Prosecution Insights
Last updated: July 17, 2026
Application No. 18/891,468

DISTRIBUTED AUTHENTICATION IN AMBIENT COMMERCE

Non-Final OA §101§103§112
Filed
Sep 20, 2024
Priority
May 25, 2022 — continuation of 12/131,361
Examiner
ROSEN, NICHOLAS D
Art Unit
3689
Tech Center
3600 — Transportation & Electronic Commerce
Assignee
The Toronto-dominion Bank
OA Round
1 (Non-Final)
70%
Grant Probability
Favorable
1-2
OA Rounds
1y 3m
Est. Remaining
93%
With Interview

Examiner Intelligence

Grants 70% — above average
70%
Career Allowance Rate
478 granted / 678 resolved
+18.5% vs TC avg
Strong +22% interview lift
Without
With
+22.1%
Interview Lift
resolved cases with interview
Typical timeline
3y 1m
Avg Prosecution
19 currently pending
Career history
697
Total Applications
across all art units

Statute-Specific Performance

§101
33.9%
-6.1% vs TC avg
§103
48.6%
+8.6% vs TC avg
§102
1.5%
-38.5% vs TC avg
§112
9.6%
-30.4% vs TC avg
Black line = Tech Center average estimate • Based on career data from 678 resolved cases

Office Action

§101 §103 §112
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Claims 1-19 and 21 have been examined. Claim Objections Claims 1-13 and 21 are objected to because of the following informalities: In the third line of claim 1, “coupled the communication module” should be “coupled to the communication module”. In the ninth line of claim 1, “authenticating” should be “authenticate”. The processor is caused to authenticate the detected entity. In the fifteenth line of claim 1, “that the authentication has been performed” poses a technical antecedent basis problem, and should be “that authentication has been performed”. Appropriate correction is required. Claim 11 is objected to because of the following informalities: In the sixth line of claim 11, “the indication” poses a technical antecedent basis problem, since “an indication” is received in the tenth line of claim 1, and another indication is obtained in the twelfth line. Based on the recitation of “the second authentication parameter” in the third and fourth lines of claim 11, “the indication” is presumed for examination purposes to refer to the indication obtained in the tenth line of claim 1 (an indication not associated with the second authentication parameter, but with the first authentication parameter). Appropriate correction is required. Claims 12 and 13 are objected to because of the following informalities: In the second line of claim 12, the comma after “first system” appears to be extraneous. Appropriate correction, or at least a statement that Applicant prefers to keep the comma, is required. Claims 14-19 are objected to because of the following informalities: In the tenth line of claim 14, “that the authentication has been performed” poses a technical antecedent basis problem, and should be “that authentication has been performed”. Appropriate correction is required. Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. Claim 11 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Claim 11 recites, with emphasis added, “The system of claim 1, wherein the instructions further configure the processor to: determine that a particular entity may be at the physical premises based on the second authentication parameter; and in response to determining that the particular entity may be at the physical premises, send, to the system, a request for the indication.” It does not make sense for the processor to send such a request to “the system”, as the processor is part of “the system” (see claim 1). It is presumed for purposes of examination that the processor is configured to send, to the first system, a request for the indication, since “the first system” is distinct from “the system”, and is not associated with the second authorization parameter, so confirmation would be received from a different source. Rewriting to clarify which system is which would be welcome. Note also objection to claim 11, set forth above. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1-19 and 21 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception without significantly more. First, it is determined that the claims are directed to a statutory category of invention. See MPEP 2106.03 (II). In the instant case, claims 1-13 and 21 recite a system comprising a communication module, a processor, and a memory, and therefore fall within the statutory category of machine. Claims 14-19 recite a computer-implemented method, and therefore fall within the statutory category of process. Therefore, claims 1-19 and 21 are directed to statutory subject matter under Step 1 of the Alice/Mayo test. (Step 1: YES). The claims are then analyzed to determine whether the claims are directed to a judicial exception. See MPEP 2106.04. The claims are analyzed to evaluate whether they recite a judicial exception (Step 2A, Prong One) as well as analyzed to evaluate whether the claims recite additional elements that integrate the judicial exception into a practical application of the judicial exception (Step 2A, Prong Two). See MPEP 2106.04. In the instant case, beginning with Step 2A, Prong One, independent claim 14 recites a method comprising authenticating a detected entity by determining that the detected entity is an authenticated entity based on the indication that the authentication has been performed by the first system and the indication that the authentication has been performed by the system that is not the first system. A human being could readily perform such determining as a mental process. Independent claim 1 recites that a processor is caused to authenticate a detected entity by parallel means, and having a computer to something that could be done as a matter of human judgement does not make a claim cease to be directed to a judicial exception. Claims 1-19 and 21 are therefore directed to an abstract idea, a form of judicial exception, and specifically to a mental process, a recognized category of abstract idea. (Step 2A, Prong One: YES for 1-19 and 21) Proceeding to Step 2A, Prong Two, claim 1 recites: A system comprising: a communication module; a processor in communication with one or more sensors associated with a physical premises and coupled [to] the communication module; and a memory coupled to the processor, the memory storing processor-executable instructions which, when executed, cause the processor to: detect, based on an output of at least one of the one or more sensors, an entity at the physical premises; [authenticate] the detected entity by: receiving, from a first system, an indication that authentication has been performed by the first system using a first authentication parameter; obtaining an indication that authentication has been performed by a system that is not the first system using a second authentication parameter; and determining that the detected entity is an authenticated entity based on the indication that [authentication] has been performed by the first system and the indication that authentication has been performed by the system that is not the first system; and perform an operation for the authenticated entity. The recited operations do not involve improvements to the functioning of a computer, or to any other technology or technical field. They do not effect a transformation or reduction of a particular article to a different state or thing, and do not otherwise apply or use the judicial exception in some meaningful way beyond generally linking the use of the judicial exception to a particular technological environment. Insignificant extra-solution activity does not provide reason to treat a claim directed to a judicial exception as significantly more than the judicial exception. This analysis also applies to claim 14, which is parallel to claim 1, while reciting less explicit technology. The claims, including independent claims 1 and 14, and their respective dependents, do not integrate the claimed invention into a practical application for purposes of Alice/Mayo analysis. (Step 2A, Prong One: NO for 1-19 and 21) Next, under Step 2B of the Alice/Mayo test, the claims are analyzed to determine whether there are additional claim limitations that individually, or as an ordered combination, ensure that the claims amount to significantly more than the abstract idea. See MPEP 2106.05. Analysis under Step 2B is to a large extent the same as analysis under Step 1, Prong Two, and therefore reaches the same conclusion. Additionally, it is necessary and proper in Step 2B analysis to determine whether the claims add a specific limitation other than what is well-understood, routine, and conventional activity in the field. Applying such analysis to independent claim 1, Tanaka et al. (U.S. Patent Application Publication 2017/0012972) discloses (paragraph 40, emphasis added), “The processor 202 can be any suitable conventional processor. The memory 204 may include any suitable conventional RAM type memory and/or ROM type memory with associated storage space for storing the application programming code 206”). Tanaka further discloses (paragraph 41, with emphasis added), “A conventional wired or wireless communication module 208 (e.g., transmitter or receiver or transceiver) may be included as needed for performing one or more of the functions of the smart wearable device described herein.” Hence, the communication module, processor, and memory of claim 1 require only the use of well-understood, routine, and conventional technology. Further, Gruber (U.S. Patent 11,113,939) discloses (column 4, lines 2-11, emphasis added), “Electronic person detector 112 may comprise a battery-powered motion sensor using passive infra-red (PIR) detection techniques, as known in the art, to detect infra-red heat as a person moves across the area. Electronic person detector 112 may, additionally or alternatively, comprise an occupancy sensor, used to determine the presence of one or more persons in the area using techniques such as ultrasonic, infra-red, thermal, or other well-known techniques to determine if a person is occupying the area.” Gruber further discloses (column 4, lines 61-64, emphasis added), “In a security sensor mode of operation, electronic person detector 112 detects movement of people in an area monitored