Prosecution Insights
Last updated: July 17, 2026
Application No. 17/885,851

MULTI-LAYERED AUTHENTICATION AND PERMISSION METHODS, SYSTEMS AND APPARATUSES

Final Rejection §102§103
Filed
Aug 11, 2022
Priority
Jan 27, 2022 — provisional 63/303,763
Examiner
WORKU, SARON MATTHEWOS
Art Unit
2408
Tech Center
2400 — Computer Networks
Assignee
Infineon Technologies AG
OA Round
6 (Final)
65%
Grant Probability
Favorable
7-8
OA Rounds
0m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 65% — above average
65%
Career Allowance Rate
13 granted / 20 resolved
+7.0% vs TC avg
Strong +60% interview lift
Without
With
+60.0%
Interview Lift
resolved cases with interview
Typical timeline
2y 8m
Avg Prosecution
14 currently pending
Career history
51
Total Applications
across all art units

Statute-Specific Performance

§103
81.4%
+41.4% vs TC avg
§102
17.2%
-22.8% vs TC avg
§112
0.7%
-39.3% vs TC avg
Black line = Tech Center average estimate • Based on career data from 20 resolved cases

Office Action

§102 §103
Detailed Action This office action is in response to applicant’s submission filed on March 27, 2026. Claims 21-27 and 29-40 are pending and are rejected. There is no claim 28. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Amendment This communication is in response to the amendment filed on March 27, 2026. Claims 21-27 and 29-40 are pending and are rejected. There is no claim 28. Response to Arguments Applicant’s Arguments (Remarks) filed March 27, 2026 have been fully considered, but are not persuasive. Note that this action is made FINAL. See MPEP § 706.07(a). Applicant argues that the cited art does not disclose each and every limitation of the claims. Examiner respectfully disagrees. Applicant’s argument is not persuasive. For argument A, the rejection does not rely upon the underlying biometric feature itself as corresponding to the claimed certainty factors. Rather, Singh teaches generation of similarity or match scores from comparison of feature data and such scores correspond to a degree of confidence associated with authentication. Thus, Applicant improperly equates the underlying biometric information with confidence values derived from there. Further, the citation of multiple passages supporting the claimed certainty factor does not constitute inconsistent reasoning. For argument B, the rejection relies upon Sing’s disclosure associating authentication related information with a user account and storing such information in trusted memory. The rejection does not rely upon mere speculation, but upon the disclosed authentication information and the resulting confidence represented by the corresponding match or similarity scores discussed by Singh. The Applicant has not demonstrated that the cited reference fails to teach device authentication entries including the recited information. For argument C, Singh teaches determining authentication information indicating a match with a previously enrolled user and using that authentication result to permit access to functionality. Applicant has not identified any claim language requiring separate match operations for different access types and the rejection properly relies on Singh’s disclosed authentication determination and corresponding access control operations to satisfy the claimed comparison between the certainty score and certainty thresholds associated with different access types. For argument D, Singh discloses these limitations. For the above reasons, Examiner maintains that Singh and Buttolo teach each and every limitation as currently claimed. Claim Rejections - 35 USC § 102 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention. Claims 21, 23-27, 29-30, 32-35, and 37-40 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by WO 2020/256765 A1 to Singh et al. (hereinafter, “Singh”). Regarding claim 21, Singh discloses: A method, comprising: storing a plurality of authentication entries in a secure memory of a motor vehicle, the authentication entries including device authentication entries that each include an owner value that identifies one of a plurality of different users of the motor vehicle, a device identification (ID) value that is unique to a user device that is separate from the motor vehicle, and a certainty factor (“The example method further includes determining, by the mobile computing device and based on a comparison between the first feature data and second feature data associated with at least one image of a face of a previously enrolled user of the mobile computing device, a match between the user of the vehicle and the previously enrolled user, authenticating, by the mobile computing device and based on the match, the user of the vehicle and sending, by mobile computing device and to the vehicle computing system, authentication data for the user of the vehicle, wherein the authentication data is indicative of the match” [0003]; “In one pose-independent example, authentication module 426 selects image data of image data 330 based on the respective similarity scores for image data 330 to determine whether unknown user 150 is the known user 338. Authentication module 426 selects the single image data of image data 330 with the similarity score indicative of a closest match to the authentication image data. In some examples, authentication module 426 determines the respective similarity scores for image data 330 based on an angle between each vector representing a respective image data of image data 330 and the vector representing the authentication image data and determines that the score indicative of the closest match is the lowest similarity score (e.g., the smaller angle between two vectors the closer the vectors are to one another). In another example, authentication module 426 determines the respective similarity scores for image data 330 based on a cosine similarity between each vector representing a respective image data of image data 330 and the vector representing the authentication image data and determines that the score indicative of the closest match is the highest similarity score (e.g., the larger cosine value between two vectors the more the vectors are more similar)” [0120]; “The trusted mobile computing device may initially perform an enrollment process to capture data (e.g., facial feature data associated with a captured image) of a face of a known user in a variety of different poses. The trusted device may assign each group of data of the known user to a respective pose bucket of a group of pose buckets. The trusted device enrolls the data by associating data of the known user with a user account for the known user. The trusted device may subsequently receive authentication data (e.g., computed test data, such as computed facial feature information) of an unknown user who is situated inside of the vehicle, where an authentication image is captured using the in-vehicle camera of the vehicle, and where computed data (e.g., feature data) is obtained from the image and used by the trusted device. The trusted device may authenticate the unknown user by comparing the authentication feature data for the unknown user to enrolled feature data of the known user” [0002] [Examiner notes that these texts align with the claim language because it describes a process where multiple confidence measures are calculated and aggregated to determine the likelihood of correctly authenticating a user while also ensuring that each received user input value undergoes rigorous comparison, similarity assessment, and certainty factor assignment by using these measures to make a final authentication decision. Examiner also notes that “The trusted device enrolls the data by associating data of the known user with a user account of the known user” and “The trusted device may assign each group of data of the known user to a respective bucket of a group of pose buckets” account for the limitation of storing each user value as an authenticated user value with the corresponding certainty factor in the secure memory, especially