Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Notice to Applicant
This communication is in response to the amendment filed 6/6/2025. Claims 1, 9, and 17 have been amended. Claims 1, 3-9, 11-17, and 19-21 remain pending and have been examined.
Response to Arguments
A. Applicant's arguments with respect to the rejection of claims 1, 3-9, 11-17, and 19-21 under 35 USC 101 have been fully considered but they are not persuasive.
Applicant argues starting on page 8 of the response that the pending claims are not directed to an abstract idea under Step 2A Prong 1 of the Alice/Mayo analysis set out in the USPTO Guidelines. Applicant asserts that “[f]or example, claims 1, 3-9, 11-17, and 19-21 do not recite certain methods of organizing human activity, as the Examiner asserts.” Examiner respectfully disagrees.
As set out in Step 2A Prong 1 of the analysis below, Examiner maintains that the claims recite limitations falling within the scope of a method of organizing human activity, including receiving a request for assets including access information associated with a user and including identity-related information and feature customization information for a health intervention application, validating that the access information is valid, generating configuration information identifying a set of assets with which the health intervention application is to be provisioned based at least in part on the feature customization information, and transmitting the configuration information to configure the health intervention application with the identified set of assets.
Examiner notes that Applicant does not provide additional arguments or explanation supporting the argument that the claims do not recite certain methods of organizing human activity.
Applicant further argues on page 9 that the claims are patent-eligible under Step 2A Prong 2 on the basis that the claims are directed to an improvement in technology. Examiner respectfully disagrees.
As set out below in the analysis under Step 2A Prong 2, the additional elements within the claims, including the remote server, computing device, account management service, and processor, each only amount to mere instructions to implement functions within the abstract idea using computing elements as tools. Applicant does not provide further arguments or support for the assertion that the claims are directed to an improvement in technology.
Applicant lastly argues that the claims recite an inventive concept that amounts to significantly more than an abstract idea under Step 2B. Examiner respectfully disagrees. As noted above, the additional elements within the claims, including the remote server, computing device, account management service, and processor, each only amount to mere instructions to implement functions within the abstract idea using computing elements as tools. A broad assertion that the claims are directed to an inventive concept is not sufficient to establish that the claims amount to significantly more than an abstract idea under Step 2B.
The rejection under 35 USC 101 is maintained.
B. Applicant’s arguments, with respect to the rejection of claims 1, 3-9, 11-17, and 19-21 under 35 USC 103 have been fully considered but they are not persuasive in part and moot in part as set out below.
Examiner initially notes that Applicant’s arguments with respect to the token being an encrypted token are moot, as none of the previously cited references are relied upon to teach this limitation.
Applicant argues starting on page 10 of the response that Jain in view of Chan and Young does not disclose “receiving, from the health intervention application, a request for assets provided by the remote server, the request including access information associated with a user of the computing device, the access information comprising an encrypted token, wherein the encrypted token includes identity-related information and feature customization information for the health intervention application and being issued by an account management service for the health intervention application, and the feature customization information comprises location information associated with a geographical location of the user of the computing device” as recited in claim 1.
Applicant particularly asserts that “nowhere does Jain describe that a user would submit an encrypted token that includes feature customization information, as required by amended claim 1.” However, Jain is not relied upon to teach a user submitting an encrypted token, and Examiner respectfully disagrees that Jain does not disclose receiving, from the health intervention application, a request for assets provided by the remote server, the request including access information associated with a user of the computing device, the access information including identity-related information and feature customization information for the health intervention application and being issued by an account management service for the health intervention application. For example, Figure 5C and paragraphs 57 and 102-107 of Jain describe receiving a request for modules, where the request includes information including a name or code associated with the user, i.e. access information associated with a user. Paragraphs 102, 106, and 107 further describe the information including identifying information such as the user’s name or a code associated with an organization, i.e. identity-related information, as well as the information being used to determine which modules or sets of customization information may be provided to the user.
