Prosecution Insights
Browse Companies Examiners Firms Draft Your Response
Office ActionsWells Fargo Bank N A › 18808377
Last updated: April 19, 2026
Application No. 18/808,377

MULTIFACTOR IDENTITY AUTHENTICATION VIA CUMULATIVE DYNAMIC CONTEXTUAL IDENTITY

Non-Final OA §103§DP
Filed
Aug 19, 2024
Examiner
GIDDINS, NELSON S
Art Unit
2408
Tech Center
2400 — Computer Networks
Assignee
Wells Fargo Bank N A
OA Round
1 (Non-Final)
84%
Grant Probability
Favorable
1-2
OA Rounds
2y 5m
To Grant
95%
With Interview

Interview Optional

+10.5% interview lift. This examiner has a relatively high allow rate; a written response may suffice.
Based on 537 resolved cases, 2023–2026

Examiner Intelligence

GIDDINS, NELSON S View full profile →
Grants 84% — above average
84%
Career Allow Rate
453 granted / 537 resolved
+26.4% vs TC avg
Moderate +10% lift
Without
With
+10.5%
Interview Lift
resolved cases with interview
Typical timeline
2y 5m
Avg Prosecution
20 currently pending
Career history
557
Total Applications
across all art units

Statute-Specific Performance

§101
7.9%
-32.1% vs TC avg
§103
52.0%
+12.0% vs TC avg
§102
12.3%
-27.7% vs TC avg
§112
14.4%
-25.6% vs TC avg
Black line = Tech Center average estimate • Based on career data from 537 resolved cases