because this step implies that the captured and organized data (user values/facial feature data associated with the captured image/biometric data) are stored in the trusted device’s memory by associating them with the user’s account. Also, for each data point (may be in a group), the system might also store a certainty factor since these indicate how reliable that data point is for authentication purposes (e.g., a frontal face image might have a higher certainty factor then a side profile image since frontal images are generally more reliable for facial recognition]); “When mobile computing device 170 and/or wearable device 107 is paired with IHU system 100, this device may be recognized as a trusted device with respect to IHU system 100, and is assigned a unique identifier by IHU system 100. This trusted device, and its corresponding unique identifier, are associated by IHU system 100 with user 150 of the vehicle, and any profile and/or account information for user 150” [0043] [Examiner adds this text to show that the data stored can also consist of the device identification value as it is used to later associate the device when paired again. Therefore, the data of the user is the owner value, the unique identifier assigned by IHU system is the device ID value, the similarity score or match score produced by comparing the facial feature vectors acts as a certainty factor, and the storage that the authentication modules accesses for authentication information corresponds to the claimed secure memory]), the device authentication entries not including biometric information; receiving, at the motor vehicle, a plurality of different user input values, each user input value including a received device ID value (“In such examples, an application module executing at a remote computing device may cause the remote computing device to send the content and intent information using any suitable form of data communication (e.g., wired or wireless network, short-range wireless communication such as Near Field Communication or BLUETOOTH, etc.)” [0043]; “When mobile computing device 170 and/or wearable device 107 is paired with IHU system 100, this device may be recognized as a trusted device with respect to IHU system 100, and is assigned a unique identifier by IHU system 100. This trusted device, and its corresponding unique identifier, are associated by IHU system 100 with user 150 of the vehicle, and any profile and/or account information for user 150” [0043]; “In some cases, a key fob or an external device (e.g., mobile phone), which is paired with the vehicle at the time an account was initially created, may identify a user and log them in to the IHU. However, the mere presence of key fob or external device does not necessarily achieve the authentication of a particular, known or previously identified user of the vehicle. In certain cases, the IHU may further prompt the user of a known, trusted device to enter a personal passcode or password on the user’s device to enable explicit permission for login into the IHU. This approach, however, may potentially negate the user’s expectation of a seamless, "get-in-and drive" experience” [0019] [Examiner notes that non-biometric data can be used as authentication entries such as passwords and keys]); for user input values having received device ID values that match device ID values of device authentication entries, determining the certainty factor for matching device authentication entries having at least the same owner value (“The example method further includes determining, by the mobile computing device and based on a comparison between the first feature data and second feature data associated with at least one image of a face of a previously enrolled user of the mobile computing device, a match between the user of the vehicle and the previously enrolled user, authenticating, by the mobile computing device and based on the match, the user of the vehicle and sending, by mobile computing device and to the vehicle computing system, authentication data for the user of the vehicle, wherein the authentication data is indicative of the match” [0003]; “In one pose-independent example, authentication module 426 selects image data of image data 330 based on the respective similarity scores for image data 330 to determine whether unknown user 150 is the known user 338. Authentication module 426 selects the single image data of image data 330 with the similarity score indicative of a closest match to the authentication image data. In some examples, authentication module 426 determines the respective similarity scores for image data 330 based on an angle between each vector representing a respective image data of image data 330 and the vector representing the authentication image data and determines that the score indicative of the closest match is the lowest similarity score (e.g., the smaller angle between two vectors the closer the vectors are to one another). In another example, authentication module 426 determines the respective similarity scores for image data 330 based on a cosine similarity between each vector representing a respective image data of image data 330 and the vector representing the authentication image data and determines that the score indicative of the closest match is the highest similarity score (e.g., the larger cosine value between two vectors the more the vectors are more similar)” [0120]; “The trusted mobile computing device may initially perform an enrollment process to capture data (e.g., facial feature data associated with a captured image) of a face of a known user in a variety of different poses. The trusted device may assign each group of data of the known user to a respective pose bucket of a group of pose buckets. The trusted device enrolls the data by associating data of the known user with a user account for the known user. The trusted device may subsequently receive authentication data (e.g., computed test data, such as computed facial feature information) of an unknown user who is situated inside of the vehicle, where an authentication image is captured using the in-vehicle camera of the vehicle, and where computed data (e.g., feature data) is obtained from the image and used by the trusted device. The trusted device may authenticate the unknown user by comparing the authentication feature data for the unknown user to enrolled feature data of the known user” [0002] [Examiner notes that these texts align with the claim language because it describes a process where multiple confidence measures are calculated and aggregated to determine the likelihood of correctly authenticating a user while also ensuring that each received user input value undergoes rigorous comparison, similarity assessment, and certainty factor assignment by using these measures to make a final authentication decision. Examiner also notes that “The trusted device enrolls the data by associating data of the known user with a user account of the known user” and “The trusted device may assign each group of data of the known user to a respective bucket of a group of pose buckets” account for the limitation of storing each user value as an authenticated user value with the corresponding certainty factor in the secure memory, especially because this step implies that the captured and organized data (user values/facial feature data associated with the captured image/biometric data) are stored in the trusted device’s memory by associating them with the user’s account. Also, for each data point (may be in a group), the system might also store a certainty factor since these indicate how reliable that data point is for authentication purposes (e.g., a frontal face image might have a higher certainty factor then a side profile image since frontal images are generally more reliable for facial recognition]); “When mobile computing device 170 and/or wearable device 107 is paired with IHU system 100, this device may be recognized as a trusted device with respect to IHU system 100, and