Applicant further argues starting on page 11 that modifying the system of Jain to require a user to submit an encrypted token that includes feature customization information would fundamentally change the principle of operation of Jain. Applicant asserts that “instead of storing customized software module configurations in a repository 134 on the server side (i.e., the publishing system 130), the proposed modification would require such configurations to be stored in an encrypted token that is submitted by the user on the client side (e.g., via mobile device 150)” and that “Jain intentionally implements a system architecture in which an administrator is able to define module customization information via an administrator portal 134 on the server side (i.e., publishing system 130), where the module customization information is then stored in a repository 134 on the server side.” However, Examiner respectfully disagrees with Applicant’s assertion that modifying Jain to transmit access information comprising an encrypted token would require the system of Jain to store the disclosed software modules on the client side.
The specific language of claim 1 recites “receiving, from the health intervention application, a request for assets provided by the remote server, the request including access information associated with a user of the computing device, the access information comprising an encrypted token, wherein the encrypted token includes identity-related information and feature customization information for the health intervention application and being issued by an account management service for the health intervention application” (emphasis added). Jain teaches each of the above limitations other than the access information comprising an encrypted token. Examiner notes that, counter to Applicant’s assertions, claim 1 does not recite the encrypted token including the configuration information itself. Examiner also notes that paragraph 63 of Applicant’s specification describes the feature customization as including “information that can be used to uniquely identify a user and aid in identifying an application configuration 108 that is appropriate for the user.” Merely representing the access information taught by Jain in the form of an encrypted token would not require the substantial reconstruction and redesign argued by Applicant.
The rejection under 35 UCS 103 is maintained.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1, 3-9, 11-17, and 19-21 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more. Claims 1, 3-8, and 21 are drawn to a method, claims 9 and 11-16 are drawn to a computing system, and claims 17, 19, and 20 are drawn to a non-transitory computer readable medium, each of which is within the four statutory categories.
Step 2A(1)
Claim 1 recites, in part, performing the steps of
receiving a request for assets, the request including access information associated with a user, the access information including identity-related information and feature customization information for a health intervention application, and the feature customization information comprises location information associated with a geographical location of the user;
validating that the access information is valid;
responsive to validating that the access information is valid, generating configuration information identifying a set of assets with which the health intervention application is to be provisioned based, at least in part, on the feature customization information included in the access information; and
transmitting the configuration information to configure the health intervention application with the identified set of assets.
These steps amount to a form of managing personal behavior and therefore fall within the scope of a method of organizing human activity. Fundamentally the process is that of customizing and configuring an application based on information about the user by requesting and receiving elements used to configure the application. An individual could perform these steps as part of customizing an article of software.
Independent claims 9 and 17 recite similar limitations and also recite an abstract idea under the same analysis.
Step 2A(2)
This judicial exception is not integrated into a practical application because the additional elements within the claims only amount to:
A. Instructions to Implement the Judicial Exception. MPEP 2106.05(f)
Claim 1 recites additional elements of a) using the health intervention application to perform the functions of providing the request and receiving the configuration information, b) a remote server recited as providing the assets, c) a computing device recited as executing the health intervention application, d) an encrypted token recited as including the identity related information and feature customization information, and e) an account management service recited as issuing the feature customization information.
Claim 9 recites additional elements of a) a memory comprising executable instructions and a processor configured to execute the instructions to cause the computing system to perform the subsequent functions including providing the assets, b) using the health intervention application to perform the functions of providing the request and receiving the configuration information, c) a computing device recited as executing the healthcare intervention application, d) an encrypted token recited as including the identity related information and feature customization information, and e) an account management service recited as issuing the feature customization information.
Claim 17 recites additional elements of a) a non-transitory computer readable medium storing instructions, b) a computing system recited as executing the stored instructions and providing the assets, c) using the health intervention application to perform the functions of providing the request and receiving the configuration information, d) a computing device recited as executing the health intervention application, e) an encrypted token recited as including the identity related information and feature customization information, and f) an account management service recited as issuing the feature customization information.