by electronic person detector 112, using techniques well-known in the art.” Hence, only well-understood, routine, and conventional technology would be needed to have one or more sensors associated with a physical premises, and to detect, based on an output of at least one of the one or more sensors, an entity at the physical premises. The courts have recognized the following computer functions as well-understood, routine and conventional functions when they are claimed in a merely generic manner (e.g., at a high level of generality) or as insignificant extra-solution activity: Receiving or transmitting data over a network, e.g., using the Internet to gather data, Symantec, 838 F.3d at 1321, 120 USPQ2d at 1362 (utilizing an intermediary computer to forward information); TLI Communications LLC v. AV Auto. LLC, 823 F.3d 607, 610, 118 USPQ2d 1744, 1745 (Fed. Cir. 2016) (using a telephone for image transmission); OIP Techs., Inc., v. Amazon.com, Inc., 788 F.3d 1359, 1363, 115 USPQ2d 1090,1093 (Fed. Cir. 2015) sending messages over a network); buySAFE, Inc. v. Google, Inc., 765 F.3d 1350, 1355, 112 USPQ2d 1093, 1096 (Fed. Cir. 2014) (computer receives and sends information over a network). Hence, the receiving operation of claim 1, and the “obtaining an indication” operation of claim 1, which may or may not involve similar receiving, require only the use of well-understood, routine, and conventional functions and technology. The other operations of claim 1 are not necessarily or unambiguously technological at all. Hence, the limitations of claim 1, whether considered separately or in combination, do not raise the recited system to significantly more than an abstract idea. Claim 2, which depends from claim 1, recites that obtaining the indication that authentication has been performed by a system that is not the first system using the second authentication parameter includes receiving, from a second system, the indication that authentication has been performed by the second system using the second authentication parameter. Based on judicial precedents, as set forth above with regard to the receiving operation of claim 1, this parallel receiving operation also requires only the use of well-understood, routine, and conventional functions and technology. The limitation of claim 2, whether considered separately or in combination with the limitations of claim 1, does not raise the recited system to significantly more than an abstract idea. Claim 3, which depends from claim 1, recites that the first system is separate and remote from the system. Given the judicial precedents regarding receiving or transmitting data over a network, e.g., using the Internet to gather data, involving only well-understood, routine, and conventional functions, it follows that separate systems which would need to receive or transmit data over a network, rather than directly, were likewise well-understood, routine, and conventional. The limitation of claim 3, whether considered separately or in combination with the limitations of claim 1, does not raise the recited system to significantly more than an abstract idea. Claim 4, which depends from claim 1, recites that determining that the detected entity is an authenticated entity includes determining that authentication has been performed based on at least a threshold of authentication parameters. This is not in itself technological. The limitation of claim 4, whether considered separately or in combination with the limitations of claim 1, does not raise the recited system to significantly more than an abstract idea. Claim 5, which depends from claim 1, recites that the first and second authentication parameters include one or more of: a facial profile; a voiceprint; a fingerprint; a credential; a location; and a behavioural indication. Having the first and second authentication parameters include one or more of these is not in itself technological. The limitation of claim 5, whether considered separately or in combination with the limitations of claim 1, does not raise the recited system to significantly more than an abstract idea. Claim 6, which depends from claim 1, recites that the second authentication parameter is determined based on a sensor output of the one or more sensors. In view of Gruber (U.S. Patent 11,113,939), cited above with regard to the one or more sensors of claim 1, and the detecting, based on an output of at least one of the one or more sensors, an entity at the physical premises, this requires only the use of well-understood, routine, and conventional technology. The limitation of claim 6, whether considered separately or in combination with the limitations of claim 1, does not raise the recited system to significantly more than an abstract idea. Claim 7, which depends from claim 1, recites that the first system is a financial institution system. This is not in itself technological. The limitation of claim 7, whether considered separately or in combination with the limitations of claim 1, does not raise the recited system to significantly more than an abstract idea. Claim 8, which depends from claim 1, recites that the indication that authentication has been performed by the first system includes stored profile data, and wherein determining is an authenticated entity includes comparing data obtained from at least one of the one or more sensors to the stored profile data. Comparing data need not in itself be significantly technological. The courts have recognized storing and retrieving information in memory as well-understood, routine, and conventional functions, in Versata Dev. Group, Inc. v. SAP Am., Inc., 793 F.3d at 1306, 1334, 115 USPQ2d 1681, 1701 (Fed. Cir. 2015); OIP Techs., Inc., v. Amazon.com, Inc., 788 F.3d 1363, 115 USPQ2d at 1092-93 (Fed. Cir. 2015). Therefore, having the indication include stored profile data and using the stored profile data need involve only well-understood, routine, and conventional functions and technology. Hence, the limitations of claim 8, whether considered separately or in combination with each other and with the limitations of claim 1, do not raise the recited system to significantly more than an abstract idea. Claim 9, which depends from claim 8, recites that the stored profile data includes one or more of: a facial profile; a fingerprint; a credential; a voiceprint; and a behavioural indication. Having the stored profile data include one or more of these is not in itself technological. Hence, the limitation of claim 9, whether considered separately or in combination with the limitations of claim 1 and claim 8, does not raise the recited system to significantly more than an abstract idea. Claim 10, which depends from claim 1, recites that the indication that authentication has been performed by the first system indicates that a particular entity has been identified as being at the physical premises. Having the indication indicate this particular information is not in itself technological. The limitation of claim 10, whether considered separately or in combination with the limitations of claim 1, does not raise the recited system to significantly more than an abstract idea. Claim 11, which depends from claim 1, recites [as interpreted by Examiner for examination purposes; see objection and 112 rejection above] that the instructions further configure the processor to: determine that a particular entity may be at the physical premises based on the second authentication parameter; and in response to determining that the particular entity may be at the physical premises, send, to the first system, a request for the indication that authentication has been performed by the first system using the first authentication parameter. The determining need not be technological, and sending a request (to whichever system and for whichever indication) requires only the use of well-understood, routine, and conventional functions and technology, based on judicial precedents, as set forth above with regard to the receiving operation of claim 1. Hence, the limitations of claim 11, whether considered separately or in combination with each other and with the limitations of claim 1, do not raise the recited system to significantly more than an abstract idea. Claim 12, which depends from claim 1, recites that the indication that authentication has been performed by the first system is formatted to uniquely identify the first system as a source of the indication. Having the indication formatted to convey particular information is not in itself technological. The limitation of claim 12, whether considered separately or in combination with the limitations of claim 1, does not raise the recited system to significantly more than an abstract idea. Claim 13, which depends from claim 12, recites that the indication is formatted to uniquely identify the first system using a private key associated with the first system and that the instructions further configure the processor to: decrypt the indication that authentication has been performed by the first system with a public key associated with the private key. King et al. (U.S. Patent Application Publication 2003/0028494) discloses (paragraph 2, emphasis added), “The terms ‘private key’ and ‘public key’ are well known terms of art and are used for asymmetric cryptography in which one key is used for encryption and the other for decryption, namely the private key, is kept by the user and never revealed or transferred. Asymmetric cryptography is considered to provide a higher level of security than symmetric cryptography for which a shared key is used for both encryption and decryption (the sharing aspect introduces an element of insecurity).” Hence, the use of private and public keys as recited in claim 13 requires only the use of well-understood, routine, and conventional functions and technology. The limitations of claim 13, whether considered separately or in combination with the limitations of claim 1 and claim 12, do not raise the recited system to significantly more than an abstract idea. Claim 21, which depends from claim 1, recites that the detecting, based on the output of at least one of the one or more sensors, the entity at the physical premises includes using image