Office Action

§103 §DP
DETAILED ACTION The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This Office Action is in response to Application No. 18/808,377 filed on 08/19/2024. Claims 1-20 have been examined and are pending in this application. Priority Acknowledgment is made of Applicant’s claim for priority under 35 U.S.C. 120 to parent Application No. 16/268,288, filed on 02/05/2019, to parent Application No. 17/706,446, filed on 03/28/2022, and to parent Application No. 18/143,498, filed on 05/04/2023. Information Disclosure Statement The information disclosure statement (IDS), submitted on 11/12/2024, is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. Double Patenting The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory obviousness-type double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the conflicting application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. Effective January 1, 1994, a registered attorney or agent of record may sign a terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 37 CFR 3.73(b). The USPTO internet Web site contains terminal disclaimer forms which may be used. Please visit http://www.uspto.gov/forms/. The filing date of the application will determine what form should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to http://www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp. Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-23 of U.S. Patent No. 11,290,448, claims 1-20 of U.S. Patent No. 11,669,611, and claims 1-20 of U.S. Patent No. 12,067,106. Although the claims at issue are not identical, they are not patentably distinct from each other because claim(s) 1-20 are broader and similar in scope to claim(s) 1-23 of U.S. Patent No. 11,290,448, claims 1-20 of U.S. Patent No. 11,669,611, and claims 1-20 of U.S. Patent No. 12,067,106. If the claims in Application No. 18/808,377 are allowed, it could improperly extend the “right to exclude” for the same invention in two different Patents. Claims 1-20 are directed to methods and a system, said methods and system are associated with the methods and system claimed in claim(s) 1-23 of U.S. Patent No. 11,290,448, the method and systems claimed in claim(s) 1-20 of U.S. Patent No. 11,669,611, and the method and systems claimed in claims 1-20 of U.S. Patent No. 12,067,106. The subject matter claimed in the instant application is fully disclosed in U.S. Patent No. 11,290,448, U.S. Patent No. 11,669,611, and U.S. Patent No. 12,143,498 and is covered by U.S. Patent No. 11,290,448, U.S. Patent No. 11,669,611, and U.S. Patent No. 12,143,498, since U.S. Patent No. 11,290,448, U.S. Patent No. 11,669,611, and U.S. Patent No. 12,143,498 and the instant application are claiming common subject matter. Application No. 18/808,377 (Instant App.) U.S. Patent No. 11,290,448 Claim 1: A method comprising: receiving a first transmission from a service provider device with which a first user device is transacting, the first transmission comprising (i) a request for user data of a user and (ii) biometric information detected via one or more user interfaces of the first user device; validating the request from the service provider device via a second transmission to at least one of the first user device or a second user device; comparing the biometric information to data corresponding to the user stored in an identity databank to verify the user, wherein the identity databank comprises identity elements that each have one or more payload values and one or more metadata values; retrieving, responsive to verifying the user, from the identity databank, the requested user data from one or more identity elements in the identity databank; and initiating a third transmission comprising the requested user data to the service provider device. Claim 1: A method for multifactor authentication using a contextual identity profile library, the method comprising: generating a profile library for a user comprising a plurality of profiles, each profile of the plurality of profiles identifying a respective set of user data and a respective entity that is authorized to access the user data; accepting a first transmission from a service provider device with which a first user device is transacting, the first transmission comprising a request for user data of the user and biometric information detected via one or more sensors of the first user device; confirming, via a second transmission to at least one of the first user device and a second user device, that the request from the service provider device is valid; comparing the biometric information to data corresponding to the user stored in an identity databank to verify the user, wherein the identity databank comprises identity elements that each have one or more payload values and one or more metadata values; determining, responsive to verifying the user, that a first profile of the plurality of profiles in the profile library indicates the service provider device is authorized to access the requested user data; responsive to determining that the first profile indicates the service provider device is authorized to access the requested data, retrieving, from the identity databank, the requested user data from one or more identity elements in the identity databank; and initiating a third transmission with the requested user data to the service provider device. Claim 14: A central identity system comprising one or more processors, the central identity system being configured to: receive a first transmission from a service provider device of a service provider, wherein the user is transacting with the service provider device using a first user device, the first transmission comprising: a request for user data; and biometric data corresponding to the user, the biometric data having been detected by one or more user interfaces of the first user device and transmitted to the service provider device; initiate a second transmission to the first user device or a second user device of the user to confirm that the user authorizes the central identity system to transmit the requested user data to the service provider device; validate the biometric data from the service provider device using an identity databank comprising identity elements corresponding to the user, each identity element comprising a set of one or more payload values and a set of one or more metadata values, wherein validating the biometric data comprises determining that the biometric data matches or is sufficiently similar to values in one or more corresponding identity elements in the identity databank; retrieve, from identity elements in the identity databank, payload values corresponding to the requested user data; and initiate a third transmission to the service provider device, the third transmission comprising the payload values retrieved from the identity databank. Claim 11: A central identity system comprising: a network interface configured to communicate via a telecommunications network; and a processor and a memory having stored thereon instructions that, when executed by the processor, cause the processor to: generate a profile library for a user comprising a plurality of profiles, each profile of the plurality of profiles identifying a respective set of user data and a respective entity that is authorized to access the user data; accept a first transmission from a service provider device of a service provider, wherein the user is transacting with the service provider device using a first user device, the first transmission comprising: a request for user data; and biometric data corresponding to the user, the biometric data having been detected by one or more sensors of the first user device and transmitted to the service provider device; initiate