including, for example, a security key, one-time password, or other dynamically generated token. Local device 110 may then respond to request 132 by transmitting a token 13… In another embodiment of the invention, token 134 may be transmitted to remote device 120 directly after validation of user fingerprint 104, without first outputting user information 130 or receiving request 132. Upon receiving token 134, remote device 120 may authenticate the user 102 based directly on the token 134.; and Para. 0022, The biometric input may be received via a sensor of a local device from a user 302. The validating may be performed 304 by an operating system of the local device. Alternatively, the validating is performed by the sensor. A token based on the biometric input is then transmitted to a remote location 306. One of ordinary skill in the art would have recognized that applying the known technique of Jameel to the known invention of Kesanupalli would have been recognized that the application of the technique would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate password authentication features into a similar invention. Further, it would have been recognized by those of ordinary skill in the art that modifying the system to include wherein the terminal is configured to transmit the authentication information only after acquiring the user identification through a present authentication, including biometric authentication, password authentication, or single sign-on (SSO) result in an improved invention because applying said technique will ensure that only authorized users gain access by not transmitting information until the user is verified, thus improving the overall security of the invention. 7. Regarding claims 2, 9, and 13, Jameel does not explicitly disclose wherein the authentication information comprises a phone number of the terminal and user identification information. However, Zhang teaches wherein the authentication information comprises a phone number of the terminal and user identification information, (Para. 0156, Operations of S141-S143 are similar to operations of S201 of the method 200 in FIG. 2. At S141, the network-service server receives, from a first terminal device associated with a user, a service request. The service request includes identification information of the user. Such identification information of the user can be, for example, a phone number, a user name, an account number, an email address, etc., of the user. The identification information of the user can be used to uniquely identify the user and/or a terminal device associated with the user. The network-service server then sends, to the verification server, a verification request including the identification information of the user. One of ordinary skill in the art would have recognized that applying the known technique of Jameel to the known invention of Zhang would have been recognized that the application of the technique would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate interactive voice response features into a similar invention. Further, it would have been recognized by those of ordinary skill in the art that modifying the system to include wherein the authentication information comprises a phone number of the terminal and user identification information result in an improved invention because applying said technique will make sure that the authentication process is more clearly defined by including personal information, thus improving the overall performance of the invention. 8. Regarding claims 3, 10, and 14 Jameel as modified does not explicitly disclose wherein recipient number list is periodically updated through a secure synchronization protocol with a central server. However, Randall teaches wherein recipient number list is periodically updated through a secure synchronization protocol with a central server, (Para. 0090-0092, In step 514, the registration may proceed by means of a SQL query to an appropriate database on the appropriate proxy gateway bridging module. The SQL query typically returns a list of reserved codes for the RP username of the RP client 408. If no reserved codes are found or available, a code is assigned out of an unused-pool. If no codes are available, an error is returned. A SQL update on the appropriate proxy gateway bridging module associates the codes with the assigned username and the appropriate RP server 410. In step 516, the RP server 410 now has all codes and has registered them as being associated with the given user, located on this server. This data may now be returned to the RP client 408. In step 518, the RP client 408 receives all codes as assigned from the accounts SQL database and the various proxy gateways bridging module. The RP client 408 does not get to request types or quantities of codes, as these are set in the accounts databases.) One of ordinary skill in the art would have recognized that applying the known technique of Jameel as modified to the known invention of Randall would have been recognized that the application of the technique would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate interactive voice response features into a similar invention. Further, it would have been recognized by those of ordinary skill in the art that modifying the system to include wherein recipient number list is periodically updated through a secure synchronization protocol with a central server result in an improved invention because applying said technique will ensure that the authentication requests is sent to the correct user to prevent any fraudulent activity, thus improving the overall security of the invention. 