is assigned a unique identifier by IHU system 100. This trusted device, and its corresponding unique identifier, are associated by IHU system 100 with user 150 of the vehicle, and any profile and/or account information for user 150” [0043] [Examiner adds this text to show that the data stored can also consist of the device identification value as it is used to later associate the device when paired again. Therefore, the data of the user is the owner value, the unique identifier assigned by IHU system is the device ID value, the similarity score or match score produced by comparing the facial feature vectors acts as a certainty factor, and the storage that the authentication modules accesses for authentication information corresponds to the claimed secure memory]); generating a certainty score from at least the certainty factors of the matching device authentication entries (“In other words, in some examples, FRM 322 utilizes pose invariant techniques to determine whether the unknown user 150 is the known user 338. For example, FRM 322 may determine a respective similarity score for each feature data of feature data 330, where the respective similarity score indicates a similarity between the corresponding feature data of feature data 330 and the authentication feature data of unknown user 150” [0077] [Examiner notes that since feature data includes a multitude of different camera types to capture specific data, this text excerpt still aligns conceptually with the certainty factors corresponding feature data of feature data 330]); and selectively enabling or disabling each of a plurality of different access types for the motor vehicle in response to a comparison between the certainty score and a certainty threshold assigned to each different access type (“In one scenario, FRM 322 determines a composite similarity score for two or more feature data 330. For instance, FRM 322 may determine the composite similarity score based on the average of the respective similarity scores for two or more of feature data 330 and may compare the composite similarity score to the threshold similarity score to determine whether unknown user 150 is the known user 338” [0079]; “In another example, a method includes establishing, by a vehicle computing system of a vehicle, a connection with a mobile computing device, wherein the vehicle computing system includes an infotainment head unit, determining, by the vehicle computing system, a presence of a user inside the vehicle, and, after determining the presence of the user inside the vehicle, capturing, by the vehicle computing system using an image capture device that is connected to at least a portion of the vehicle, at least one image of a face of the user. The example method further includes determining, by the vehicle computing system, first feature data associated with the at least one image of the face of the user, receiving, by the vehicle computing system, authentication data for the user, wherein the authentication data indicates a match between the user and a previously enrolled user based on a comparison between the first feature data and second feature data associated with at least one image of a face of the previously enrolled user, and accessing, by the vehicle computing system and based on the authentication data for the user, user account information to log the user into the infotainment head unit” [0006]; “In certain other examples, the disclosed techniques may confirm the identity or otherwise authenticate user 150 of the vehicle before allowing user 150 to operate the vehicle, in order to prevent unauthorized individuals from operating the vehicle” [0146] [Examiner notes that these texts shows that permissions are only authorized after a stored match happens, therefore the permissions have to be stored in order for the user to (post-authentication) access their permissions of the vehicle. Implicitly, this includes entry access to the vehicle as it depends on the permissions for the user that is matched]). Claim 30 recites substantially the same limitation as claim 21, in the form of a motor vehicle apparatus for implementing the corresponding method, therefore it is rejected under the same rationale. Examiner wants to note that the “a control unit in communication with the secure memory and input systems, the control unit configured to” limitation is taught in Singh: “Control unit 106 may include at least one processor and/or at least one storage device” [0031] and “Although shown as operable within control unit 106 of vehicle computing system 100, one or more of application modules 110 may be operable by a remote computing device (e.g., mobile computing device 170) that is communicatively coupled to vehicle computing system 100. In such examples, an application module executing at a remote computing device may cause the remote computing device to send the content and intent information using any suitable form of data communication (e.g., wired or wireless network, short-range wireless communication such as Near Field Communication or BLUETOOTH, etc.)” [0043]. Examiner also notes that the wireless communication limitation is read upon in Singh, paragraph 0043, “In such examples, an application module executing at a remote computing device may cause the remote computing device to send the content and intent information using any suitable form of data communication (e.g., wired or wireless network, short-range wireless communication such as Near Field Communication or BLUETOOTH, etc.).” Regarding claim 23, Singh discloses: the motor vehicle include at least one wireless communication system (“In such examples, an application module executing at a remote computing device may cause the remote computing device to send the content and intent information using any suitable form of data communication (e.g., wired or wireless network, short-range wireless communication such as Near Field Communication or BLUETOOTH, etc.)” [0043]); and at least one user input value is a wireless transmission from a wireless user device that is received at the wireless communication system (“When mobile computing device 170 and/or wearable device 107 is paired with IHU system 100, this device may be recognized as a trusted device with respect to IHU system 100, and is assigned a unique identifier by IHU system 100. This trusted device, and its corresponding unique identifier, are associated by IHU system 100 with user 150 of the vehicle, and any profile and/or account information for user 150” [0043]). Regarding claim 24, Singh discloses: the motor vehicle includes a physical port; and at least one user input value is a communication from a wireless user device that is received at the physical port (“Although shown as operable within control unit 106 of vehicle computing system 100, one or more of application modules 110 may be operable by a remote computing device (e.g., mobile computing device 170) that is communicatively coupled to vehicle computing system 100. In such examples, an application module executing at a remote computing device may cause the remote computing device to send the content and intent information using any suitable form of data communication (e.g., wired or wireless network, short-range wireless communication such as Near Field Communication or BLUETOOTH, etc.). In some examples, a remote computing device may be a computing device that is separate from a computing device included in vehicle computing system 100. For instance, the remote computing device may be operatively coupled to vehicle computing system 100 by a network” [0043] [Examiner notes that Bluetooth is a real-life example of this wireless communication system. The vehicle has Bluetooth hardware and this hardware interface is what is the physical port]). Regarding claim 25, Singh discloses: the authentication entries further include biometric authentication entries that each include an owner value, biometric data, and a certainty factor; receiving, at the motor vehicle, at least one