recognition, wherein the image recognition includes facial recognition. Yokoyama et al. (U.S. Patent Application Publication 2017/0316396) discloses (paragraph 69, emphasis added), “A method of extracting feature information is not particularly limited, and may use well-known technologies such as facial recognition or image recognition.” Hence, image recognition, wherein the image recognition includes facial recognition, need involve only well-understood, routine, and conventional technology. The limitation of claim 21, whether considered separately or in combination with the limitations of claim 1, does not raise the recited system to significantly more than an abstract idea. Independent claim 14 is a method claim largely parallel to claim 1, although without explicitly reciting use of a communication module, a processor, and a memory coupled to the processor. Gruber (U.S. Patent 11,113,939) discloses (column 4, lines 2-11, emphasis added), “Electronic person detector 112 may comprise a battery-powered motion sensor using passive infra-red (PIR) detection techniques, as known in the art, to detect infra-red heat as a person moves across the area. Electronic person detector 112 may, additionally or alternatively, comprise an occupancy sensor, used to determine the presence of one or more persons in the area using techniques such as ultrasonic, infra-red, thermal, or other well-known techniques to determine if a person is occupying the area.” Gruber further discloses (column 4, lines 61-64, emphasis added), “In a security sensor mode of operation, electronic person detector 112 detects movement of people in an area monitored by electronic person detector 112, using techniques well-known in the art.” Hence, only well-understood, routine, and conventional technology would be needed to have one or more sensors associated with a physical premises, and to detect, based on an output of the one or more sensors, an entity at the physical premises. The courts have recognized the following computer functions as well-understood, routine and conventional functions when they are claimed in a merely generic manner (e.g., at a high level of generality) or as insignificant extra-solution activity: Receiving or transmitting data over a network, e.g., using the Internet to gather data, Symantec, 838 F.3d at 1321, 120 USPQ2d at 1362 (utilizing an intermediary computer to forward information); TLI Communications LLC v. AV Auto. LLC, 823 F.3d 607, 610, 118 USPQ2d 1744, 1745 (Fed. Cir. 2016) (using a telephone for image transmission); OIP Techs., Inc., v. Amazon.com, Inc., 788 F.3d 1359, 1363, 115 USPQ2d 1090,1093 (Fed. Cir. 2015) sending messages over a network); buySAFE, Inc. v. Google, Inc., 765 F.3d 1350, 1355, 112 USPQ2d 1093, 1096 (Fed. Cir. 2014) (computer receives and sends information over a network). Hence, the step of claim 14, and the “obtaining an indication” step of claim 14, which may or may not involve similar receiving, require only the use of well-understood, routine, and conventional functions and technology. The other steps of claim 14 are not necessarily or unambiguously technological at all. Hence, the limitations of claim 14, whether considered separately or in combination, do not raise the recited method to significantly more than an abstract idea. Claim 15, which depends from claim 14, recites that obtaining the indication that authentication has been performed by a system that is not the first system using the second authentication parameter includes receiving, from a second system, the indication that authentication has been performed by the second system using the second authentication parameter. Based on judicial precedents, as set forth above with regard to the receiving operation of claim 14, this parallel receiving operation also requires only the use of well-understood, routine, and conventional functions and technology. The limitation of claim 15, whether considered separately or in combination with the limitations of claim 14, does not raise the recited method to significantly more than an abstract idea. Claim 16, which depends from claim 14, recites that the first system is separate and remote from a system performing the method. Given the judicial precedents regarding receiving or transmitting data over a network, e.g., using the Internet to gather data, involving only well-understood, routine, and conventional functions, it follows that separate systems which would need to receive or transmit data over a network, rather than directly, were likewise well-understood, routine, and conventional. The limitation of claim 16, whether considered separately or in combination with the limitations of claim 14, does not raise the recited method to significantly more than an abstract idea. Claim 17, which depends from claim 14, recites that determining that the detected entity is an authenticated entity includes determining that authentication has been performed based on at least a threshold of authentication parameters. This is not in itself technological. The limitation of claim 17, whether considered separately or in combination with the limitations of claim 14, does not raise the recited method to significantly more than an abstract idea. Claim 18, which depends from claim 14, recites that the first and second authentication parameters include one or more of: a facial profile; a voiceprint; a fingerprint; a credential; a location; and a behavioural indication. Having the first and second authentication parameters include one or more of these is not in itself technological. The limitation of claim 18, whether considered separately or in combination with the limitations of claim 14, does not raise the recited method to significantly more than an abstract idea. Claim 19, which depends from claim 14, recites that the second authentication parameter is determined based on a sensor output of the one or more sensors. In view of Gruber (U.S. Patent 11,113,939), cited above with regard to the one or more sensors of claim 14, and the detecting, based on an output of one or more sensors, an entity at the physical premises, this requires only the use of well-understood, routine, and conventional technology. The limitation of claim 19, whether considered separately or in combination with the limitations of claim 14, does not raise the recited system to significantly more than an abstract idea. Double Patenting The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13. The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer. Claims 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, and 13 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, and 12 of U.S. Patent No. 12,131,361. Although the claims at issue are not identical, they are not patentably distinct from each other because, as may be seen below in Table 1, claim 1 of the instant application is a slightly broader version of claim 1 of the ‘361 patent, with different choices of words, such as the broader “obtaining” for “receiving”, and, for example, with the first and second systems not being expressly described as “independent trusted” systems, but recites nothing to narrow the instant claim 1 by comparison with claim 1 of the ‘361 patent. Then claim 2 of the instant application recites language corresponding to language found in claim 1 of the ‘361 patent, as may also be seen from Table 1. Then claim 3 of the instant application corresponds essentially to claim 2 of the ‘361 patent (since the first and second independent trusted systems are interchangeable with each other). Then claim 4 of the instant application corresponds directly to claim 3 of the ‘361 patent (except for the distinction of referring to “the detected entity” rather than “the unauthenticated entity”; this is unimportant, because the entity becomes authenticated in both claims. Then claim 5 of the instant application corresponds directly to claim 4 of the ‘361 patent. Then claim 6 of the instant application corresponds directly to claim 5 of the ‘361 patent. Then claim 7 of the instant application corresponds essentially to claim 6 of the ‘361 patent. Then claim 8 of the instant application corresponds essentially to claim 7 of the ‘361 patent. Then claim 9 of the instant application corresponds directly to claim 8 of the ‘361 patent. Then claim 10 of the instant application corresponds essentially to claim 9 of the ‘361 patent, except for being more precise by reciting “the indication that authorization has been performed by the first system” in place of “the indication”. Then claim 11 of the instant application corresponds essentially to claim 10 of the ‘361 patent. Then claim 12 of the instant application corresponds essentially to claim 11 of the ‘361 patent, except for being more precise by reciting “the indication that authorization has been performed by the first system” in place of “the indication”. Then claim 13 of the instant application corresponds essentially to claim 12 of the ‘361 patent, although with “the first system” in place of “the first independent trusted system”, and claim 12 of the ‘361 omits the redundant words “that authentication has been performed by the first system”. Language present in one claim but not a parallel claim is shown bolded in Table 1. Table 1 Instant claims U.S. Patent 12,131,361 1. A system comprising: a communication module; a processor in communication with one or more sensors associated with a physical premises and coupled [to] the communication module; and a memory coupled to the processor, the memory storing processor-executable instructions which, when executed, cause the processor to: detect, based on an output of at least one of the one or more sensors, an entity at the physical premises; authenticating the detected entity by: receiving, from a first system, an indication that authentication has been performed by the first system using a first authentication parameter; obtaining an indication that authentication has been performed by a system that is not the first system using a second authentication parameter; and determining that the detected entity is an authenticated entity based on the indication that the authentication has been performed by the first system and the indication that authentication has been performed by the system that is not the first system; and perform an operation for the authenticated entity. 