Paragraphs 35 and 48 describe the health intervention application as software running on a patient’s device such as may be delivered via an app store and which provide information to patients such as diabetes guidance. The health intervention application is therefore given its broadest reasonable construction as software executing on a computing device.
Figure 2 and paragraphs 43, 68, 84, and 93 describe a computing system including a config data store, global configuration service (GCS), and authentication service, while paragraphs 124-128 describe an example system as including a CPU, memory devices such as RAM, and I/O devices. Examiner notes that the disclosure does not expressly describe any specific elements as corresponding to the recited account management service. The computing system, memory, non-transitory computer readable medium, processor, remote server, and account management service are therefore construed as encompassing generic computing elements.
Paragraphs 67, 90, 92, and 106 describe the token broadly in terms of its recited function of containing feature customization information and authentication information. Paragraphs 68, 92, and 95 describe access information, such as an access token, being encrypted using a cryptographic key. However, no further disclosure is provided of the encryption itself. Given that the token itself is only recited as containing information, the token is construed as encompassing generic computing elements. The encryption is likewise construed as encompassing generic forms of encryption.
Figure 1B and paragraphs 35, 76, and 83 describe a mobile device including a smart phone, wearable device, tablet, or other computing device as executing the application. The computing device is therefore given its broadest reasonable construction as a generic computing device.
Each of the above elements therefore amounts to mere instructions to implement the abstract idea using computing elements as tools. For example, the computing system, processor, and memory are only recited at a high level of generality as storing and executing instructions to implement the various data processing functions within the abstract idea, while the health intervention application is likewise only recited at a high level of generality as issuing the request for assets and receiving the configuration information. Similarly, the encrypted token is only recited at a high level of generality as included in the access information and as itself including the feature customization information and authentication information. These elements are not sufficient to integrate the abstract idea into a practical application.
The above claims, as a whole, are therefore directed to an abstract idea.
Step 2B
The present claims do not include additional elements that are sufficient to amount to more than the abstract idea because the additional elements or combination of elements amount to no more than a recitation of:
A. Instructions to Implement the Judicial Exception. MPEP 2106.05(f)
As explained above, claims 1, 9, and 17 only recite the health intervention application, remote server, computing device, account management service, memory, non-transitory computer readable medium, processor, encrypted token, and computing system as tools for performing the steps of the abstract idea, and mere instructions to perform the abstract idea using a computer is not sufficient to amount to significantly more than the abstract idea. MPEP 2106.05(f)
Thus, taken alone, the additional elements do not amount to significantly more than the above-identified judicial exception. Looking at the limitations as an ordered combination adds nothing that is not already present when looking at the elements taken individually.
Depending Claims
Claims 3, 11, and 19 recite the additional elements of identifying, based on the feature customization information and from a plurality of uniform resource locators (URLs), a set of URLs to be used for configuring the health intervention application, wherein the configuration information includes the set of URLs. These limitations fall within the scope of the abstract idea as set out above. Examiner notes that the URLs are only recited as identified data, which are “to be used for” configuring the application, and are not recited as performing functions beyond being identified data.
Claims 4, 12, and 20 recite identifying, based on the feature customization information and from a plurality of application features, a set of application features to be activated for configuring the health intervention application, wherein the configuration information includes one or more flags associated with the set of application features set to a value indicating that the set of application features are activated. These limitations fall within the scope of the abstract idea as set out above.
Claims 5 and 13 recite wherein the feature customization information includes version information for the health intervention application. These limitations fall within the scope of the abstract idea as set out above.
Claims 5 and 13 additionally recite the computing device as executing the health intervention application.
Figure 1B and paragraphs 35, 76, and 83 describe a mobile device including a smart phone, wearable device, tablet, or other computing device as executing the application. The computing device is therefore given its broadest reasonable construction as a generic computing device.
Paragraphs 35 and 48 describe the health intervention application as software running on a patient’s device such as may be delivered via an app store and which provide information to patients such as diabetes guidance. The health intervention application is therefore given its broadest reasonable construction as software executing on a computing device.