a second transmission to the first user device or a second user device of the user to confirm that the user authorizes the central identity system to transmit the requested user data to the service provider device; validate the biometric data from the service provider device using an identity databank that is maintained by the central identity system, the identity databank comprising identity elements corresponding to the user, each identity element comprising a set of one or more payload values and a set of one or more metadata values, wherein validating the biometric data comprises determining that the biometric data matches or is sufficiently similar to values in one or more corresponding identity elements in the identity databank; determine, responsive to validating the biometric data, that a first profile of the plurality of profiles in the profile library indicates the service provider device is authorized to access the requested user data; responsive to determining that the first profile indicates the service provider device is authorized to access the requested data, retrieve, from identity elements in the identity databank, payload values corresponding to the requested user data; and initiate a third transmission to the service provider device, the third transmission comprising the payload values retrieved from the identity databank. Claim 19: A method comprising: receiving, from a service provider device with which a first user device is communicating, an authentication request comprising a set of payload values and a set of metadata values, the set of payload values including biometric information acquired via a user interface of the first user device, and the set of metadata values including a date and a geolocation detected using a location sensor of the first user device; validating the request from the service provider device via at least one of the first user device or a second user device; verifying the biometric information using an identity databank of the user; determining, responsive to verifying the biometric information, that the service provider device is authorized to access a validated dataset; responsive to determining that the service provider device is authorized to access the validated dataset, generating an authentication response comprising the validated dataset and transmitting the authentication response to the service provider device; and recording the authentication request as part of an identity element in the identity databank. Claim 17: A method for multifactor authentication, the method comprising: generating a profile library for a user comprising a plurality of profiles, each profile of the plurality of profiles identifying a respective set of user data and a respective entity that is authorized to access the user data; accepting, from a service provider device with which a first user device is communicating, an authentication request comprising a set of payload values and a set of metadata values, the set of payload values including biometric information acquired via a sensor of the first user device, and the set of metadata values including a date and a geolocation detected using a location sensor of the first user device; confirming, via at least one of the first user device and a second user device, that the authentication request from the service provider device is valid; verifying the biometric information using an identity databank of the user; determining, responsive to verifying the biometric information, that a first profile of the plurality of profiles in the profile library indicates the service provider device is authorized to access a validated dataset; responsive to determining that the first profile indicates the service provider device is authorized to access the requested data, generating an authentication response with the validated dataset and transmitting the authentication response to the service provider device; and recording the authentication request as part of an identity element in the identity databank. Claim 19: A method comprising: receiving, from a service provider device with which a first user device is communicating, an authentication request comprising a set of payload values and a set of metadata values, the set of payload values including biometric information acquired via a user interface of the first user device, and the set of metadata values including a date and a geolocation detected using a location sensor of the first user device; validating the request from the service provider device via at least one of the first user device or a second user device; verifying the biometric information using an identity databank of the user; determining, responsive to verifying the biometric information, that the service provider device is authorized to access a validated dataset; responsive to determining that the service provider device is authorized to access the validated dataset, generating an authentication response comprising the validated dataset and transmitting the authentication response to the service provider device; and recording the authentication request as part of an identity element in the identity databank. Claim 19: A method of verifying user identity based on geolocation data, the method comprising: generating a profile library for a user comprising a plurality of profiles, each profile of the plurality of profiles identifying a respective set of user data and a respective entity that is authorized to access the user data; generating an identity databank having a set of location elements, each location element identifying a geolocation of the user and specifying a corresponding date on which the user was detected to be at the geolocation; receiving a first transmission from a service provider device requesting verification of the user's identity, the service provider device being in communication with a user device of the user, the first transmission identifying one or more geolocations; determining, responsive to verifying the biometric information, that a first profile of the plurality of profiles in the profile library indicates the service provider device is authorized to access verification of the user's identity; responsive to determining that the first profile indicates the service provider device is authorized to access verification of the user's identity, determining, based at least partly on comparisons with the set of location elements in the identity databank, that the one or more geolocations identified in the first transmission provide verification of the user's identity; and initiating a second transmission to the first device indicating that the identity of the second user is verified. Application No. 18/808,377 (Instant App.) U.S. Patent No. 11,669,611 Claim 1: A method comprising: receiving a first transmission from a service provider device with which a first user device is transacting, the first transmission comprising (i) a request for user data of a user and (ii) biometric information detected via one or more user interfaces of the first user device; validating the request from the service provider device via a second transmission to at least one of the first user device or a second user device; comparing the biometric information to data corresponding to the user stored in an identity databank to verify the user, wherein the identity databank comprises identity elements that each have one or more payload values and one or more metadata values; retrieving, responsive to verifying the user, from the identity databank, the requested user data from one or more identity elements in the identity databank; and initiating a third transmission comprising the requested user data to the service provider device. Claim 1: A method for