biometric input that includes received biometric information; for each received biometric information that match biometric data of a biometric authentication entry, determining the certainty factor for matching biometric authentication entry (“The example method further includes determining, by the mobile computing device and based on a comparison between the first feature data and second feature data associated with at least one image of a face of a previously enrolled user of the mobile computing device, a match between the user of the vehicle and the previously enrolled user, authenticating, by the mobile computing device and based on the match, the user of the vehicle and sending, by mobile computing device and to the vehicle computing system, authentication data for the user of the vehicle, wherein the authentication data is indicative of the match” [0003]; “In one pose-independent example, authentication module 426 selects image data of image data 330 based on the respective similarity scores for image data 330 to determine whether unknown user 150 is the known user 338. Authentication module 426 selects the single image data of image data 330 with the similarity score indicative of a closest match to the authentication image data. In some examples, authentication module 426 determines the respective similarity scores for image data 330 based on an angle between each vector representing a respective image data of image data 330 and the vector representing the authentication image data and determines that the score indicative of the closest match is the lowest similarity score (e.g., the smaller angle between two vectors the closer the vectors are to one another). In another example, authentication module 426 determines the respective similarity scores for image data 330 based on a cosine similarity between each vector representing a respective image data of image data 330 and the vector representing the authentication image data and determines that the score indicative of the closest match is the highest similarity score (e.g., the larger cosine value between two vectors the more the vectors are more similar)” [0120]; “The trusted mobile computing device may initially perform an enrollment process to capture data (e.g., facial feature data associated with a captured image) of a face of a known user in a variety of different poses. The trusted device may assign each group of data of the known user to a respective pose bucket of a group of pose buckets. The trusted device enrolls the data by associating data of the known user with a user account for the known user. The trusted device may subsequently receive authentication data (e.g., computed test data, such as computed facial feature information) of an unknown user who is situated inside of the vehicle, where an authentication image is captured using the in-vehicle camera of the vehicle, and where computed data (e.g., feature data) is obtained from the image and used by the trusted device. The trusted device may authenticate the unknown user by comparing the authentication feature data for the unknown user to enrolled feature data of the known user” [0002] [Examiner notes that these texts align with the claim language because it describes a process where multiple confidence measures are calculated and aggregated to determine the likelihood of correctly authenticating a user while also ensuring that each received user input value undergoes rigorous comparison, similarity assessment, and certainty factor assignment by using these measures to make a final authentication decision. Examiner also notes that “The trusted device enrolls the data by associating data of the known user with a user account of the known user” and “The trusted device may assign each group of data of the known user to a respective bucket of a group of pose buckets” account for the limitation of storing each user value as an authenticated user value with the corresponding certainty factor in the secure memory, especially because this step implies that the captured and organized data (user values/facial feature data associated with the captured image/biometric data) are stored in the trusted device’s memory by associating them with the user’s account. Also, for each data point (may be in a group), the system might also store a certainty factor since these indicate how reliable that data point is for authentication purposes (e.g., a frontal face image might have a higher certainty factor then a side profile image since frontal images are generally more reliable for facial recognition]); “When mobile computing device 170 and/or wearable device 107 is paired with IHU system 100, this device may be recognized as a trusted device with respect to IHU system 100, and is assigned a unique identifier by IHU system 100. This trusted device, and its corresponding unique identifier, are associated by IHU system 100 with user 150 of the vehicle, and any profile and/or account information for user 150” [0043] [Examiner adds this text to show that the data stored can also consist of the device identification value as it is used to later associate the device when paired again. Therefore, the data of the user is the owner value, the unique identifier assigned by IHU system is the device ID value, the similarity score or match score produced by comparing the facial feature vectors acts as a certainty factor, and the storage that the authentication modules accesses for authentication information corresponds to the claimed secure memory]); and generating the certainty score from the certainty factors of at least any matching device authentication entries and matching biometric authentication entries having at least the same owner value (“In other words, in some examples, FRM 322 utilizes pose invariant techniques to determine whether the unknown user 150 is the known user 338. For example, FRM 322 may determine a respective similarity score for each feature data of feature data 330, where the respective similarity score indicates a similarity between the corresponding feature data of feature data 330 and the authentication feature data of unknown user 150” [0077] [Examiner notes that since feature data includes a multitude of different camera types to capture specific data, this text excerpt still aligns conceptually with the certainty factors corresponding feature data of feature data 330]). Regarding claim 26, Singh discloses: generating the certainty score includes at least adding the certainty factors of the matching device authentication entries (“In one instance, authentication module 426 may determine the composite similarity score based on the average of the respective similarity scores for two or more of image data 330 and may compare the composite similarity score to the threshold similarity score to determine whether unknown user 150 is the known user 338” [0121] [Examiner notes that each similarity score can be seen as an addend since they are combined and averaged to produce a single composite similarity score, similar to how multiple addends are summed to generate a certainty score]). Regarding claim 27, Singh discloses: receiving, at the motor vehicle, a new user input value that includes a received new device ID value (“UI module 108 of vehicle computing system 100 may receive from presence-sensitive panel 102 one or more indications of user input detected at presence-sensitive panel 102” [0044]); authenticating the new device ID values (“When mobile computing device 170 and/or wearable device 107 is paired with IHU system 100, this device may be recognized as a trusted device with respect to IHU system 100, and is assigned a unique identifier by IHU system 100. This trusted device, and its corresponding unique identifier, are associated by IHU system 100 with user 150 of the vehicle, and any profile and/or account information for user 150” [0043]); receiving a certainty factor and owner value for the new device ID value from a user; and storing the new device ID value in an