The recited computing device and health intervention application only amount to mere instructions to implement the abstract idea using computing elements as tools. The computing device only recited at a high level of generality as executing the health intervention application. These elements are therefore not sufficient to integrate the abstract idea into a practical application or to amount to significantly more than the abstract idea.
Claims 6 and 14 recite wherein the feature customization information includes operating environment information for the computing device and glucose monitoring devices connected with the computing device. These limitations fall within the scope of the abstract idea as set out above. Examiner notes that the computing device and glucose monitoring devices are included above as part of the abstract idea because they are only recited as part of describing the type of information contained within the feature customization information.
Claims 7 and 15 recite the additional elements of the identity-related information comprising token authentication information.
Paragraphs 67, 90, 92, and 106 describe the token broadly in terms of its recited function of containing feature customization information and authentication information. The token is therefore construed as encompassing generic computing software elements.
The recited token only amounts to mere instructions to implement the abstract idea using computing elements as tools. The token is only recited at a high level of generality as including the feature customization information and identity-related information comprising token authentication information, and the use of a token to represent such information is not sufficient to integrate the abstract idea into a practical application or to amount to significantly more than the abstract idea.
Claims 8 and 16 recite wherein the configuration information comprises a mapping of application parameters associated with application features to values corresponding to specific application feature settings. These limitations fall within the scope of the abstract idea as set out above.
Claim 21 recites wherein generating the configuration information comprises including at least one asset with which the health intervention application is to be provisioned based on the geographical location of the user, and excluding at least one asset with which the health intervention application is not to be provisioned based on the geographical location of the user. These limitations fall within the scope of the abstract idea as set out above.
Claims 1, 3-9, 11-17, and 19-21 are therefore rejected under 35 U.S.C. 101 as being directed to non-statutory subject matter.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claims 1, 3, 5-9, 11, 13-17, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Jain et al (US Patent Application Publication 2020/0241860) in view of Chan et al (US Patent Application Publication 2022/0255944), Indu et al, Encrypted token based authentication with adapted SAML technology for cloud web services (hereinafter Indu), and Young et al (US Patent Application Publication 2009/0150831).
With respect to claim 1, Jain discloses the claimed method for configuring a health intervention application executing on a computing device via a remote server, comprising:
receiving, from the health intervention application, a request for assets provided by the remote server, the request including access information associated with a user of the computing device (Figure 5C, [57], [102]-[107] describe receiving a request for modules, including provision of information including a name or code associated with the user), the access information including identity-related information and feature customization information for the health intervention application and being issued by an account management service for the health intervention application ([102], [106], and [107] describe the information including a identifying information such as the user’s name or a code associated with an organization, i.e. identity-related information, as well as the information being used to determine which modules or sets of customization information may be provided to the user. Examiner notes that “identity-related information” is given its broadest reasonable construction as encompassing any information related to the identity of an individual, entity, or item);
validating that the access information is valid ([106] describes verifying a user’s authorization to obtain a module);
responsive to validating that the access information is valid ([57], [106], and [107] describe the system determining whether the user has access to particular modules), generating configuration information identifying a set of assets with which the health intervention application is to be provisioned based, at least in part, on the feature customization information included in the access information (Figure 6B, [62], [65], [72], [79]-[81], and [106]-[107] describe generating a set of modules based on the provided permissions and attributes of the user, where modules identify digital assets and configuration data which change the functionality of the application); and
transmitting the configuration information to the health intervention application to configure the health intervention application with the identified set of assets (Figure 2A elements 130, 136, and 150, [43], [65], [80], [81], [104], [120], and [126] describe downloading the module and assets which customize the functions available via the application);
but does not expressly disclose:
wherein the access information comprises an encrypted token including the feature customization information and the identity-related information, and
the feature customization information comprises location information associated with a geographical location of the user of the computing device.