multifactor authentication, the method comprising: accepting a first transmission from a service provider device with which a first user device is transacting, the first transmission comprising (i) a request for user data of a user and (ii) biometric information detected via one or more sensors of the first user device; confirming, via a second transmission to at least one of the first user device and a second user device, that the request from the service provider device is valid; comparing the biometric information to data corresponding to the user stored in an identity databank to verify the user, wherein the identity databank comprises identity elements that each have one or more payload values and one or more metadata values; determining, responsive to verifying the user, that a first profile of a plurality of profiles indicates the service provider device is authorized to access the requested user data, wherein each profile of the plurality of profiles identifies a respective set of user data and a respective entity that is authorized to access the user data; responsive to determining that the first profile indicates the service provider device is authorized to access the requested data, retrieving, from the identity databank, the requested user data from one or more identity elements in the identity databank; and initiating a third transmission with the requested user data to the service provider device. Claim 14: A central identity system comprising one or more processors, the central identity system being configured to: receive a first transmission from a service provider device of a service provider, wherein the user is transacting with the service provider device using a first user device, the first transmission comprising: a request for user data; and biometric data corresponding to the user, the biometric data having been detected by one or more user interfaces of the first user device and transmitted to the service provider device; initiate a second transmission to the first user device or a second user device of the user to confirm that the user authorizes the central identity system to transmit the requested user data to the service provider device; validate the biometric data from the service provider device using an identity databank comprising identity elements corresponding to the user, each identity element comprising a set of one or more payload values and a set of one or more metadata values, wherein validating the biometric data comprises determining that the biometric data matches or is sufficiently similar to values in one or more corresponding identity elements in the identity databank; retrieve, from identity elements in the identity databank, payload values corresponding to the requested user data; and initiate a third transmission to the service provider device, the third transmission comprising the payload values retrieved from the identity databank. Claim 13: A central identity system comprising: a network interface configured to communicate via a telecommunications network; and a processor and a memory having stored thereon instructions that, when executed by the processor, cause the processor to: accept a first transmission from a service provider device of a service provider, wherein the user is transacting with the service provider device using a first user device, the first transmission comprising: a request for user data; and biometric data corresponding to the user, the biometric data having been detected by one or more sensors of the first user device and transmitted to the service provider device; initiate a second transmission to the first user device or a second user device of the user to confirm that the user authorizes the central identity system to transmit the requested user data to the service provider device; validate the biometric data from the service provider device using an identity databank that is maintained by the central identity system, the identity databank comprising identity elements corresponding to the user, each identity element comprising a set of one or more payload values and a set of one or more metadata values, wherein validating the biometric data comprises determining that the biometric data matches or is sufficiently similar to values in one or more corresponding identity elements in the identity databank; determine, responsive to validating the biometric data, that a first profile of a plurality of profiles in a profile library indicates the service provider device is authorized to access the requested user data, wherein each profile of the plurality of profiles identifies a respective set of user data and a respective entity that is authorized to access the user data; responsive to determining that the first profile indicates the service provider device is authorized to access the requested data, retrieve, from identity elements in the identity databank, payload values corresponding to the requested user data; and initiate a third transmission to the service provider device, the third transmission comprising the payload values retrieved from the identity databank. Claim 19: A method comprising: receiving, from a service provider device with which a first user device is communicating, an authentication request comprising a set of payload values and a set of metadata values, the set of payload values including biometric information acquired via a user interface of the first user device, and the set of metadata values including a date and a geolocation detected using a location sensor of the first user device; validating the request from the service provider device via at least one of the first user device or a second user device; verifying the biometric information using an identity databank of the user; determining, responsive to verifying the biometric information, that the service provider device is authorized to access a validated dataset; responsive to determining that the service provider device is authorized to access the validated dataset, generating an authentication response comprising the validated dataset and transmitting the authentication response to the service provider device; and recording the authentication request as part of an identity element in the identity databank. Claim 19: A method for multifactor authentication, the method comprising: accepting, from a service provider device with which a first user device is communicating, an authentication request comprising a set of payload values and a set of metadata values, the set of payload values including biometric information acquired via a sensor of the first user device, and the set of metadata values including a date and a geolocation detected using a location sensor of the first user device; confirming, via at least one of the first user device and a second user device, that the authentication request from the service provider device is valid; verifying the biometric information using an identity databank of the user; determining, responsive to verifying the biometric information, that a first profile of a plurality of profiles indicates the service provider device is authorized to access a validated dataset, each profile of the plurality of profiles identifying a respective set of user data and a respective entity that is authorized to access the user data; responsive to determining that the first profile indicates the service provider device is authorized to access the requested data, generating an authentication response with the validated dataset and transmitting the authentication response to the service provider device; and recording the authentication request as part of an identity element in the identity databank. Application No. 18/808,377 (Instant App.) U.S. Patent No. 12,067,106 Claim 1: A method comprising: receiving a first transmission from a service provider device with which a first user device is transacting, the first transmission comprising (i) a request for user data of a user and (ii) biometric information detected via one or more user interfaces of the first user device; validating the request from the service provider device via a second transmission to at least one of the first user device or a second user device; comparing the biometric information to data corresponding to the user stored in an identity databank to verify the user, wherein the identity databank comprises identity elements that each have one or more payload values and one or more metadata values; retrieving, responsive to verifying the user, from the identity databank, the requested user data from one or more identity elements in the identity databank; and initiating a third transmission comprising the requested user data to the service provider device. Claim 1: A method for multifactor authentication, the method comprising: accepting a first transmission from a service provider device with which a first user device is transacting, the first transmission comprising (i) a request for user data of a user and (ii) biometric information detected via one or more sensors of the first user device; confirming, via a second transmission to at least one of the first user device and a second user device, that the request from the service provider device is valid; comparing the biometric information to data corresponding to the user stored in an identity databank to verify the user, wherein the identity databank comprises identity elements that each have one or more payload values and one or more metadata values; retrieving, responsive to verifying the user, from the identity databank, the requested user data from one or more identity elements in the identity databank; and initiating a third transmission with the requested user data to the service provider device. Claim 14: A central identity system comprising one or more processors, the central identity system being configured to: receive a first transmission from a service provider device of a service provider, wherein the user is transacting with the service provider device using a first user device, the first transmission comprising: a request for user data; and biometric data corresponding to the user, the biometric data having been detected by one or more user interfaces of the first user device and transmitted to the service provider device; initiate a second transmission to the first user device or a second user device of the user to confirm that the user authorizes the central identity system to transmit the requested user data to the service provider device; validate the biometric data from the service provider device using an identity databank comprising identity elements corresponding to the user, each identity element comprising a set of one or more payload values and a set of one or more metadata values, wherein validating the biometric data comprises determining that the biometric data matches or is sufficiently similar to values in one or more corresponding identity elements in the identity databank; retrieve, from identity elements in the identity databank, payload values corresponding to the requested user data; and initiate a third transmission to the service provider device, the third transmission comprising the payload values retrieved from the identity databank. Claim 14: A central identity system comprising one or more processors and a network interface configured to communicate via a telecommunications network, wherein the central identity system is configured to: accept a first transmission from a service provider device of a service provider, wherein the user is transacting with the service provider device using a first user device, the first transmission comprising: a request for user data; and biometric data corresponding to the user, the biometric data having been detected by one or more sensors of the first user device and transmitted to the service provider device; initiate a second transmission to the first user device or a second user device of the user to confirm that the user authorizes the central identity system to transmit the requested user data to the service provider device; validate the biometric data from the service provider device using an identity databank that is maintained by the central identity system, the identity databank comprising identity elements corresponding to the user, each identity element comprising a set of one or more payload values and a set of one or more metadata values, wherein validating the biometric data comprises determining that the biometric data matches or is sufficiently similar to values in one or more corresponding identity elements in the identity databank; retrieve, from identity elements in the identity databank, payload values corresponding to the requested user data; and initiate a third transmission to the service provider device, the third transmission comprising the payload values retrieved from the identity databank. Claim 19: A method comprising: receiving, from a service provider device with which a first user device is communicating, an authentication request comprising a set of payload values and a set of metadata values, the set of payload values including biometric information acquired via a user interface of the first user device, and the set of metadata values including a date and a geolocation detected using a location sensor of the first user device; validating the request from the service provider device via at least one of the first user device or a second user device; verifying the biometric information using an identity databank of the user; determining, responsive to verifying the biometric information, that the service provider device is authorized to access a validated dataset; responsive to determining that the service provider device is authorized to access the validated dataset, generating an authentication response comprising the validated dataset and transmitting the authentication response to the service provider device; and recording the authentication request as part of an identity element in the identity databank. Claim 19: A method for multifactor authentication, the method comprising: receiving, from a service provider device with which a first user device is communicating, an authentication request comprising a set of payload values and a set of metadata values, the set of payload values including biometric information acquired via a sensor of the first user device, and the set of metadata values including a date and a geolocation detected using a location sensor of the first user device; confirming, via at least one of the first user device and a second user device, that the authentication request from the service provider device is valid; verifying the biometric information using an identity databank of the user; determining, responsive to verifying the biometric information, that the service provider device is authorized to access a validated dataset; responsive to determining that the service provider device is authorized to access the validated dataset, generating an authentication response with the validated dataset and transmitting the authentication response to the service provider device; and recording the authentication request as part of an identity element in the identity databank. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. Claim(s) 1-7 and 13 are rejected under 35 U.S.C. 103 as being unpatentable over Hyun et al. (US 2018/0294966; Hereinafter “Hyun”) in view of Khalil et al. (US 2020/0287887; Hereinafter “Khalil”). Regarding claim 1, Hyun teaches a method comprising: receiving a first transmission from a service provider device with which a first user device is transacting, the first transmission comprising (i) a request for user data of a user and (ii) biometric information detected via one or more user interfaces of the first user device (Hyun: Para. [Hyun: Para. [0053], A digital identity management device receives a subscription request from a service request device (operation S100). In an exemplary embodiment, the subscription request may include identity identification information and data of authentication information. Para. [0065], First, referring to FIG. 8A, a user terminal transmits a digital identity subscription request to the first service server (operation S90), and the first service server requests the user terminal to provide customer information (operation S92). Then, the user terminal transmits customer information including input identity identification information and a predetermined type of authentication information for authenticating a user of the user terminal to the first service server (operation S94). The first service server transmits the digital identity subscription request to a digital identity management device (operation S100). Para. [0066], The user terminal receives authentication information of the requested type (operation S126) and transmits the received authentication information to the second service server (operation S128).); validating the request from the service provider device via a second transmission to at least one of the first user device or a second user device (Hyun: Para. [0066], Next, referring to FIG. 8B, when the user terminal requests the second service server to authenticate the user of the user terminal using a digital identity (operation S122), the second service server requests the user terminal to provide authentication information of a predetermined type or authentication information of a type appropriate to the situation (operation S124). The user terminal receives authentication information of the requested type (operation S126) and transmits the received authentication information to the second service server (operation S128).); comparing the biometric information to data corresponding to the user stored in an identity databank to verify the user, wherein the identity databank comprises identity elements that each have one or more payload values and one or more metadata values (Hyun: Para. [0072 In an exemplary embodiment, the transaction ID may be obtained from the digital identity data structure. As described above, the digital identity management device may match and store, in the digital identity data structure, the block hash value of the block storing the hash value of the authentication information, the first information functioning as a unique identifier of the user to be authenticated, and the transaction ID including the identity identification information in the block storing the digital identity identification information. Therefore, if the authentication request received by the digital identity management device includes the authentication information together with the unique identifier of the user, the transaction ID can be obtained from the digital identity data structure.). retrieving, responsive to verifying the user, from the identity databank, the requested user data from one or more identity elements in the identity databank (Hyun: Para. [0070], If the authentication information included in the received authentication request is found in the blockchain, the digital identity management device reads the block hash value (Hash#X) of the block storing the hash value of the authentication information from the blockchain network (operation S140). Next, referring to FIG. 8C, the digital identity management device searches for a block hash value, which is stored together with the hash value of the authentication information, in the block indicated by Hash#X in the blockchain network (operation S142). Para. [0074], Through the above-described process, the digital identity management device receives the user's identity identification information, which is indicated by the authentication information received together with the authentication request, from the blockchain network (operation S150). The digital identity management device transmits at least part of the received identity identification information to the second service server.); and initiating a third transmission comprising the requested user data to the service provider device (Hyun: Para. [0074], Through the above-described process, the digital identity management device receives the user's identity identification information, which is indicated by the authentication information received together with the authentication request, from the blockchain network (operation S150). The digital identity management device transmits at least part of the received identity identification information to the second service server. Para. [0075], The second service server identifies whether the user is a subscribed customer by using the identity identification information received from the digital identity management device (operation S154). If the user is a subscribed customer, the second service server immediately allows the user to log in (operation S155).). Hyun does not explicitly teach does not explicitly teach (ii) biometric information detected via one or more user interfaces of the first user device. In an analogous art, Khalil teaches (ii) biometric information detected via one or more user interfaces of the first user device (Khalil: Para. [0013], The user device can provide a set of credentials associated with the identity service provider (e.g., a username/password combination, a security token, biometric information, etc. for an account associated with the identity service provider and accessible by the identity provider server device). Para. [0018], the user device can provide an authentication request to service provider server device 1. For example, the user device can provide the authentication request in association with a user of the user device attempting to access a service provided by a first service provider via service provider server device 1. As shown by reference number 118, service provider server device 1 can provide an authentication challenge to the user device (e.g., based on receiving the authentication request from the user device). For example, service provider server device 1 can provide an authentication challenge to request, from the user device, information that can be used to authenticate an identity of the user of the user device.). It would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to combine the teachings of Khalil with the system and method of Hyun to include (ii) biometric information detected via one or more user interfaces of the first user device because this functionality ensure authentication of the user based on possession of the device making it more difficult for fraudsters (Shastri: Para. [0010]). Regarding claim 2, Hyun, in combination with Khalil, teaches the method of claim 1, wherein the identity elements in the identity databank correspond with immutable attributes of the user (Hyun: Para. [0037], In an exemplary embodiment, the digital identity management device 100 may operate as one of the blockchain nodes 200a, 200b, 200c, . . . , 200n included in the blockchain network 200. Para. [0040], In a first exemplary embodiment, the digital identity management device 100 stores only the identity identification information of the subscription request in the blockchain network 200 and stores the authentication information of the subscription request in itself.). Regarding claim 3, Hyun, in combination with Khalil, teaches