9. Regarding claims 4 and 15, Jameel does not explicitly disclose wherein the authentication server is configured to receive an authentication request including the phone number of the terminal from the interactive voice response service server. However, Zhang teaches wherein the authentication server is configured to receive an authentication request including the phone number of the terminal from the interactive voice response service server, (Para. 0156-0157, The network-service server then sends, to the verification server, a verification request including the identification information of the user. At S142, in response to the verification request, the verification server sends, to a voice-response server, a verification code and the identification information of the user. In some embodiments, the verification server is configured to generate the verification code in response to the service request. In some embodiments, the verification server is configured to present a set of verification methods (including at least one voice verification method and/or one non-voice verification method) to the user operating the first terminal device. The verification server then receives a selection of the voice verification method by the user from the set of verification methods. Consequently, the verification server sends the verification code and the identification information of the user to the voice-response server.) One of ordinary skill in the art would have recognized that applying the known technique of Jameel to the known invention of Zhang would have been recognized that the application of the technique would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate interactive voice response features into a similar invention. Further, it would have been recognized by those of ordinary skill in the art that modifying the system to include wherein the authentication server is configured to receive an authentication request including the phone number of the terminal from the interactive voice response service server result in an improved invention because applying said technique will ensure that the authentication requests is sent to the correct user to prevent any fraudulent activity, thus improving the overall security of the invention. 10. Regarding claims 5 and 16, Jameel discloses wherein the terminal includes a secure enclave or trusted execution environment for storing and retrieving the user identification information, (Para. 0014-0016, FIG. 1 is a schematic diagram of a system 100 for performing secure interactive voice response in accordance with embodiments of the present disclosure. System 100 includes a user device 102, such as a mobile phone, tablet PC, smart phone, or other mobile device. The user device 102 can also be a voice control system, such as an AMAZON ECHO™ or AMAZON ALEXA™ or other voice control system. User device 102 can include a processor 104. Processor 104 can be a processor at least partially implemented in hardware, but can also include software. The user device 102 can include a memory 106. Memory 106 can be a hardware storage device, such as a magnetic hard drive, flash memory, solid state memory, insertable memory card, etc. The memory 106 can be a secured storage location or can include an allocation of memory that is secured (e.g., memory location 107). The secured storage can be password protected and/or protected by other techniques, such as by biometric information. The user device 102 can include a fingerprint scanner 110. Fingerprint scanner 110 can include an optical scanner or a capacitive scanner. Fingerprint scanner 110 can be controlled by fingerprint scanning software 111. Fingerprint scanning software 111 can include software that facilitates collection of fingerprints and identification of a user via fingerprint matching algorithms. The user device 102 can include one or more applications. An application 112 can include an interface to an secured system 120. The application 112 can be used to authenticate a user attempting to use a secured system 120 using a stored fingerprint associated with the user and with an authentication credential. The application 112 can cause the user device 102 to send and receive messaging through wired or wireless signaling through a network 140 using a transceiver 108. The application 112 can use biometric information, such as fingerprint information, to authenticate a user to allow a user to use securely a network-based secured system 120. Though shown as connected through a network 140, the secured system 120 can also be local to the user device 102..) 11. Regarding claims 6 and 17, Jameel as modified does not explicitly disclose wherein the push service server comprises a message queue handler that ensures reliable delivery of the authentication key access message voice response service by using the received web page access information. However, Randall wherein the push service server comprises a message queue handler that ensures reliable delivery of the authentication key access message voice response service by using the received web page access information, (Para. 0096-0099, In step 606, the IVR proxy gateway bridging module 414 receives the event, including the dialed-from, and the dialed-to numbers. In step 608, the IVR proxy gateway bridging module 414 queries its own database, which may be, but is not limited to, a SQL database for dialed-to numbers associated with RP usernames. The IVR proxy gateway bridging module 414 may also check if any RP username found allows for simultaneous multiple dial-ins. The result of the query is typically an RP server address and username, or an error message. In step 610, the IVR proxy gateway bridging module 414 encodes the data it has received, or found, into an appropriate format such as, but not limited to an eXtended hypertext Markup Language (XML) format. In a preferred embodiment, the XML format is known as ReachPointEventXML. The data encapsulating the event is then forwarded to the appropriate RP server 410. In step 612, the XML encoded event is passed to the identified RP client 408, or added to the client queue if another event is in-progress.) One of ordinary skill in the art would have recognized that applying the known technique of Jameel as modified to the known invention of Randall would have been recognized that the application of the technique would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate interactive voice response features into a similar invention. Further, it would have been recognized by those of ordinary skill in the art that modifying the system to include wherein the push service server comprises a message queue handler that ensures reliable delivery of the authentication key access message voice response service by using the received web page access information result in an improved invention because applying said technique will ensure that authentication keys can be issued to users and allow users access to online services, thus improving the overall performance of the invention. 