2. The system of claim 1, wherein obtaining the indication that authentication has been performed by a system that is not the first system using the second authentication parameter includes receiving, from a second system, the indication that authentication has been performed by the second system using the second authentication parameter. 3. The system of claim 1, wherein the first system is separate and remote from the system. 4. The system of claim 1, wherein determining that the detected entity is an authenticated entity includes determining that authentication has been performed based on at least a threshold of authentication parameters. 5. The system of claim 1, wherein the first and second authentication parameters include one or more of: a facial profile; a voiceprint; a fingerprint; a credential; a location; and a behavioural indication. 6. The system of claim 1, wherein the second authentication parameter is determined based on sensor output of at least one of the one or more sensors. 7. The system of claim 1, wherein the first system is a financial institution system. 8. The system of claim 1, wherein the indication that authentication has been performed by the first system includes stored profile data, and wherein determining that the entity is an authenticated entity includes comparing data obtained from at least one of the one or more sensors to the stored profile data. 9. The system of claim 8, wherein the stored profile data includes one or more of: a facial profile; a fingerprint; a credential; a voiceprint; and a behavioural indication. 10. The system of claim 1, wherein the indication that authentication has been performed by the first system indicates that a particular entity has been identified as being at the physical premises. 11. The system of claim 1, wherein the instructions further configure the processor to: determine that a particular entity may be at the physical premises based on the second authentication parameter; and in response to determining that the particular entity may be at the physical premises, send, to the [first] system, a request for the indication. 12. The system of claim 1, wherein the indication that authentication has been performed by the first system is formatted to uniquely identify the first system as a source of the indication. 13. The system of claim 12, wherein the indication is formatted to uniquely identify the first system using a private key associated with the first system and wherein the instructions further configure the processor to: decrypt the indication that authentication has been performed by the first system with a public key associated with the private key. 1. A system comprising: one or more one or more sensors positioned at a physical premises for detecting an unauthenticated entity at the physical premises; a communication module; a processor coupled to the one or more sensors and the communication module; and a memory coupled to the processor, the memory storing processor-executable instructions which, when executed, cause the processor to: detect, based on an output of at least one of the one or more sensors, the unauthenticated entity at the physical premises; receive, from a first independent trusted system and via the communication module, an indication that authentication has been performed by the first independent trusted system for the unauthenticated entity using a first authentication parameter; receive, from a second independent trusted system and via the communication module, an indication that authentication has been performed by the first independent trusted system for the unauthenticated entity by the second independent trusted system using a second authentication parameter; determine that the entity is now considered an authenticated entity based on the indication that the authentication has been performed by the first independent trusted system using the first authentication parameter and the indication that authentication has been performed by the second independent trusted system using the second authentication parameter; and perform an operation for the authenticated entity. 2. The system of claim 1, wherein the second independent trusted system is separate and remote from the system. 3. The system of claim 1, wherein determining that the unauthenticated entity is an authenticated entity includes determining that authentication has been performed based on at least a threshold of authentication parameters. 4. The of claim 1, wherein the first and second authentication parameters include one or more of: a facial profile; a voiceprint; a fingerprint; a credential; a location; and a behavioural indication. 5. The system of claim 1, wherein the second authentication parameter is determined based on sensor output of at least one of the one or more sensors. 6. The system of claim 1, wherein the first system is a financial institution system. 7. The system of claim 1, wherein the indication includes stored profile data, and wherein determining that the unauthenticated entity is an authenticated entity based on the indication that authentication has been performed and at least a second authentication parameter includes comparing data obtained from at least one of the one or more sensors to the stored profile data. 8. The system of claim 7, wherein the stored profile data includes one or more of: a facial profile; a fingerprint; a credential; a voiceprint; and a behavioural indication. 9. The system of claim 1, wherein the indication that authentication has been performed by the first system indicates that a particular entity has been identified as being at the physical premises. 10. The system of claim 1, wherein the instructions further configure the processor to: determine that a particular entity may be at the physical premises based on the second authentication parameter; and in response to determining that the particular entity may be at the physical premises, send, to the first independent trusted system, a request for the indication. 11. The system of claim 1, wherein the indication that authentication has been performed by the first system is formatted to uniquely identify the first independent trusted system, as a source of the indication. 12. The system of claim 11, wherein the indication is formatted to uniquely identify the first independent trusted system using a private key associated with the first independent trusted system and wherein the instructions further configure the processor to: decrypt the indication that with a public key associated with the private key. Claims 14, 15, 16, 17, 18, and 19 rejected on the ground of nonstatutory double patenting as being unpatentable over claims 14, 15, 16, 17, and 18 of U.S. Patent No. 12,131,361. Although the claims at issue are not identical, they are not patentably distinct from each other because, as may be seen below in Table 2, claim 14 of the instant application is a slightly broader version of claim 14 of the ‘361 patent, with different choices of words, such as the broader “obtaining” for “receiving”, and, for example, with the first and second systems not being expressly described as “independent trusted” systems, but recites nothing to significantly narrow the instant claim 14 by comparison with claim 14 of the ‘361 patent. Then claim 15 of the instant application corresponds to additional language of claim 14 of the ‘361 patent. Claim 16 of the instant application is essentially parallel to claim 15 of the ‘361 patent, reciting “”the first system” in place of “the second independent trusted system”, which is not a significant difference because the first and second systems can be interchangeable. Claim 17 of the instant application is essentially parallel to claim 16 of the ‘361 patent. Claim 18 of the instant application is directly parallel to claim 17 of the ‘361 patent. Claim 19 of the instant application is directly parallel to claim 18 of the ‘361 patent. Language present in one claim but not a parallel claim is shown bolded in Table 2. Table 2 Instant Application U.S. Patent 12,131,361 14. A computer-implemented method comprising: detecting, based on an output of one or more sensors associated with a physical premises, an entity at the physical premises; authenticating the detected entity by: receiving, from a first system, an indication that authentication has been performed by the first system using a first authentication parameter; obtaining an indication that authentication has been performed by a system that is not the first system using a second authentication parameter; and determining that the detected entity is an authenticated entity based on the indication that the authentication has been performed by the first system and the indication that authentication has been performed by the system that is not the first system; and performing an operation for the authenticated entity. 15. The method of claim 14, wherein obtaining the indication that authentication has been performed by a system that is not the first system using the second authentication parameter includes receiving, from a second system, the indication that authentication has been performed by the second system using the second authentication parameter. 16. The method of claim 14, wherein the first system is separate and remote from a system performing the method. 17. The method of claim 14, wherein determining that the entity is an authenticated entity includes determining that the authentication has been performed based on at least a threshold of authentication parameters. 18. The method of claim 14, wherein the first and second authentication parameters include one or more of: a facial profile; a voiceprint; a fingerprint; a credential; a location; and a behavioural indication. 19. The method of claim 14, wherein the second authentication parameter is determined based on a sensor output of at least one of the one or more of the sensors. 