the method of claim 1, wherein the requested user data comprises a password (Khalil: Para. [0013], The user device can provide a set of credentials associated with the identity service provider (e.g., a username/password combination, a security token, biometric information, etc. for an account associated with the identity service provider and accessible by the identity provider server device).). Regarding claim 4, Hyun, in combination with Khalil, teaches the method of claim 3, wherein the password is linked in the identity databank with a user account administered by the service provider device (Khalil: Para. [0093], In some implementations, service provider server device 220-1 can generate the request using a private identifier that identifies the user of user device 210 and/or an account associated with the user and a secret. Para. [0123]). Regarding claim 5, Hyun, in combination with Khalil, teaches the method of claim 3, wherein the method further comprises generating the password (Khalil: Para. [0093], For example, service provider server device 220-1 can request that user device 210 provide a set of credentials related to authenticating the user of user device 210 (e.g., request that the user input a username/password combination, request that user device 210 provide a stored security token, etc.). [token generated and stored at client device]). Regarding claim 6, Hyun, in combination with Khalil, teaches the method of claim 5, wherein the generated password includes values, or modified versions thereof, from one or more identity elements (Khalil: Para. [0093], For example, service provider server device 220-1 can request that user device 210 provide a set of credentials related to authenticating the user of user device 210 (e.g., request that the user input a username/password combination, request that user device 210 provide a stored security token, etc.). [token generated and stored at client device]). Regarding claim 7, Hyun, in combination with Khalil, teaches the method of claim 6, wherein the values are tokenized (Khalil: Para. [0093], For example, service provider server device 220-1 can request that user device 210 provide a set of credentials related to authenticating the user of user device 210 (e.g., request that the user input a username/password combination, request that user device 210 provide a stored security token, etc.). [token generated and stored at client device]). Regarding claim 13, Hyun, in combination with Khalil, teaches the method of claim 1, wherein the one or more user interfaces comprises one or more sensors (Khalil: Para. [0013], The user device can provide a set of credentials associated with the identity service provider (e.g., a username/password combination, a security token, biometric information, etc. for an account associated with the identity service provider and accessible by the identity provider server device). [biometrics are input via camera or fingerprint sensor] Para. [0052], Additionally, or alternatively, and as another example, a set of credentials associated with a second LoA, higher than the first LoA, can include a username/password combination, email verification, biometric information (e.g., a finger print scan, a retina scan, a voice scan, etc.), and/or the like.). Allowable Subject Matter Regarding Claim 8, Claim 8 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. Regarding Claims 9-11, Claims 9-11 are objected to as being dependent upon a claim that is dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. Regarding Claims 14-20, Claims 14-20 are allowed over the cited prior art. The following is an Examiner’s statement of reasons for allowance: The closest prior art includes Hyun et al. (US 2018/0294966; Hereinafter “Hyun”) in view of Khalil et al. (US 2020/0287887; Hereinafter “Khalil”). However, none of Hyun and Khalil teaches or suggests, alone or in combination, the particular combination of steps or elements as recited in the independent claims 8, 14, and 19. For example, none of the cited prior art teaches or suggest the steps of “further comprising determining, prior to retrieving the requested user data, that a first profile of a plurality of profiles indicates the service provider device is authorized to access the requested user data, wherein each profile of the plurality of profiles identifies a respective set of user data and a respective entity that is authorized to access the user data” as recited in claim 8, the steps of “accept a first transmission from a service provider device of a service provider, wherein the user is transacting with the service provider device using a first user device, the first transmission comprising: a request for user data; and biometric data corresponding to the user, the biometric data having been detected by one or more sensors of the first user device and transmitted to the service provider device; initiate a second transmission to the first user device or a second user device of the user to confirm that the user authorizes the central identity system to transmit the requested user data to the service provider device; validate the biometric data from the service provider device using an identity databank that is maintained by the central identity system, the identity databank comprising identity elements corresponding to the user, each identity element comprising a set of one or more payload values and a set of one or more metadata values, wherein validating the biometric data comprises determining that the biometric data matches or is sufficiently similar to values in one or more corresponding identity elements in the identity databank; retrieve, from identity elements in the identity databank, payload values corresponding to the requested user data; and initiate a third transmission to the service provider device, the third transmission comprising the payload values retrieved from the identity databank” recited in claim 14, and the steps of “receiving, from a service provider device with which a first user device is communicating, an authentication request comprising a set of payload values and a set of metadata values, the set of payload values including biometric information acquired via a sensor of the first user device, and the set of metadata values including a date and a geolocation detected using a location sensor of the first user device; confirming, via at least one of the first user device and a second user device, that the authentication request from the service provider device is valid; verifying the biometric information using an identity databank of the user; determining, responsive to verifying the biometric information, that the service provider device is authorized to access a validated dataset; responsive to determining that the service provider device is authorized to access the validated dataset, generating an authentication response with the validated dataset and transmitting the authentication response to the service provider device; and recording the authentication request as part of an identity element in the identity databank” recited in claim 19. As a result, the claims are allowable over the cited prior art. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. U.S. Patent Application Publication No. US 2015/0221151 by Bacco et al. Any inquiry concerning this communication or earlier communications from the examiner should be directed to Nelson Giddins whose telephone number is (571)272-7993. The examiner can normally be reached on Monday - Friday, 9:00 AM - 5:00 PM. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Linglan Edwards can be reached at (571) 270-5440. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /NELSON S. GIDDINS/ Primary Examiner, Art Unit 2408
Read full office action