However, Chan teaches that it was old and well known in the art of application customization before the effective filing date of the claimed invention to include access information in the form of an access token including feature customization information and identity-related information comprising token authentication information (Figure 2, Figure 4 element 308, [10], [12], [23], [24], and [36]-[38] describe a system receiving an access token including feature customization information used to determine a requested feature, as well as identification information authenticating the token and request).
Therefore it would have been obvious to one of ordinary skill in the art of application customization before the effective filing date of the claimed invention to modify the system of Jain to include access information in the form of a token including feature customization information and the identity-related information, the identity-related information comprising token authentication information as taught by Chan since the claimed invention is only a combination of these old and well known elements which would have performed the same function in combination as each did separately. In the present case Jain already discloses the access information, identity-related information, and feature customization information, and having the access information comprise a token including the feature customization information and identity-related information comprising token authentication information as taught by Chan would perform that same function in Jain, making the results predictable to one of ordinary skill in the art (MPEP 2143).
While Chan teaches access information in the form of an access token it does not expressly disclose the token being encrypted. However, Indu teaches that it was old and well known in the art of network authentication before the effective filing date of the claimed invention to encrypt access tokens (Abstract, Figure 6, Table 3, §1, §3.5, §3.7, and §3.8 describe a resource access authentication system which uses encrypted access tokens).
Therefore it would have been obvious to one of ordinary skill in the art of application customization before the effective filing date of the claimed invention to modify the combination of Jain and Chan to encrypt access tokens as taught by Indu since the claimed invention is only a combination of these old and well known elements which would have performed the same function in combination as each did separately. In the present case the combination of Jain and Chan already teaches access information in the form of an access token, and using an encrypted access token as taught by Indu would perform that same function in the combination of Jain and Chan, making the results predictable to one of ordinary skill in the art (MPEP 2143).
Young lastly teaches that it was old and well known in the art of application customization before the effective filing date of the claimed invention to include a geographic location of a user of a computing device as part of customization information (Figures 3 and 7, [7], [63], [67], and [68] describe customizing the features of a medical application based in part on a specific geographic location).
Therefore it would have been obvious to one of ordinary skill in the art of application customization before the effective filing date of the claimed invention to modify the combination of Jain, Chan, and Indu to include a geographic location of the user of the computing device as part of the customization information as taught by Young in order to provide features and functions tailored to the needs of particular geographic regions ([6] and [68] describe users in different geographic regions having different preferences for features as well as particular features being either important or not important based on the region).
It would have been further obvious to one of ordinary skill in the art of application customization before the effective filing date of the claimed invention to modify the combination of Jain, Chan, and Indu to include a geographic location of the user of the computing device as part of the customization information as taught by Young since the claimed invention is only a combination of these old and well known elements which would have performed the same function in combination as each did separately. In the present case the combination of Jain, Chan, and Indu already teaches the customization information, and having that customization information include location information associated with a geographic location of the user as taught by Young would perform that same function in Jain, Chan, and Indu, making the results predictable to one of ordinary skill in the art (MPEP 2143).
With respect to claim 3, Jain/Chan/Indu/Young teach the method of claim 1. Jain does not expressly disclose wherein the generating comprises: based on the feature customization information, identifying, from a plurality of uniform resource locators (URLs), a set of URLs to be used for configuring the health intervention application, wherein the configuration information includes the set of URLs.
However, Chan teaches that it was old and well known in the art of application customization before the effective filing date of the claimed invention to identify, based on feature customization information, a set of URLs to be used for configuring an application, wherein configuration information includes the set of URLs ([12], [23], [24], [33], and [36]-[38] describe using an identifier to determine URLs where a device can access a software application or application extension).
Therefore it would have been further obvious to one of ordinary skill in the art of application customization before the effective filing date of the claimed invention to modify the combination of Jain, Chan, Indu, and Young to include identifying, based on feature customization information, a set of URLs to be used for configuring an application, wherein configuration information includes the set of URLs as taught by Chan since the claimed invention is only a combination of these old and well known elements which would have performed the same function in combination as each did separately. In the present case the combination of Jain, Chan, Indu, and Young already discloses determining the location of assets for downloading based on feature customization information, and including a set of URLs as taught by Chan would perform that same function in Jain, Chan, Indu, and Young , making the results predictable to one of ordinary skill in the art (MPEP 2143).
