Authenticating Access to Remote Assets Based on Proximity to a Local Device

§102 §112

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Continued Examination Under 37 CFR 1.114 A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on November 24th, 2025 has been entered. Response to Remarks/Arguments This Office Action is in response to the communications for the present US application number 17/962,494 last filed on November 24th, 2025. 1, 5, 9, 13, and 17 were amended. Claims 1-20 remain pending and have been examined, directed to AUTHENTICATING ACCESS TO REMOTE ASSETS BASED ON PROXIMITY TO A LOCAL DEVICE. Upon further review of the latest claim amendments along with the applicant’s representative’s response, the examiner reviewed the applied reference and respectfully disagrees and remain unpersuaded. With respect to the 35 U.S.C. § 102 rejection, using Bendersky, and looking at amended independent claim 1 for discussion purposes, the applicant’s representative amended and primarily argued about the amended feature with respect to part of the overall process, wherein after the authenticating step, the determining of the location and distance proximity that’s being captured by the camera of an authenticating system has now been further clarified to mean that the determination process is based on calculating the distance/proximity based on some measurable characteristic. In response, the Examiner reviewed all of the previous cited sections in both the previous remarks section and in the rejection section and found many different examples ranging from how a user can be identified, tracked and monitored, to identifying and capturing some user associated identifier, like a barcode, QR code, or RFID tags, or other session or device related identifying information (e.g., ¶¶ 74-75, 82-83, 993-94, 136, and 147 and Fig. 3). These types of described examples would already illustrate and capture that a user or their associated requesting device/system is already very close to the authenticating system, or in other words, close enough that a distance or proximity is measurable, for the system to capture the identifier or identifying information in whatever the format is. Additionally, Bendersky also discloses of the system receiving real time proximity data (e.g., ¶¶ 223-227 and Fig. 23). Therefore, the Examiner respectfully remains unpersuaded at this time. The other independent claims 9 and 17 were similarly amended and argued following claim 1 and thus were similarly rejected under the same rationale. With respect to amended dependent claims 5 and 13, the representative further argued about the measurable characteristics (related to calculating the distance between the requesting device/system and the authenticating device/system) in claim 1 were further limited by one of the listed factors - which was already previously addressed when the Examiner focused on the second listed factor. In response, the Examiner reviewed the Filed Specifications on this concept again and found only the same language repeated without further explanations (e.g., Filed Specifications: ¶¶ [00165] and [00170]). Upon further reconsiderations, the Examiner is raising an additional § 112 (b) rejection on this limitation, because two out of the three listed factors do not impact or affect how distance is measured (i.e., a screen size – a larger or smaller screen of either device is not going to help determine the distance between the two devices, or a resolution of the camera – capturing the image at X resolution is not going to change or help determine the distance either). And for the only factor that could be meaningful and interpreted to impact how the distance is measured, the field of view of the authenticating system’s camera was already addressed in the previous response. The Examiner reviewed and update the response, which reflects the change in dependency and in scope from claim 1’s amendment. The remaining dependent claims were not specifically argued at this time. Applicant's arguments were considered but they were not found persuasive. See the following claim rejections for further clarifications with added emphasis on the points previously disclosed. Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. Claims 5 and 13 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. More specifically, the first and third listed factors do not impact or affect how distance is measured between two points or between a requesting computing device/system and an authenticating device/system. A screen size, of either devices/systems, whether larger or smaller does not impact the distance between the devices/systems. Similarly, a resolution of the camera on the authenticating devices/system would also not change the distance that needs to be measured. As for the second factor, the field of view of the camera, the Examiner had interpreted and addressed it, as many of Bendersky’s examples deal with an authenticating camera capturing and/or identifying the credentials or identifier of the requesting device/system, associated with the requesting user, which means the credentials or identifier of the requesting device/system is within the field of view of the camera of the authenticating device/system. The filed Specifications was reviewed and it was found to be supportive in the broadest sense when it listed a plurality of factors that may need to be in working in combination. The factors that were included in the claim language however when claimed alone, like the screen size and the resolution of the authenticating camera would have to, at the very least, be utilized in combination with at least one or more other factors that actually can impact the determination of the measurement of the distance between the two devices/systems. For example, a screen size and possibly some zooming capabilities of the camera (which can actually be used to measure distance). Please review through the Specifications again for proper support regarding any further amendments. The Examiner would recommend amending the language to either cancel out factors one and three or change the OR condition. Appropriate amendments are expected. Claim Rejections - 35 USC § 102 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention. Claims 1-20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by U.S. Patent Publication No. US 2020/0053096 A1 to Bendersky et al. (referred to hereafter as “Bendersky”). As to claim 1, Bendersky discloses a non-transitory computer-readable storage medium, comprising stored instructions encoded thereon that, when executed by at least one processor, causes the processor to: receive, from a requesting computing device at an operational context, a request from a requesting target user for access to the operational context, wherein the request comprises authentication credentials representing an identity of the requesting target user (Bendersky discloses of an overall system which can receive requests from clients to access restricted contents that require some identification authentication, e.g., ¶¶ 60-61, 70, and 74-75); authenticate the identity of the requesting target user by determining an identity confidence value based on characteristic data collected for the requesting target user, wherein the identity confidence value describes a likelihood that an identity of the requesting target user matches