authentication entry with at least the corresponding owner value and certainty factor (“The example method further includes determining, by the mobile computing device and based on a comparison between the first feature data and second feature data associated with at least one image of a face of a previously enrolled user of the mobile computing device, a match between the user of the vehicle and the previously enrolled user, authenticating, by the mobile computing device and based on the match, the user of the vehicle and sending, by mobile computing device and to the vehicle computing system, authentication data for the user of the vehicle, wherein the authentication data is indicative of the match” [0003]; “In one pose-independent example, authentication module 426 selects image data of image data 330 based on the respective similarity scores for image data 330 to determine whether unknown user 150 is the known user 338. Authentication module 426 selects the single image data of image data 330 with the similarity score indicative of a closest match to the authentication image data. In some examples, authentication module 426 determines the respective similarity scores for image data 330 based on an angle between each vector representing a respective image data of image data 330 and the vector representing the authentication image data and determines that the score indicative of the closest match is the lowest similarity score (e.g., the smaller angle between two vectors the closer the vectors are to one another). In another example, authentication module 426 determines the respective similarity scores for image data 330 based on a cosine similarity between each vector representing a respective image data of image data 330 and the vector representing the authentication image data and determines that the score indicative of the closest match is the highest similarity score (e.g., the larger cosine value between two vectors the more the vectors are more similar)” [0120]; “The trusted mobile computing device may initially perform an enrollment process to capture data (e.g., facial feature data associated with a captured image) of a face of a known user in a variety of different poses. The trusted device may assign each group of data of the known user to a respective pose bucket of a group of pose buckets. The trusted device enrolls the data by associating data of the known user with a user account for the known user. The trusted device may subsequently receive authentication data (e.g., computed test data, such as computed facial feature information) of an unknown user who is situated inside of the vehicle, where an authentication image is captured using the in-vehicle camera of the vehicle, and where computed data (e.g., feature data) is obtained from the image and used by the trusted device. The trusted device may authenticate the unknown user by comparing the authentication feature data for the unknown user to enrolled feature data of the known user” [0002] [Examiner notes that these texts align with the claim language because it describes a process where multiple confidence measures are calculated and aggregated to determine the likelihood of correctly authenticating a user while also ensuring that each received user input value undergoes rigorous comparison, similarity assessment, and certainty factor assignment by using these measures to make a final authentication decision. Examiner also notes that “The trusted device enrolls the data by associating data of the known user with a user account of the known user” and “The trusted device may assign each group of data of the known user to a respective bucket of a group of pose buckets” account for the limitation of storing each user value as an authenticated user value with the corresponding certainty factor in the secure memory, especially because this step implies that the captured and organized data (user values/facial feature data associated with the captured image/biometric data) are stored in the trusted device’s memory by associating them with the user’s account. Also, for each data point (may be in a group), the system might also store a certainty factor since these indicate how reliable that data point is for authentication purposes (e.g., a frontal face image might have a higher certainty factor then a side profile image since frontal images are generally more reliable for facial recognition]). Regarding claim 29, Singh discloses: assigning certainty thresholds for each of a plurality of the different access types (“In one scenario, FRM 322 determines a composite similarity score for two or more feature data 330. For instance, FRM 322 may determine the composite similarity score based on the average of the respective similarity scores for two or more of feature data 330 and may compare the composite similarity score to the threshold similarity score to determine whether unknown user 150 is the known user 338” [0079]; “In another example, a method includes establishing, by a vehicle computing system of a vehicle, a connection with a mobile computing device, wherein the vehicle computing system includes an infotainment head unit, determining, by the vehicle computing system, a presence of a user inside the vehicle, and, after determining the presence of the user inside the vehicle, capturing, by the vehicle computing system using an image capture device that is connected to at least a portion of the vehicle, at least one image of a face of the user. The example method further includes determining, by the vehicle computing system, first feature data associated with the at least one image of the face of the user, receiving, by the vehicle computing system, authentication data for the user, wherein the authentication data indicates a match between the user and a previously enrolled user based on a comparison between the first feature data and second feature data associated with at least one image of a face of the previously enrolled user, and accessing, by the vehicle computing system and based on the authentication data for the user, user account information to log the user into the infotainment head unit” [0006]; “In certain other examples, the disclosed techniques may confirm the identity or otherwise authenticate user 150 of the vehicle before allowing user 150 to operate the vehicle, in order to prevent unauthorized individuals from operating the vehicle” [0146] [Examiner notes that these texts shows that permissions are only authorized after a stored match happens, therefore the permissions have to be stored in order for the user to (post-authentication) access their permissions of the vehicle. Implicitly, this includes entry access to the vehicle as it depends on the permissions for the user that is matched]). Claim 32 recites substantially the same limitation as claim 24, in the form of a motor vehicle apparatus for implementing the corresponding method, therefore it is rejected under the same rationale. Regarding claim 33, Singh discloses: the secure memory is further configured to store biometric authentication entries that each include an owner value, biometric data, and a certainty factor (“The example method further includes determining, by the mobile computing device and based on a comparison between the first feature data and second feature data associated with at least one image of a face of a previously enrolled user of the mobile computing device, a match between the user of the vehicle and the previously enrolled user, authenticating, by the mobile computing device and based on the match, the user of the vehicle and sending, by mobile computing device and to the vehicle computing system, authentication data for the user of the vehicle, wherein the authentication data is indicative of the match” [0003]; “In one pose-independent example, authentication module 426 selects image data of image data 330 based on the respective similarity scores for image data 330 to determine whether unknown user 150 is the known user 338. Authentication