With respect to claim 5, Jain/Chan/Indu/Young teach the method of claim 1. Jain does not expressly disclose wherein the feature customization information includes version information for the health intervention application executing on the computing device.
However, Young teaches that it was old and well known in the art of application customization before the effective filing date of the claimed invention to include version information for a health intervention application as part of customization information ([7], [80], and [90] describe customizing the features of a medical application based in part on a version of the software).
Therefore it would have been further obvious to one of ordinary skill in the art of application customization before the effective filing date of the claimed invention to modify the combination of Jain, Chan, Indu, and Young to include version information for a health intervention application as part of the customization information as taught by Young since the claimed invention is only a combination of these old and well known elements which would have performed the same function in combination as each did separately. In the present case the combination of Jain, Chan, Indu, and Young already teaches both a health intervention application executing on a computing device and feature customization information, and including version information for the health intervention application as part of the customization information as taught by Young would perform that same function in the combination of Jain, Chan, Indu, and Young , making the results predictable to one of ordinary skill in the art (MPEP 2143).
With respect to claim 6, Jain/Chan/Indu/Young teach the method of claim 1. Jain does not expressly disclose wherein the feature customization information includes operating environment information for the computing device and glucose monitoring devices connected with the computing device.
However, Young teaches that it was old and well known in the art of application customization before the effective filing date of the claimed invention to include operating environment information for the computing device and glucose monitoring devices connected with the computing device as part of customization information ([7], [53], [56], [59], and [67] describe customizing the software feature sets, including different hardware connectivity software for external devices such as glucose meters; Figure 6 and [83] describe the customization information including the particular type of device the software is running on).
Therefore it would have been further obvious to one of ordinary skill in the art of application customization before the effective filing date of the claimed invention to modify the combination of Jain, Chan, Indu, and Young to include operating environment information for the computing device and glucose monitoring devices connected with the computing device as part of the customization information as taught by Young since the claimed invention is only a combination of these old and well known elements which would have performed the same function in combination as each did separately. In the present case the combination of Jain, Chan, Indu, and Young already teaches both a health intervention application executing on a computing device and feature customization information, and including operating environment information for the computing device and glucose monitoring devices connected with the computing device as part of the customization information as taught by Young would perform that same function in Jain, Chan, Indu, and Young , making the results predictable to one of ordinary skill in the art (MPEP 2143).
With respect to claim 7, Jain/Chan/Indu/Young teach the method of claim 1. Jain does not expressly disclose wherein the identity-related information comprises token authentication information.
However, Chan teaches that it was old and well known in the art of application customization before the effective filing date of the claimed invention to include identity-related information comprising token authentication information (Figure 2, Figure 4 element 308, [10], [12], [23], [24], and [36]-[38] describe a system receiving an access token including feature customization information used to determine a requested feature, as well as identification information authenticating the token and request).
Therefore it would have been further obvious to one of ordinary skill in the art of application customization before the effective filing date of the claimed invention to modify the combination of Jain, Chan, Indu, and Young to include the identity-related information comprising token authentication information as taught by Chan since the claimed invention is only a combination of these old and well known elements which would have performed the same function in combination as each did separately. In the present case the combination of Jain, Chan, Indu, and Young already teaches a token including identity-related information, and having the identity-related information comprise token authentication information as taught by Chan would perform that same function in Jain, Chan, Indu, and Young , making the results predictable to one of ordinary skill in the art (MPEP 2143).
With respect to claim 8, Jain/Chan/Indu/Young teach the method of claim 1. Jain further discloses:
wherein the configuration information comprises a mapping of application parameters associated with application features to values corresponding to specific application feature settings ([15], [43], [65], [72], [75], [81], and [120] describe the modules specifying particular content and elements that modify features, interfaces, and interactions associated with the application. Examiner notes paragraph 43 of the specification describing application feature settings as specifying user interface appearance options).