12. Regarding claim 7, Jameel discloses a terminal, comprising: one or more processors; and a memory storing one or more programs configured to be executed by the one or more processors, wherein the one or more programs comprise: (Para. 0014)), a voice call application for sending a voice call to an interactive voice response service serverinformation to an authentication server by identifying a recipient number of the voice call, comparing metadata with a locally stored recipient list, and a browsing application for accessing a web page associated with the IVR service using received authentication key-based access data. (Para. 0017, In embodiments, the application 112 can be an application that can be downloaded from the secure server 120 after a user registers with the secure server 120. The application 112 can also be triggered when a user attempts to access the secured server 120. The application 112 can coordinate a user's credentials with the secured system 120 for granting access to the secured server 120 using a user's biometric information, such as by prompting the user to provide a fingerprint scan to access the secured server 120. The secure server 120 can be, e.g., a server for a bank or credit card or other financial institution, or other type of secure transaction services server.; and Para. 0020-0021, In embodiments, a user can register with the secured server 120. The secured server 120 can prompt the user to download or cause the user device 102 to download an application 112. When the user, through the user device 102, attempts to use a service provided by the secure server 120, the secure server 120 can use an IVR service 150 to call the user device 102. The IVR service 150 can be used to ensure that the transaction being attempted is from the authorized user, and not from an unauthorized third party. The IVR service 150 can prompt the user to provide a biometric identifier, such as a fingerprint scan, to authenticate herself with the secured server 120. The secure server 120 can authenticate the user using the unique biometric identifier using, e.g., an authentication server 130. FIG. 2 is a process flow diagram 200 for associating an open authorization (OATH) with a fingerprint authentication in accordance with embodiments of the present disclosure. At the outset, a user can register with a secured server (202). The secured server can use an authentication service to create an authentication profile for the user (204). The authentication procedure can be any authentication procedure that can create an authentication key for the user. For example, the user can undergo a public/private certification process with an authentication service. The authentication service can issue an authentication key, such as an open authentication secret key (OATH secret key). The application on the user device can then receive the OATH secret key from the authentication service (206) and can store the OATH secret key in a secure location (208).; and Para. 0024, The application can authenticate the user by first comparing the new fingerprint scanned against one stored with the user device and associated with the OATH stored in the secure memory location (306). The comparison of the finger print scans can use pattern matching algorithms or other techniques used for fingerprint comparisons. The application can determine whether the scanned fingerprint matches a stored fingerprint (308). If the application determines that the scanned fingerprint does not match the stored fingerprint, the application can repeat the prompt for a fingerprint scan without giving access to the IVR system (304). If the application determines that the scanned fingerprint does match the stored fingerprint, the application can retrieve the OATH associated with the fingerprint and stored in the secure memory location on the user device and can generate a one-time password (OTP) from the OATH (310). The application can transmit the OTP to a secured system (312). The application can use a transceiver on the user device to transmit the OTP to a remote secured system across a network.) Jameel does not explicitly disclose verifying that the recipient number is present in a locally stored recipient number list. However, Zhang teaches verifying that the recipient number is present in a locally stored recipient number list, (Para. 0006-0007, In some embodiments, a method for user authentication with respect to providing an online service is disclosed. The method is performed at a server device having one or more processors and memory for storing programs to be executed by the one or more processors. The method includes receiving a service request from a first terminal device associated with the user. The service request includes identification information of the user. The method includes generating a verification code in response to the service request. The method also includes establishing, based on the identification information of the user, a voice communication with a second terminal device associate with the user. In some instances, the first terminal device and the second terminal device are the same terminal device. In other instances, the first terminal device is different from the second terminal device. In some instances, for example, the server device makes a phone call to a phone of the user to establish the voice communication. In some other instances, for example, the server device receives and responds