module 426 selects the single image data of image data 330 with the similarity score indicative of a closest match to the authentication image data. In some examples, authentication module 426 determines the respective similarity scores for image data 330 based on an angle between each vector representing a respective image data of image data 330 and the vector representing the authentication image data and determines that the score indicative of the closest match is the lowest similarity score (e.g., the smaller angle between two vectors the closer the vectors are to one another). In another example, authentication module 426 determines the respective similarity scores for image data 330 based on a cosine similarity between each vector representing a respective image data of image data 330 and the vector representing the authentication image data and determines that the score indicative of the closest match is the highest similarity score (e.g., the larger cosine value between two vectors the more the vectors are more similar)” [0120]; “The trusted mobile computing device may initially perform an enrollment process to capture data (e.g., facial feature data associated with a captured image) of a face of a known user in a variety of different poses. The trusted device may assign each group of data of the known user to a respective pose bucket of a group of pose buckets. The trusted device enrolls the data by associating data of the known user with a user account for the known user. The trusted device may subsequently receive authentication data (e.g., computed test data, such as computed facial feature information) of an unknown user who is situated inside of the vehicle, where an authentication image is captured using the in-vehicle camera of the vehicle, and where computed data (e.g., feature data) is obtained from the image and used by the trusted device. The trusted device may authenticate the unknown user by comparing the authentication feature data for the unknown user to enrolled feature data of the known user” [0002] [Examiner notes that these texts align with the claim language because it describes a process where multiple confidence measures are calculated and aggregated to determine the likelihood of correctly authenticating a user while also ensuring that each received user input value undergoes rigorous comparison, similarity assessment, and certainty factor assignment by using these measures to make a final authentication decision. Examiner also notes that “The trusted device enrolls the data by associating data of the known user with a user account of the known user” and “The trusted device may assign each group of data of the known user to a respective bucket of a group of pose buckets” account for the limitation of storing each user value as an authenticated user value with the corresponding certainty factor in the secure memory, especially because this step implies that the captured and organized data (user values/facial feature data associated with the captured image/biometric data) are stored in the trusted device’s memory by associating them with the user’s account. Also, for each data point (may be in a group), the system might also store a certainty factor since these indicate how reliable that data point is for authentication purposes (e.g., a frontal face image might have a higher certainty factor then a side profile image since frontal images are generally more reliable for facial recognition]); “When mobile computing device 170 and/or wearable device 107 is paired with IHU system 100, this device may be recognized as a trusted device with respect to IHU system 100, and is assigned a unique identifier by IHU system 100. This trusted device, and its corresponding unique identifier, are associated by IHU system 100 with user 150 of the vehicle, and any profile and/or account information for user 150” [0043] [Examiner adds this text to show that the data stored can also consist of the device identification value as it is used to later associate the device when paired again. Therefore, the data of the user is the owner value, the unique identifier assigned by IHU system is the device ID value, the similarity score or match score produced by comparing the facial feature vectors acts as a certainty factor, and the storage that the authentication modules accesses for authentication information corresponds to the claimed secure memory]); the plurality of input systems includes at least one sensor configured to generate biometric information (“Camera 104 and/or camera 111 may be one or more of any appropriate type of image acquisition or capture device, such as a camera or charge-coupled device. In some examples, camera 104 may be one or more infrared cameras with a high field-of-view and shallow depth of focus, and may be a backlit infrared camera oriented to point generally upward within the vehicle, having a particular field-of-view. In other examples, camera 104 may be or may further include one or more other types of cameras or image sensors, which may include one or more other infrared cameras, thermographic cameras, thermal imaging cameras, light-sensitive cameras, range sensors, tomography devices, radar devices, red- green-blue (RGB) cameras, or ultrasonic cameras. In some examples, camera 104 may be any image capture device appropriate for application of computer vision techniques” [0039]; “This process involves running an enrollment application on the personal device that captures the biometric features of the user's face, using the front facing camera on the device, such as described above, e.g., in reference to FIG. 3. These corresponding facial features are stored as feature data on the personal device (e.g., enrolled information 328). The personal device is registered/paired as a trusted device with the IHU (e.g., IHU system 100 of FIG. 1)” [0126] [Examiner interprets this to align with the given claim language because a biometric related sensor refers to any device or system capable of capturing biometric data including fingerprint scanner, iris scanner, or in this case, a facial recognition camera; since the captured biometric data from the personal device is then used as an input for the motor vehicle's systems (authentication purposes), this process is considered as part of the vehicles’ biometric-related input capabilities]); the control unit is further configured to determine which biometric authentication entries have biometric information that matches generated biometric information, determine the certainty factor for any matching biometric authentication entries (“The example method further includes determining, by the mobile computing device and based on a comparison between the first feature data and second feature data associated with at least one image of a face of a previously enrolled user of the mobile computing device, a match between the user of the vehicle and the previously enrolled user, authenticating, by the mobile computing device and based on the match, the user of the vehicle and sending, by mobile computing device and to the vehicle computing system, authentication data for the user of the vehicle, wherein the authentication data is indicative of the match” [0003]; “In one pose-independent example, authentication module 426 selects image data of image data 330 based on the respective similarity scores for image data 330 to determine whether unknown user 150 is the known user 338. Authentication module 426 selects the single image data of image data 330 with the similarity score indicative of a closest match to the authentication image data. In some examples, authentication module 426 determines the respective similarity scores for image data 330 based on an angle between each vector representing a respective image data of image data 330 and the vector representing the authentication image data and determines that the score indicative of the closest match is the lowest similarity score (e.g., the smaller angle between two vectors