With respect to claim 9, Jain discloses the claimed computing system, comprising:
at least one memory comprising executable instructions ([22], [128], [129], [133], and [135] describe computing devices and memory storing instructions); and
at least one processor in data communication with the at least one memory and configured to execute the instructions ([128], [129], and [135] describe processors executing the instructions) to cause the computing system to:
receive, from a health intervention application executing on a computing device, a request for assets provided by the computing system, the request including access information associated with a user of the computing device (Figure 5C, [57], [102]-[107] describe receiving a request for modules, including provision of information including a name or code associated with the user), the access information including identity-related information and feature customization information for the health intervention application and being issued by an account management service for the health intervention application ([102], [106], and [107] describe the information including a identifying information such as the user’s name or a code associated with an organization, i.e. identity-related information, as well as the information being used to determine which modules or sets of customization information may be provided to the user. Examiner notes that “identity-related information” is given its broadest reasonable construction as encompassing any information related to the identity of an individual, entity, or item);
validate that the access information is valid ([106] describes verifying a user’s authorization to obtain a module);
responsive to validating that the access information is valid ([57], [106], and [107] describe the system determining whether the user has access to particular modules), generate configuration information identifying a set of assets with which the health intervention application is to be provisioned based, at least in part, on the feature customization information included in the access information (Figure 6B, [62], [65], [72], [79]-[81], and [106]-[107] describe generating a set of modules based on the provided permissions and attributes of the user, where modules identify digital assets and configuration data which change the functionality of the application); and
transmit the configuration information to the health intervention application to configure the health intervention application with the identified set of assets (Figure 2A elements 130, 136, and 150, [43], [65], [80], [81], [104], [120], and [126] describe downloading the module and assets which customize the functions available via the application);
but does not expressly disclose:
wherein the access information comprises an encrypted token including the feature customization information and the identity-related information, and
the feature customization information comprising location information associated with a geographical location of the user of the computing device.
However, Chan teaches that it was old and well known in the art of application customization before the effective filing date of the claimed invention to include access information in the form of a token including feature customization information and identity-related information comprising token authentication information (Figure 2, Figure 4 element 308, [10], [12], [23], [24], and [36]-[38] describe a system receiving an access token including feature customization information used to determine a requested feature, as well as identification information authenticating the token and request).
Therefore it would have been obvious to one of ordinary skill in the art of application customization before the effective filing date of the claimed invention to modify the system of Jain to include access information in the form of a token including feature customization information and the identity-related information, the identity-related information comprising token authentication information as taught by Chan since the claimed invention is only a combination of these old and well known elements which would have performed the same function in combination as each did separately. In the present case Jain already discloses the access information, identity-related information, and feature customization information, and having the access information comprise a token including the feature customization information and identity-related information comprising token authentication information as taught by Chan would perform that same function in Jain, making the results predictable to one of ordinary skill in the art (MPEP 2143).
While Chan teaches access information in the form of an access token it does not expressly disclose the token being encrypted. However, Indu teaches that it was old and well known in the art of network authentication before the effective filing date of the claimed invention to encrypt access tokens (Abstract, Figure 6, Table 3, §1, §3.5, §3.7, and §3.8 describe a resource access authentication system which uses encrypted access tokens).
Therefore it would have been obvious to one of ordinary skill in the art of application customization before the effective filing date of the claimed invention to modify the combination of Jain and Chan to encrypt access tokens as taught by Indu since the claimed invention is only a combination of these old and well known elements which would have performed the same function in combination as each did separately. In the present case the combination of Jain and Chan already teaches access information in the form of an access token, and using an encrypted access token as taught by Indu would perform that same function in the combination of Jain and Chan, making the results predictable to one of ordinary skill in the art (MPEP 2143).