14. A computer-implemented method comprising: detecting, based on an output of one or more sensors associated with a physical premises, an unauthenticated entity at the physical premises; receiving, from a first independent trusted system, an indication that authentication has been performed by the first independent trusted system using a first authentication parameter; receiving, from a second independent trusted system, an indication that authentication has been performed by the second independent trusted system using a second authentication parameter; determining that the entity is an authenticated entity based on the indication that the authentication has been performed by the first independent trusted system using the first authentication parameter and the indication that authentication has been performed by the second independent trusted system using the second authentication parameter; and performing an operation for the authenticated entity. 15. The method of claim 14, wherein the second independent trusted system is separate and remote from a system performing the method. 16. The method of claim 14, wherein determining that the unauthenticated entity is an authenticated entity includes determining that the authentication has been performed based on at least a threshold of authentication parameters. 17. The method of claim 14, wherein the first and second authentication parameters include one or more of: a facial profile; a voiceprint; a fingerprint; a credential; a location; and a behavioural indication. 18. The method of claim 14, wherein the second authentication parameter is determined based on a sensor output of at least one of the one or more of the sensors. Claim 21 is rejected on the ground of nonstatutory double patenting as being unpatentable over claim 1 of U.S. Patent No. 12,131,361 in view of Yokoyama et al. (U.S. Patent Application Publication 2017/0316396). As set forth above, claim 1 of the instant application is a slightly broader version of claim 1 of the ‘361 patent. Claim 21 of the instant application recites, “The system of claim 1, wherein the detecting, based on the output of at least one of the one or more sensors, the entity at the physical premises includes using image recognition, wherein the image recognition includes facial recognition.” Yokoyama discloses (paragraph 69, emphasis added), “A method of extracting feature information is not particularly limited, and may use well-known technologies such as facial recognition or image recognition.” Hence, it would have been obvious to one of ordinary skill in the art on the date of inventors’ earliest priority for the detecting the entity at the physical premises to include using image recognition, wherein the image recognition includes facial recognition, for the obvious advantages of detecting and identifying an entity with a face at the physical premises. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention. Claims 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, and 21, and claims 14, 15, 16, 17, 18, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Gabriele et al. (U.S. Patent 10,373,165) in view of Kohli (U.S. Patent Application Publication 2017/0243225). As per claim 1, Gabriele discloses communication means, which can be called a module (e.g., column 5, lines 26-30, emphasis added), “For example, merchant sensors 103 may include a router or base station that is capable of detecting wireless signals generated by user device 102 and/or communicating with user device 102 to determine or detect information associated with user device 102.” Gabriele further discloses a system comprising one or more sensors positioned at a physical premises, a processor coupled to the one or more sensors, and a memory coupled to the processor, the memory storing processor-executable instructions, which, when executed, cause the processor to perform operations (e.g., column 3, lines 4-9, with emphasis added): “The disclosed embodiments are directed to systems and methods for authenticating a customer. The system may include one or more memory devices storing instructions, one or more sensors positioned proximate a merchant location, and one or more processors configured to execute the instructions to perform steps of a method.” See also Figures 1 and 2. Hence, a communication module is disclosed, and having the processor coupled to the one or more sensors and the communication module would have been obvious to one of ordinary skill in the art of electronic commerce on the date of inventors’ priority, for the obvious advantage of enabling the disclosed system to carry out its functions. Gabriele discloses detecting, based on an output of one or more sensors, an entity at a physical premises (column 14, lines 53-67, with emphasis added), “In block 310, the system may detect customer biometric data associated with an unknown customer 101 present at a merchant location. The customer biometric data may be detected by one or more of the sensors present at the merchant location … Merchant sensors 103 may include, for example, an imaging device, a microphone, a heartbeat sensor, a retina scanner, a fingerprint scanner, a scale, an odor/scent detector, a radio frequency detection sensor, a Bluetooth interface, or a WiFi interface.” See also Figure 3, especially block 310. Gabriele discloses performing an authentication for an unauthenticated entity (unknown customer), and determining that the entity is now considered an authenticated entity based on the performance of the authentication (column 17, lines 9-16, emphases added), “In block 310, the system may authenticate (e.g., at merchant server 105), the unknown customer 101 as the known customer when the confidence level exceeds a predetermined threshold. For example, if the predetermined threshold is 95%, when the system determines that the confidence level determined at block 330 exceeds 95%, then the unknown customer 101 may be authenticated as the known customer.” See also Figure 3, especially block 330. Further, Gabriele discloses first and second authentication parameters used in authenticating an entity (columns 14, 15, 16, and 17). Specifically, Gabriele discloses (column 14, line 63, through column 15, line 5, emphasis added), “Merchant sensors 103 may include, for example, an imaging device, a microphone, a heartbeat sensor, a retina scanner, a fingerprint scanner, a scale, an odor/scent detector, a radio frequency detection sensor, a Bluetooth interface, or a WiFi interface. According to some embodiments, detecting customer biometric data may include, for example, capturing one or more of an image, a video, a voice recording, a heartbeat recording, a retina image, an odor/scent, a fingerprint image, and/or a measured weight of the unknown customer 101.” Gabriele then discloses (column 16, lines 5-20, emphasis added), “In some embodiments, known customer biometric data may include biometric data known to be associated with the particular individual that is associated with the known customer identification profile. For example, known biometric data may include images, videos, audio recordings, fingerprint scans, retina scans, height information, weight information, heartbeat information/patterns, walking gait patterns/signatures, or other such biometric data that has been obtained from the individual in the past. Likewise, in some embodiments, known behavioral information may be data that represents patterns of behavior of the particular individual, such as location data that indicates patterns or movement, purchasing data that indicates purchasing patterns, or any other such data that may be useful in identifying an individual by virtue of their behavior.” Gabriele discloses receiving or obtaining an indication from a separate system that authentication has been performed by that system (column 20, lines 5-17, emphasis added), “In block 510, the system may detect, by one or more sensors (e.g., merchant sensors 103), customer biometric data associated with an unknown customer 101 present at a merchant location. In block 520, the system may transmit the detected customer biometric data to a financial server provider server, such as for example, transaction server 114. In block 530, the system (e.g., merchant server 105) may receive authentication that the unknown customer is a known customer from the financial service provider server (e.g., authorization device 120. In block 540, the system may receive payment credentials of one or more financial accounts associated with the known customer from the financial service provider server.” The financial server provider server and associated system thus corresponds to the “first system” or the “system that is not the first system” in claim 1. Yet further, Gabriele discloses performing an operation for the authenticated entity, e.g., column 17, line 66, through column 18, line 12, with emphasis added: “In block 340, the system (e.g., merchant server 105) may, in response to authenticating the unknown customer as the known customer, transmit identification information associated with the known customer to a financial service provider server (e.g., transaction server 114). For example, after the system identifies a particular the unknown customer 101 as being, for example, John Smith, merchant server 105 may transmit identification information associated with John Smith, such as name, address, phone number social security number, ID number, and the like, to a financial service provider server (e.g., transaction server) to prompt the financial service provider to provide account information associated with John Smith that may be used by system 100 to execute a transaction on his behalf.” In column 18, lines 37-40 (emphasis added), Gabriele discloses, “In some embodiments, the system (e.g., merchant server 105) may receive an authorization to utilize the one or more accounts associated with the known customer to purchase one or more merchant items.” See also Figure 3, especially block 350. Gabriele does not disclose: receiving from a first system, an indication that authentication has been performed by the first system using a first authentication parameter; and obtaining an indication that authentication has been performed by a system that is not the first system using a second authentication parameter; and determining that the detected entity is an authenticated