the closer the vectors are to one another). In another example, authentication module 426 determines the respective similarity scores for image data 330 based on a cosine similarity between each vector representing a respective image data of image data 330 and the vector representing the authentication image data and determines that the score indicative of the closest match is the highest similarity score (e.g., the larger cosine value between two vectors the more the vectors are more similar)” [0120]; “The trusted mobile computing device may initially perform an enrollment process to capture data (e.g., facial feature data associated with a captured image) of a face of a known user in a variety of different poses. The trusted device may assign each group of data of the known user to a respective pose bucket of a group of pose buckets. The trusted device enrolls the data by associating data of the known user with a user account for the known user. The trusted device may subsequently receive authentication data (e.g., computed test data, such as computed facial feature information) of an unknown user who is situated inside of the vehicle, where an authentication image is captured using the in-vehicle camera of the vehicle, and where computed data (e.g., feature data) is obtained from the image and used by the trusted device. The trusted device may authenticate the unknown user by comparing the authentication feature data for the unknown user to enrolled feature data of the known user” [0002] [Examiner notes that these texts align with the claim language because it describes a process where multiple confidence measures are calculated and aggregated to determine the likelihood of correctly authenticating a user while also ensuring that each received user input value undergoes rigorous comparison, similarity assessment, and certainty factor assignment by using these measures to make a final authentication decision. Examiner also notes that “The trusted device enrolls the data by associating data of the known user with a user account of the known user” and “The trusted device may assign each group of data of the known user to a respective bucket of a group of pose buckets” account for the limitation of storing each user value as an authenticated user value with the corresponding certainty factor in the secure memory, especially because this step implies that the captured and organized data (user values/facial feature data associated with the captured image/biometric data) are stored in the trusted device’s memory by associating them with the user’s account. Also, for each data point (may be in a group), the system might also store a certainty factor since these indicate how reliable that data point is for authentication purposes (e.g., a frontal face image might have a higher certainty factor then a side profile image since frontal images are generally more reliable for facial recognition]); “When mobile computing device 170 and/or wearable device 107 is paired with IHU system 100, this device may be recognized as a trusted device with respect to IHU system 100, and is assigned a unique identifier by IHU system 100. This trusted device, and its corresponding unique identifier, are associated by IHU system 100 with user 150 of the vehicle, and any profile and/or account information for user 150” [0043] [Examiner adds this text to show that the data stored can also consist of the device identification value as it is used to later associate the device when paired again. Therefore, the data of the user is the owner value, the unique identifier assigned by IHU system is the device ID value, the similarity score or match score produced by comparing the facial feature vectors acts as a certainty factor, and the storage that the authentication modules accesses for authentication information corresponds to the claimed secure memory]); and generate the certainty score from the certainty factors of at least any matching device authentication entries and matching biometric authentication entries having at least the same owner value (“In other words, in some examples, FRM 322 utilizes pose invariant techniques to determine whether the unknown user 150 is the known user 338. For example, FRM 322 may determine a respective similarity score for each feature data of feature data 330, where the respective similarity score indicates a similarity between the corresponding feature data of feature data 330 and the authentication feature data of unknown user 150” [0077] [Examiner notes that since feature data includes a multitude of different camera types to capture specific data, this text excerpt still aligns conceptually with the certainty factors corresponding feature data of feature data 330]). Regarding claim 34, Singh discloses: the at least one sensor is selected from the group of: a fingerprint reader, camera coupled to a facial recognition system, and a microphone coupled to a voice recognition system (“e.g., facial recognition, finger print recognition, PIN or passcodes, etc.” [0085]; “Examples of input are tactile, audio, kinetic, and optical input, to name only a few examples. Input components 442 of computing system 410 include, in one example, a mouse, keyboard, voice responsive system, video camera, buttons, control pad, microphone or any other type of device for detecting input from a human or machine. In some examples, input component 442 may be a presence-sensitive input component, which may include a presence-sensitive screen, touch-sensitive screen, etc.” [0091]). Claim 35 recites substantially the same limitation as claims 21 and 30, in the form of a system for implementing the corresponding method/moto vehicle apparatus, therefore it is rejected under the same rationale. Regarding claim 37, Singh discloses: the at least one user device configured to transmit one of the user input values (“FRM 322 may perform an authentication process for an unknown user (e.g., user 150 of the vehicle of FIG. 1) after completing the enrollment process for known user 338. In other words, FRM 322 may receive a request to authenticate an unknown user 150 of the vehicle of FIG. 1, based on feature data of user 150 that is determined from images 333 captured by one of cameras in the vehicle (e.g., camera 104 and/or 111), and which is transmitted by IHU system 100 to computing device 310, which may be one example of mobile computing device 170 of FIG. 1. System 100 may send feature data 330 to computing device 310 that comprises, e.g., feature vector data for various features of the images of user 150 that are captured by image capture device 173” [0072]). Regarding claim 38, Singh discloses: the secure memory and control unit are part of the motor vehicle (“In another example, a vehicle computing system includes at least one processor and at least one computer-readable storage device. The at least one computer-readable storage device store instructions that, when executed by the at least one processor, cause the at least one processor to: establish a connection with a mobile computing device, wherein the vehicle computing system includes an infotainment head unit; determine a presence of a user inside a vehicle; after determining the presence of the user inside the vehicle, capture, using an image capture device that is connected to at least a portion of the vehicle, at least one image of a face of the user; determine first feature data associated with the at least one image of the face of the user; receive authentication data for the user, wherein the authentication data indicates a match between the user and a previously enrolled user based on a comparison between the first feature data and second feature data associated with at least one image of a face of the previously enrolled user; and access, based on the authentication data for the user, user account information to log the user into the infotainment head unit” [0008]). Regarding claim 39, Singh discloses: a server system in communication with at least one wireless