to a phone call from a phone of the user.; and Para. 0009, The method further includes sending, during the voice communication and to the second terminal device, a voice message including the verification code. As a result, the user uses the verification code to authenticate the service request at the first terminal device.) One of ordinary skill in the art would have recognized that applying the known technique of Jameel to the known invention of Zhang would have been recognized that the application of the technique would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate verification features into a similar invention. Further, it would have been recognized by those of ordinary skill in the art that modifying the system to include verifying that the recipient number is present in a locally stored recipient number list result in an improved invention because applying said technique will ensure that the authentication information is only sent to authorized recipients to prevent fraudulent activity, thus improving the overall security of the invention. Jameel does not explicitly disclose wherein the terminal is configured to transmit the authentication information only after acquiring the user identification through a present authentication, including biometric authentication, password authentication, or single sign-on (SSO). However, Kesanupalli teaches wherein the terminal is configured to transmit the authentication information only after acquiring the user identification through a present authentication, including biometric authentication, password authentication, or single sign-on (SSO), (Para. 0015-0017, The present invention provides devices, systems and methods by which biometric authentication may be incorporated into existing access verification infrastructures, and in which remote storage of biometric data is not required. As illustrated in FIG. 1, a user 102 may input biometric data, such as but not limited to a fingerprint 104, into a biometric sensor 112 of a local device 110. In order to validate fingerprint 104, local device 110 may compare user fingerprint 104 to locally stored biometric data, such as stored fingerprint 114. This validation process may be performed by either the operating system of local device 110 or the sensor 112 itself, or both. If user fingerprint 104 is validated successfully, local device 110 may output user information 130 to remote device 120. Remote device 120 may be, for example, a server related to an e-commerce site, a financial institution, wireless carrier, or company data server, amongst various other systems related to secure sites. User information 130 may include, for example, a username, a password, answers to personal or targeted questions, or other identifying information. The user identification may be a unique user ID or a randomly assigned number such as a number generated by a Physical Unclonable Function (PUF). Remote device 120 may, upon receiving user information 130, attempt to authenticate user information 130. If successful, remote device 130 may send to local device 110 a request 132 for a token 134 including, for example, a security key, one-time password, or other dynamically generated token. Local device 110 may then respond to request 132 by transmitting a token 13… In another embodiment of the invention, token 134 may be transmitted to remote device 120 directly after validation of user fingerprint 104, without first outputting user information 130 or receiving request 132. Upon receiving token 134, remote device 120 may authenticate the user 102 based directly on the token 134.; and Para. 0022, The biometric input may be received via a sensor of a local device from a user 302. The validating may be performed 304 by an operating system of the local device. Alternatively, the validating is performed by the sensor. A token based on the biometric input is then transmitted to a remote location 306. One of ordinary skill in the art would have recognized that applying the known technique of Jameel to the known invention of Kesanupalli would have been recognized that the application of the technique would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate password authentication features into a similar invention. Further, it would have been recognized by those of ordinary skill in the art that modifying the system to include wherein the terminal is configured to transmit the authentication information only after acquiring the user identification through a present authentication, including biometric authentication, password authentication, or single sign-on (SSO) result in an improved invention because applying said technique will ensure that only authorized users gain access by not transmitting information until the user is verified, thus improving the overall security of the invention. 13. Regarding claim 8, Jameel does not explicitly disclose wherein the identification information providing application transmits the authentication information only after a successful verification of the user. However, Zhang teaches wherein the identification information providing application transmits the authentication information only after a successful verification of the user. (Para. 0041, Specifically, the terminal device is operatively coupled to and communicates with the server device (e.g., via one or more networks such as the Internet). A user operates the terminal device to access the online service via, for example, a user interface (e.g., a webpage) of the online service that is displayed at the terminal device. The user then goes through a user authentication process to verify that she is an authorized user permitted to use the online service. After the user is successfully authenticated, the user can operate the terminal device to use the online service. Para. 0062-0063- At S203, the server device sends a voice message including a verification code to the terminal device in accordance with a determination that the received identification information matches the stored identification informatio