entity based on the indication that authentication has been performed by the first system and the indication that authentication has been performed by the system that is not the first system. However, Kohli teaches two different authentication systems, which may be called a first system and a second system, or a first system and a system that is not the first system, wherein a service system computer receives an indication that authentication has been performed by the first system using a first authentication parameter; receives or obtains an indication that authentication has been performed by a system that is not the first system using a second authentication parameter, and determines that a user is an authenticated entity based on the indication that authentication has been performed by the first system and the indication that authentication has been performed by the system that is not the first system (paragraph 36, emphasis added), “Once a determination is made that the user is enrolled 504, the biometric authentication service system computer transmits 508 a prompt message to a user device of the user, wherein the prompt message asks the user to provide at least one type of user biometric feature data (for example, the prompt message may be displayed on a display component of the use’s mobile device for the user to state his or her name into a microphone for voice recognition processing). Next, the biometric authentication service system computer receives 510 the user biometric feature data from the user device and then determines 512 that at least two biometric authentication computer system computers are associated with the user identification data. The biometric authentication service system computer the [sic, presumably an error for ‘then’] separates 514 the user biometric feature data into at least two user biometric feature data portions, and transmits 516 each user biometric feature data portion to a separate biometric authentication system computer. The biometric authentication service system computer then receives 518 an authentication message from each of the at least two biometric authentication system computer systems, and determines 520 whether each of the authentication messages from the at least two biometric authentication system computer systems indicates positive authentication of the user. If so, then the biometric authentication service system computer transmits 522 a positive user authentication response to the entity computer. If in step 520 a determination is made that one or more of the authentication messages indicates a mismatch between the user biometric feature data portion captured during the transaction and stored data, then the biometric authentication service computer transmits a negative user authentication message to the entity involved in the transaction. Depending on the type of transaction, the biometric authentication service system computer may receive the user authentication request from a merchant device, a merchant acquirer financial institution (FI) computer, or other entity computer or server and the like.” See also Figure 5, especially 514 and 520. Paragraph 12 of Kohli further describe procedures. Hence, it would have been obvious to one of ordinary skill in the art of electronic commerce on the date of inventors’ earliest priority to receive from a first system, an indication that authentication has been performed by the first system using a first authentication parameter; obtain an indication that authentication has been performed by a system that is not the first system using a second authentication parameter; and determine that the detected entity is an authenticated entity based on the indication that authentication has been performed by the first system and the indication that authentication has been performed by the system that is not the first system, for at least the obvious advantage, as per paragraph 5 of Kohli, of providing systems and/or methods which provide improved security for user biometric data so as to encourage and/or promote the adoption of biometric authentication services by users (such as consumers and/or businesses). Kohli further teaches, with regard to performing operations for an authenticated entity (paragraph 14, emphasis added), “For ease of understanding, embodiments are described herein with regard to payment transactions and/or other financial transactions. However, those skilled in the art, upon reading this disclosure, will appreciate that the disclosed biometric user authentication systems and processes may be used to conduct other types of transactions that require biometric authentication, such as a user or employee obtaining entry to a secure building or a consumer and/or cardholder obtaining entry to a transportation hub such as a train station or bus station. As per claim 2, Kohli teaches that obtaining the indication that authentication has been performed by the first and second systems includes receiving from a second system, the indication that authentication has been performed by the second system using a second authentication parameter (paragraph 36, as quoted above with regard to claim 1; see also paragraph 12). Hence, it would have been obvious to one of ordinary skill in the art of electronic commerce on the date of inventors’ earliest priority to obtain the indication that authentication has been performed, as recited in claim 2, for at least the obvious advantage, as per paragraph 5 of Kohli, of providing systems and/or methods which provide improved security for user biometric data so as to encourage and/or promote the adoption of biometric authentication services by users (such as consumers and/or businesses), and for the obvious advantage of providing redundant confirmation, so that an error by the first system, whether made as a result of data hacking or of other causes, will not result in an entity being treated as an authenticated entity when said entity is not actually who he pretends to be. As per claim 3, Gabriele discloses “merchant 107” as including “merchant sensors 103” and “merchant server 105”, and connecting to “local network 116a”, which is then separated from “organization 108” by “network 106”, drawn as a cloud and then connecting to “local network 116b” of “organization 108”, which then connects to “authentication device 120” (shown in Figure 1). Network 106 is not shown in the Figures or described in the specification as a local network. Yet further, Gabriele discloses (column 6, lines 46-55, emphasis added), “Network 106 may comprise any type of computer networking arrangement used to exchange data. For example, network 106 may be the Internet, a private data network, virtual private network using a public network, and/or other suitable connection(s) that enables components in system environment 100 to send and receive information between the components of system 100. Network 106 may also include a public switched telephone network (‘PSTN’) and/or a wireless network.” Thus, it is very possible, and clearly the case in some embodiments, according to Gabriele, for an independent trusted system to be separate and remote from a system performing the method Yet further, and redundantly, Kohli teaches (paragraph 36, emphasis added), The biometric authentication service system computer the [sic, presumably an error for ‘then’] separates 514 the user biometric feature data into at least two user biometric feature data portions, and transmits 516 each user biometric feature data portion to a separate biometric authentication system computer.” Hence, it would have been obvious to one of ordinary skill in the art of electronic commerce on the date of inventors’ earliest priority for the first system to be separate and remote from the system, for at least the obvious advantage, in accordance with Kohli, of maintaining different biometric data sets in different and separate computers, adding to the difficulty for a bad actor of acquiring and using enough user data to impersonate the user. As per claim 4, Gabriele discloses the use of thresholds in authenticating an entity (e.g., column 17, lines 9-16, emphasis added), “In block 330, the system may authenticate (e.g., at merchant server 105) the unknown customer 101 as the known customer when the confidence level exceeds a predetermined threshold. For example, if the predetermined threshold is 95%, when the system determines that the confidence level at block 330 exceeds 95%, then the unknown customer 101 may be authenticated as the known customer.” Gabriele further discloses (column 16, lines 40-56, emphasis added), “In other words, merchant server 105 may compare the obtained images of the unknown customer 101 to images of known customers and determine the degree of matching. Further, merchant server 105 may compare other detected quantities, such as height, weight, body type, gait, heartbeat patterns, retina scan information, odor/scent, fingerprint scan information, audio recordings, and radio frequency information of devices associated with unknown customer 101 to corresponding known data of one or more customer identification profiles and based on the collective degree of overlap between all of these quantities, merchant server 105 may determine the confidence level that the unknown customer 101 is the same person as a known customer associated with a particular customer identification profile. In some embodiments, the determination may also be based on behavioral information that is included in the known customer identification profile.” Hence, it would have been at least obvious to one of ordinary skill in the art of electronic commerce on the date of inventors’ earliest priority for determining that the unauthenticated entity is an authenticated entity to include that determining that the authentication has been performed based on at least a threshold of authentication parameters, for at least the obvious advantage of using enough authentication parameters to bring the confidence threshold to a chosen threshold, such as 95%. As per claim 5, Gabriele discloses first and second authentication parameters that can include at least fingerprint scan information (column 16, line 46) and behavioral