communication system; wherein the secure memory and control unit are part of the server system (“Although shown as operable within control unit 106 of vehicle computing system 100, one or more of application modules 110 may be operable by a remote computing device (e.g., mobile computing device 170) that is communicatively coupled to vehicle computing system 100. In such examples, an application module executing at a remote computing device may cause the remote computing device to send the content and intent information using any suitable form of data communication (e.g., wired or wireless network, short-range wireless communication such as Near Field Communication or BLUETOOTH, etc.). In some examples, a remote computing device may be a computing device that is separate from a computing device included in vehicle computing system 100. For instance, the remote computing device may be operatively coupled to vehicle computing system 100 by a network. An example of a remote computing device may include, but is not limited to a server, smartphone, tablet computing device, smart watch, and desktop computer” [0043] [Examiner interprets the communication link between the server (or remote computing device) and the vehicle computing system as the interface which is understood as how the remote computing device sends content and intent information to the vehicle computing system, establishing a communication interface]). Claim 40 recites substantially the same limitation as claim 33, in the form of a system for implementing the corresponding system, therefore it is rejected under the same rationale. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 22, 31, and 36 are rejected under 35 U.S.C. 103 as being unpatentable over Singh in view of US 2017/0200334 A1 to Buttolo et al. (hereinafter, “Buttolo”). Regarding claim 22, Singh discloses all limitations of claim 21. Singh does not disclose: the device ID value comprise media access control (MAC) values for the different user devices. However, Buttolo discloses: the device ID value comprise media access control (MAC) values for the different user devices (“To facilitate the communications over the communications network, personal devices 104 may be associated with unique device identifiers 124 (e.g., media access control (MAC) addresses, mobile device numbers (MDNs), Internet protocol (IP) addresses, identifiers of the device modems, etc.) to identify the communications of the personal devices 104 over the communications network. These personal device identifiers 124 may also be utilized by the in-vehicle component 106 to identify the personal devices 104” [0030]). Thus, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains, to combine the method of Singh with the added structure of Buttolo since such a combination would provide greater transparency and assurance than a standard demonstration offered by competing solutions in order to properly identify the wireless device being authenticated. Regarding claim 31, Singh discloses all limitations of claim 30. Singh further discloses: the at least one wireless communication system is configured to receive the different user input values as packets from different wireless devices (“When mobile computing device 170 and/or wearable device 107 is paired with IHU system 100, this device may be recognized as a trusted device with respect to IHU system 100, and is assigned a unique identifier by IHU system 100. This trusted device, and its corresponding unique identifier, are associated by IHU system 100 with user 150 of the vehicle, and any profile and/or account information for user 150” [0043]); Singh does not disclose: wherein the device ID value comprise media access control (MAC) addresses. However, Buttolo discloses: wherein the device ID value comprise media access control (MAC) addresses (“To facilitate the communications over the communications network, personal devices 104 may be associated with unique device identifiers 124 (e.g., media access control (MAC) addresses, mobile device numbers (MDNs), Internet protocol (IP) addresses, identifiers of the device modems, etc.) to identify the communications of the personal devices 104 over the communications network. These personal device identifiers 124 may also be utilized by the in-vehicle component 106 to identify the personal devices 104” [0030]). Thus, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains, to combine the method of Singh with the added structure of Buttolo since such a combination would provide greater transparency and assurance than a standard demonstration offered by competing solutions in order to properly identify the wireless device being authenticated. Claim 36 recites substantially the same limitation as claim 31, in the form of a system for implementing the corresponding motor vehicle apparatus, therefore it is rejected under the same rationale. Examiner notes that the “at least one interface is part of the motor vehicle” limitation is read upon in Singh, paragraph 0008, “In another example, a vehicle computing system includes at least one processor and at least one computer-readable storage device. The at least one computer-readable storage device store instructions that, when executed by the at least one processor, cause the at least one processor to: establish a connection with a mobile computing device, wherein the vehicle computing system includes an infotainment head unit; determine a presence of a user inside a vehicle; after determining the presence of the user inside the vehicle, capture, using an image capture device that is connected to at least a portion of the vehicle, at least one image of a face of the user; determine first feature data associated with the at least one image of the face of the user; receive authentication data for the user, wherein the authentication data indicates a match between the user and a previously enrolled user based on a comparison between the first feature data and second feature data associated with at least one image of a face of the previously enrolled user; and access, based on the authentication data for the user, user account information to log the user into the infotainment head unit.” Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to SARON MATTHEWOS WORKU whose telephone number is (703)756-1761. The examiner can normally be reached Monday - Friday, 9:30am - 6:30pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Linglan Edwards can be reached on 571-270-5440. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /SARON MATTHEWOS WORKU/Examiner, Art Unit 2408 /LINGLAN EDWARDS/Supervisory Patent Examiner, Art Unit 2408
Read full office action

Prosecution Timeline

Show 8 earlier events
Jul 07, 2025
Response Filed
Sep 16, 2025
Final Rejection mailed — §102, §103
Nov 13, 2025
Response after Non-Final Action
Dec 16, 2025
Request for Continued Examination
Dec 20, 2025
Response after Non-Final Action
Dec 30, 2025
Non-Final Rejection mailed — §102, §103
Mar 27, 2026
Response Filed
Jun 16, 2026
Final Rejection mailed — §102, §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12665883
END USER PRIVACY MANAGEMENT OF ACCESSED DEVICE DATA
3y 11m to grant Granted Jun 23, 2026
Patent 12657346
Compressed Data Integrity Veritification Using Data Integrity Field
2y 9m to grant Granted Jun 16, 2026
Patent 12657300
METHOD FOR DETECTING MEMORY SAFETY BUG AND ELECTRONIC DEVICE SUPPORTING THE SAME
1y 8m to grant Granted Jun 16, 2026
Patent 12547939
SYSTEM AND A METHOD FOR PERFORMING A PRIVACY-PRESERVING DISTRIBUTION SIMILARITY TESTS BETWEEN A PLURALITY OF DATASETS
3y 0m to grant Granted Feb 10, 2026
Patent 12524579
SRAM PHYSICALLY UNCLONABLE FUNCTION (PUF) MEMORY FOR GENERATING KEYS BASED ON DEVICE OWNER
2y 8m to grant Granted Jan 13, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

7-8
Expected OA Rounds
65%
Grant Probability
99%
With Interview (+60.0%)
2y 8m (~0m remaining)
Median Time to Grant
High
PTA Risk
Based on 20 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month