Young lastly teaches that it was old and well known in the art of application customization before the effective filing date of the claimed invention to include a geographic location of a user of a computing device as part of customization information (Figures 3 and 7, [7], [63], [67], and [68] describe customizing the features of a medical application based in part on a specific geographic location).
Therefore it would have been obvious to one of ordinary skill in the art of application customization before the effective filing date of the claimed invention to modify the combination of Jain, Chan, and Indu to include a geographic location of the user of the computing device as part of the customization information as taught by Young in order to provide features and functions tailored to the needs of particular geographic regions ([6] and [68] describe users in different geographic regions having different preferences for features as well as particular features being either important or not important based on the region).
It would have been further obvious to one of ordinary skill in the art of application customization before the effective filing date of the claimed invention to modify the combination of Jain, Chan, and Indu to include a geographic location of the user of the computing device as part of the customization information as taught by Young since the claimed invention is only a combination of these old and well known elements which would have performed the same function in combination as each did separately. In the present case the combination of Jain, Chan, and Indu already teaches the customization information, and having that customization information include location information associated with a geographic location of the user as taught by Young would perform that same function in Jain, Chan, and Indu, making the results predictable to one of ordinary skill in the art (MPEP 2143).
Claim 11 recites limitations similar to those recited in claim 3, and is rejected on the same grounds set out above with respect to claim 3.
Claim 13 recites limitations similar to those recited in claim 5, and is rejected on the same grounds set out above with respect to claim 5.
Claim 14 recites limitations similar to those recited in claim 6, and is rejected on the same grounds set out above with respect to claim 6.
Claim 15 recites limitations similar to those recited in claim 7, and is rejected on the same grounds set out above with respect to claim 7.
Claim 16 recites limitations similar to those recited in claim 8, and is rejected on the same grounds set out above with respect to claim 8.
With respect to claim 17, Jain discloses the claimed non-transitory computer readable medium having instructions stored thereon that, when executed by a computing system ([22], [128], [129], [133], and [135] describe computing devices and memory storing executable instructions), cause the computing system to perform a method comprising:
receiving, from a health intervention application executing on a computing device, a request for assets provided by the computing system, the request including access information associated with a user of the computing device (Figure 5C, [57], [102]-[107] describe receiving a request for modules, including provision of information including a name or code associated with the user), the access information including identity-related information and feature customization information for the health intervention application and being issued by an account management service for the health intervention application ([102], [106], and [107] describe the information including a identifying information such as the user’s name or a code associated with an organization, i.e. identity-related information, as well as the information being used to determine which modules or sets of customization information may be provided to the user. Examiner notes that “identity-related information” is given its broadest reasonable construction as encompassing any information related to the identity of an individual, entity, or item);
validating that the access information is valid ([106] describes verifying a user’s authorization to obtain a module);
responsive to validating that the access information is valid ([57], [106], and [107] describe the system determining whether the user has access to particular modules), generating configuration information identifying a set of assets with which the health intervention application is to be provisioned based, at least in part, on the feature customization information included in the access information (Figure 6B, [62], [65], [72], [79]-[81], and [106]-[107] describe generating a set of modules based on the provided permissions and attributes of the user, where modules identify digital assets and configuration data which change the functionality of the application); and
transmitting the configuration information to the health intervention application to configure the health intervention application with the identified set of assets (Figure 2A elements 130, 136, and 150, [43], [65], [80], [81], [104], [120], and [126] describe downloading the module and assets which customize the functions available via the application);
but does not expressly disclose:
wherein the access information comprises an encrypted token including the feature customization information and the identity-related information, and
the feature customization information comprising location information associated with a geographical location of the user of the computing device.
However, Chan teaches that it was old and well known in the art of application customization before the effective filing date of the claimed invention to include access information in the form of a token including feature customization information and identity-related information comprising token authentication information (Figure 2, Figure 4 element 308, [10], [12], [23], [24], and [36]-[38] describe a system receiving an access token including feature customization information used to determine a requested feature, a