information/indications (column 16, lines 54-56). See the 35 U.S.C. 103 rejection of claim 4, previous paragraph, where the relevant section of Gabriele is quoted, and the phrases “fingerprint scan information” and “behavioral information” are bolded. As per claim 6, Gabriele discloses sensors obtaining biometric data (column 15, lines 5-12, emphasis added) “According to some embodiments, merchant sensors 103 may continuously or intermittently obtain biometric data from unknown customer 101 as unknown customer 101 moves about the merchant location. Merchant sensors 103 may track unknown customer’s 101 movements and gather data that may be used to determine unknown customer 101 position within the merchant location.” The sensors would be useless for this purpose without output from the sensors. Gabriele further discloses (column 16, lines 30-54, emphasis added), “According to some embodiments, the system (e.g., via merchant server 105) may compare the sensor data to the known customer identification profile to determine a confidence level that the unknown customer 101 is the same individual as the known customer in a manner similar to as described previously above. For example, merchant server 105 may take digital photographs of the unknown customer’s 101 face, and merchant server 105 may compare the digital photographs to image data included in one or more known customer profiles to determine the degree of a match that is found. In other words, merchant server 105 may compare the obtained images of the unknown customer 101 to images of known customers and determine the degree of matching. Further, merchant server 105 may compare other detected quantities such as height, weight, body type, gait, heartbeat patterns, retina scan information, odor/scent, fingerprint scan information, audio recordings, and radio frequency information of devices associated with unknown customer 101 to corresponding known data of one or more customer identification profiles and based on the collective degree of overlap between all of these quantities, merchant server 105 may determine the confidence level that the unknown customer 101 is the same person as a known customer associated with a particular customer identification profile.” Thus, an authentication parameter or parameters, which may be chosen as the second authentication parameter, is determined based on sensor information and thus sensor output of one or more sensors. As per claim 7, Gabriele discloses (column 20, lines 5-17, emphasis added), “In block 510, the system may detect, by one or more sensors (e.g., merchant sensors 103), customer biometric data associated with an unknown customer 101 present at a merchant location. In block 520, the system may transmit the detected customer biometric data to a financial server provider server, such as for example, transaction server 114. In block 530, the system (e.g., merchant server 105) may receive authentication that the unknown customer is a known customer from the financial service provider server (e.g., authorization device 120. In block 540, the system may receive payment credentials of one or more financial accounts associated with the known customer from the financial service provider server.” (Column 20, lines 5-17, with emphasis added.) Thus, the first independent trusted system is a financial institution system. As per claim 8, Gabriele does not expressly disclose that the indication includes stored profile data. However, Gabriele discloses comparing data from one or more sensors to stored profile data (column 8, lines 12-15, emphasis added), “Authentication device 120 may include a computer system configured to store, maintain, and update customer identification information and/or update customer identification profiles.” Gabriele further discloses (column 16, lines 40-56, emphasis added), “In other words, merchant server 105 may compare the obtained images of the unknown customer 101 to images of known customers and determine the degree of matching. Further, merchant server 105 may compare other detected quantities, such as height, weight, body type, gait, heartbeat patterns, retina scan information, odor/scent, fingerprint scan information, audio recordings, and radio frequency information of devices associated with unknown customer 101 to corresponding known data of one or more customer identification profiles and based on the collective degree of overlap between all of these quantities, merchant server 105 may determine the confidence level that the unknown customer 101 is the same person as a known customer associated with a particular customer identification profile. In some embodiments, the determination may also be based on behavioral information that is included in the known customer identification profile.” Thus, there is stored profile data, to which obtained data is compared, and a second authorization parameter (such as behavioral information in addition to biometric information) can be used. As per claim 9, Gabriele discloses first and second authentication parameters that can include at least fingerprint scan information (column 16, line 46) and behavioral information/indications (column 16, lines 54-56). See the 35 U.S.C. 103 rejection of claim 4, above, where the relevant section of Gabriele is quoted, and the phrases “fingerprint scan information” and “behavioral information” are bolded. As per claim 10, Gabriele discloses (column 20, lines 5-17, emphasis added), “In block 510, the system may detect, by one or more sensors (e.g., merchant sensors 103), customer biometric data associated with an unknown customer 101 present at a merchant location. In block 520, the system may transmit the detected customer biometric data to a financial server provider server, such as for example, transaction server 114. In block 530, the system (e.g., merchant server 105) may receive authentication that the unknown customer is a known customer from the financial service provider server (e.g., authorization device 120. In block 540, the system may receive payment credentials of one or more financial accounts associated with the known customer from the financial service provider server.” (Column 20, lines 5-17, with emphasis added.) Thus, there is an indication of an unknown customer being identified as a known customer/authenticated entity/particular entity. Also, Gabriele discloses a customer’s location at physical premises (column 15, lines 5-12, emphasis added), “According to some embodiments, merchant sensors 103 may continuously or intermittently obtain biometric data from unknown customer 101 as unknown customer 101 moves about the merchant location. Merchant sensors 103 may track unknown customer’s 101 movements and gather data that may be used to determine unknown customer 101 position with the merchant location.” (column 15, lines 5-12). Hence, the particular entity is identified as being at the physical premises. As per claim 11, Gabriele discloses (column 3, lines 13-17, emphasis added), “The system may determine, based on a known customer identification profile associated with a known customer and the detected customer biometric data, a confidence level that the unknown customer is the same individual as the known customer.” Gabriele further discloses (column 3, lines 19-29, emphasis added) “The system may authenticate the unknown customer as the known customer when the confidence level exceeds a predetermined threshold. In response to authenticating the unknown customer as the known customer, the system may transmit the authentication information associated with the known customer to a financial service provider server. The system may receive, from the financial service provider server, payment credentials of one or more accounts associated with the known customer and authorization to utilize the one or more accounts to perform a financial transaction.” Gabriele then discloses (column 16, lines 40-56, emphasis added), “In other words, merchant server 105 may compare the obtained images of the unknown customer 101 to images of known customers and determine the degree of matching. Further, merchant server 105 may compare other detected quantities … In some embodiments, the determination may also be based on behavioral information that is included in the known customer identification profile.” Gabriele also discloses that the system may determine a confidence level that the unknown customer is the same as the known customer based on “the detected customer device information” (column 15, lines 49-54). Thus, behavioral or other information, such as customer device information, may be second authentication information. Gabriele further discloses (column 20, lines 5-17, emphasis added), “In block 510, the system may detect, by one or more sensors (e.g., merchant sensors 103), customer biometric data associated with an unknown customer 101 present at a merchant location. In block 520, the system may transmit the detected customer biometric data to a financial server provider server, such as for example, transaction server 114. In block 530, the system (e.g., merchant server 105) may receive authentication that the unknown customer is a known customer from the financial service provider server (e.g., authorization device 120. In block 540, the system may receive payment credentials of one or more financial accounts associated with the known customer from the financial service provider server.” Yet further, Gabriele discloses (column 21, lines 4-8, emphasis added), “Accordingly, in some embodiments, the system may determine a confidence level based only on detected customer biometric data, based only on detected customer device information, or based on a combination of both.” Kohli teaches (paragraph 36, emphasis added), The biometric authentication service system computer then receives 518 an authentication message from each of the at least two biometric authentication system computer systems, and determines 520 whether each of the authentication messages from the at least two biometric authentication system computer systems indicates positive authentication of the user. If so, then the biometric authentication service system computer transmits 522 a positive user authentication