Prosecution Timeline

Aug 19, 2024
Application Filed
Jan 02, 2026
Non-Final Rejection — §103, §DP (current)

Precedent Cases

Applications granted by this same examiner with similar technology

18/351,256
Patent 12596784
DYNAMIC UPDATE SYSTEM AND DYNAMIC UPDATE METHOD
2y 5m to grant Granted Apr 07, 2026
18/657,470
Patent 12585832
Lattice Based Cryptographic Rejection Bounded Sampling
2y 5m to grant Granted Mar 24, 2026
18/314,430
Patent 12579032
Partitioning Data Into Chunk Groupings For Use In A Dispersed Storage Network
2y 5m to grant Granted Mar 17, 2026
18/647,498
Patent 12579312
SYSTEMS AND METHODS FOR SEGREGATED COLLECTION AND STORAGE OF SENSITIVE DATA
2y 5m to grant Granted Mar 17, 2026
18/059,525
Patent 12567911
SYSTEMS, DEVICES, AND METHODS FOR DATA TRANSMISSION
2y 5m to grant Granted Mar 03, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

1-2
Expected OA Rounds
84%
Grant Probability
95%
With Interview (+10.5%)
2y 5m
Median Time to Grant
Low
PTA Risk
Based on 537 resolved cases by this examiner. Grant probability derived from career allow rate.

Ready to respond to this office action?

IP Author drafts your complete OA response — amendments, arguments, and claim strategy — in minutes, not days.

Start Drafting Your Response →

Data sourced from USPTO Patent File Wrapper (daily) and Office Action Archive (weekly). Analysis generated by IP Author.

Data: USPTO Patent File Wrapper (daily) • Office Action Archive (weekly) • 89M+ prosecution events

© 2026 IP Author — Browse Office ActionsExaminersCompaniesFirms

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month