response to the entity computer. If in step 520 a determination is made that one or more of the authentication messages indicates a mismatch between the user biometric feature data portion captured during the transaction and stored data, then the biometric authentication service computer transmits a negative user authentication message to the entity involved in the transaction. Depending on the type of transaction, the biometric authentication service system computer may receive the user authentication request from a merchant device, a merchant acquirer financial institution (FI) computer, or other entity computer or server and the like.” See also Figure 5, especially 514 and 520. Hence, it would have been obvious to one of ordinary skill in the art of electronic commerce on the date of inventors’ earliest priority to configure the processor to determine that a particular entity may be at the physical premises based on the second authentication parameter; and in response to determining that a particular entity may be at the physical premises, send, to the first independent trusted system, a request for the indication that authentication has been performed by the first system, for the obvious advantage of seeking and receiving confirmation (or disconfirmation) that the particular entity really is at the physical premises, based on further information, such as customer biometric data. As per claim 21, Gabriele does not expressly disclose that detecting, based on the output of at least one of the one or more sensors, the entity at the physical premises includes using image recognition, wherein the image recognition includes facial recognition. However, Kohli teaches (paragraph 17, emphasis added), “The digital camera may be utilized, for example, in some circumstances, to capture a photograph of one or more portions of the user’s face during a transaction, and the facial feature data transmitted by the user mobile device 102 to the biometric authentication service system computer 104 for biometric authentication system processing via a facial recognition process in accordance with the methods described herein.” Kohli teaches (paragraph 28, emphasis added), “For example, fingerprint data, photographic data representing the user’s face to permit facial recognition processing, and global positioning service (GPS) data may be required in accordance with a merchant’s business rules to securely authenticate the user before a purchase transaction is presented for purchase transaction authentication system processing.” Kohli does not expressly teach image recognition, but facial recognition by computer systems inherently involves image recognition. Hence, it would have been obvious to one of ordinary skill in the art of electronic commerce on the date of inventors’ earliest priority for the detecting the entity at the physical premises to include using image recognition, wherein the image recognition includes facial recognition, for at least the obvious advantage, as in Kohli, of using a person’s face as at least one of the factors in authenticating him (or not authenticating him), as a particular person whose biometric data is stored and of record. As per claim 14, this is a method claim parallel to claim 1, although broader in that it does not expressly recite the communication module, processor, and memory recited in system claim 1. Also, claim 14 uses “receiving” where claim 1 recites “obtaining”, but the disclosures of Gabriele regarding receiving or obtaining (column 20, lines 5-17) and also the disclosure of Kohli regarding receiving or obtaining (column 36), quoted above with regard to claim 1, disclose or teach receiving an indication, not merely obtaining it by some means that does not constitute receiving. Therefore, claim 14 is obvious on the same grounds set forth above with regard to claim 1. As per claim 15, this is a method claim parallel to claim 2, and therefore obvious on the same grounds set forth above with regard to claim 2. As per claim 16, this is a method claim parallel to claim 3, and therefore obvious on the same grounds set forth above with regard to claim 3. As per claim 17, this is a method claim parallel to claim 4, and therefore obvious on the same grounds set forth above with regard to claim 4. As per claim 18, this is a method claim parallel to claim 5, and therefore obvious on the same grounds set forth above with regard to claim 5. As per claim 19, this is a method claim parallel to claim 6, and therefore obvious on the same grounds set forth above with regard to claim 6. Claim 12 is rejected under 35 U.S.C. 103 as being unpatentable over Gabriele et al. (U.S. Patent 10,373,165) and Kohli (U.S. Patent Application Publication 2017/0243225) as applied to claim 1 above, and further in view of Isozu et al. (U.S. Patent Application Publication 2012/0149295). Gabriele does not disclose that the indication that authentication has been performed by the first system is formatted to uniquely identify the first system as a source of the indication. However, Isozu teaches messages with a format including a transmission source address field (paragraph 87, emphasis added), “As shown in FIG. 9, this format includes a message type field, a device type field, a transmission source address field, a transmission destination address field, a parent address field, a date/time field, ID fields, and a message field.” See also Figure 9. Hence, it would have been obvious to one of ordinary skill in the art of electronic commerce on the date of inventors’ earliest priority for the indication that authentication has been performed by the first system to uniquely identify the first system as a source of the authentication, for such obvious advantages as avoiding an erroneous determination that the detected entity is an authenticated entity based on, for example, two or more indications from the system that is not the first system, but no actual indication from the first system, or an erroneous failure to determine that the detected entity is an authenticated entity based on indications from both the first system and the system that is not the first system, when it is not realized that the indication from the first system did actually come the indication from the first system. Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over Gabriele et al. (U.S. Patent 10,373,165), Kohli (U.S. Patent Application Publication 2017/0243225), and Isozu et al. (U.S. Patent Application Publication 2012/0149295) as applied to claim 12 above, and further in view of King et al. (U.S. Patent Application Publication 2003/0028494). King discloses (paragraph 2, emphasis added), “The terms ‘private key’ and ‘public key’ are well known terms of art and are used for asymmetric cryptography in which one key is used for encryption and the other for decryption, namely the private key, is kept by the user and never revealed or transferred. Asymmetric cryptography is considered to provide a higher level of security than symmetric cryptography for which a shared key is used for both encryption and decryption (the sharing aspect introduces an element of insecurity).” Hence, it would have been obvious to one of ordinary skill in the art of electronic commerce on the date of inventors’ earliest priority for the indication to be formatted to uniquely identify the first system using a private key associated with the first system and for the instructions to further configure the processor to: decrypt the indication that that authentication has been performed by the first system with a public associated with the private key, for at least the stated advantage of a higher level of security, posing an obstacle to false indications purporting to be from the first system by an entity attempting to commit fraud. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Isozu et al. (U.S. Patent 8,792,926) is the patent issued on the application published as U.S. Patent Application Publication 2012/0149295, and used in rejecting two claims under 35 U.S.C. 103. Duncan (U.S. Patent 9,143,506) discloses systems and methods for identifying biometric information as trusted and authenticating persons using trusted biometric information. Duncan (U.S. Patent Application Publication 2014/0230032) discloses systems and methods for identifying biometric information as trusted and authenticating persons using trusted biometric information. Ghosh et al. (U.S. Patent Application Publication 2015/0120547) discloses systems and methods for tokenless authentication of consumers during payment transactions. Any inquiry concerning this communication or earlier communications from the examiner should be directed to NICHOLAS D ROSEN, whose telephone number is (571)272-6762. The examiner can normally be reached 9:00 AM-5:30 PM, M-F. Non-official/draft communications may be faxed to the examiner at 571-273-6762, or emailed to Nicholas.Rosen@uspto.gov (in the body of an email, please, not as an attachment). Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Marissa Thein, can be reached at 571-272-6764. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /NICHOLAS D ROSEN/ Primary Examiner, Art Unit 3689 June 22, 2026
Read full office action

Prosecution Timeline

Sep 20, 2024
Application Filed
Jun 25, 2026
Non-Final Rejection mailed — §101, §103, §112 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12583148
ARTIFICIAL NAIL MEASUREMENT SYSTEM AND METHOD
4y 11m to grant Granted Mar 24, 2026
Patent 12555074
CONSUMER PURCHASING AND INVENTORY CONTROL ASSISTANT APPARATUS, SYSTEM AND METHODS
1y 9m to grant Granted Feb 17, 2026
Patent 12548062
TRAINED MACHINE LEARNING MODELS FOR PREDICTING REPLACEMENT ITEMS USING EXPIRATION DATES
2y 11m to grant Granted Feb 10, 2026
Patent 12530714
LOCATION-BASED DATA TRACKING FOR DYNAMIC DATA PRESENTATION ON MOBILE DEVICES
2y 1m to grant Granted Jan 20, 2026
Patent 12518305
NON-FUNGIBLE TOKEN MANAGEMENT SYSTEMS AND METHODS FOR AN ENTERTAINMENT VENUE
2y 5m to grant Granted Jan 06, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
70%
Grant Probability
93%
With Interview (+22.1%)
3y 1m (~1y 3m remaining)
Median Time to Grant
Low
PTA Risk
Based on 678 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month