the identity represented by the authentication credentials (Bendersky discloses of various ways that a system can receive a client user’s credentials and then authenticate them by evaluating and comparing against some reference data that’s stored within the system/servers, e.g., ¶¶ 74-75, 81, 93, 216, and 220 and Figs. 3-10 and 13-14 for example further illustrates variations on authenticating user’s credentials); responsive to authenticating the identity of the requesting target user, determine a proximity of the requesting target user to the operational context by determining a distance between a location of the requesting computing device and a location of an authenticating computing device operated by the requesting target user, the location of the authenticating computing device representing a location of the requesting target user, wherein the distance between the location of the requesting computing device and the location of the authenticating computing device is determined based on a calculation of a distance using an image of the requesting computing device captured by a camera of the authenticating computing device, the calculation based on a measurable characteristic of the requesting computing device (Bendersky discloses of several examples where the system uses a camera (or imaging system) to capture some form of an identifier on the requesting device, and in that process also capture and identify the proximity of the requesting device. In some examples, the system is capturing a moving user, such as with a badge-in process at a checkpoint. There are variations on what the (authenticating) system can focus on and identify wherein the identifier can refer or relate to the user itself or relate to an associated computing device or session itself (e.g., a session and/or device identifier, a barcode, a QR code, a biometric, or a login, RFID, etc.). In all of these variations, the location and proximity of the individual or identifier of the requesting device that is of focus, are all clearly close enough to be identified and determined, within the field of view and vicinity of the camera. In certain examples, Bendersky further specifically discloses that real time proximity data, such as movement, location, gaze, signal strength, etc. can all be identified and determined, all of which is measurable (e.g., ¶¶ 74-75, 82-83, 993-94, 136, 147, and 223-227 and Figs. 3 and 23)); and responsive to determining the requesting target user is within a threshold proximity of the operational context, grant the request from the requesting target user for access to the operational context (Following the above examples and interpretations, assuming the requesting client’s system is detected and determined to be within the proximity thresholds, then the client system would be granted access to the secured contents, e.g., ¶¶ 60-61, 136, 225, and 227 and related Figs. 13, 23, and 24). As to claim 2, Bendersky further discloses the non-transitory computer-readable storage medium of claim 1, wherein instructions for authenticating the identity of the requesting target user further comprise instructions for the processor to: determine the identity confidence value by inputting the characteristic data to an identity confidence model, the identity confidence model trained to predict identity confidence values based on a training dataset of characteristic data collected by one or more sources and labeled with historical identity confidence values (Similar to what was established in claim 1, a variety of user inputs were discussed to evaluate their identity and the system can evaluate by checking a reference dataset. Bendersky also describes scores or confidence values/levels with respect to various data elements, such as the user’s related data that needs to checked and verified, e.g., ¶¶ 58, 74-75, 81, 93, 215-216, 220, and 226 and Figs. 3-10, 13-14, and 24 for example all further illustrates variations on authenticating user’s credentials). As to claim 3, Bendersky further discloses the non-transitory computer-readable storage medium of claim 1, further comprising instructions for the processor to verify that the request originated from the requesting computing device, the instructions causing the processor to: extract a request ID embedded in the request by the requesting computing device (At least one of the various embodiments, such as Fig. 3, illustrates an approach involving unique codes or a form of identification that can be used and exchanged for authenticating a user’s device/system, e.g., ¶¶ 82-83, 94, and Figs. 3 and 4); generate an encoded representation of the request ID to be displayed on a screen of the requesting computing device (The system can receive a display or a representation of what’s on the screen of the client’s device/system, such as with the various forms of acceptable identifiers (e.g., barcodes, QR codes, biometrics, etc.), e.g., ¶¶ 82-83, 94, and Figs. 3 and 4); receive a scanned request ID extracted by the authenticating computing device scanning the encoded representation of the request ID (The user’s device can capture a form of identification with a camera and provide it back to the system, e.g., ¶¶ 82-83, 94, and Figs. 3 and 4); and verify that the scanned request ID matches the encoded representation of the request (Following the above steps, the system can upon approval, grant access to the secured contents/resource, e.g., Fig. 4, step 410). As to claim 4, Bendersky further discloses the non-transitory computer-readable storage medium of claim 3, wherein the instructions for determining the proximity of the requesting target user to the operational context further cause the processor to: generate an encoded representation of the request ID to be displayed on a screen of the requesting computing device (Following claims 1 and 3, the system can receive a display or a representation of what’s on the screen of the client’s device/system such as with the various forms of acceptable identifiers (e.g., barcodes, QR codes, biometrics, etc.), e.g., ¶¶ 82-83, 94, and Figs. 3 and 4); and responsive to determining the authenticating computing device is scanning the request ID, measure the distance between the requesting computing device and the authenticating computing device (Similar to what was established in claim 1, the proximity aspect is checked in several later embodiments, which can be combined with the various forms of authentications as established earlier on from for example Figs. 3 and 4, such as the encoded request ID of the client’s device/system is evaluated along with proximity information, e.g., ¶ 211-212, 224-225, and Fig. 23 with real time information and proximity evaluation). As to claim 5, Bendersky further discloses the non-transitory computer-readable storage medium of claim 1, wherein the distance between the requesting computing device and the authenticating computing device is measured based on: a screen size of the devices (It’s not clear how a screen size (of the authenticating device/system) can impact the actual distance that’s being identified and measured); a field of view of the camera of the authenticating computing device (Examiner’s Note: Only one of these three factors needs to be met under the OR condition. And due to the latest change in dependency, now following claim 1, instead of previously following claims 1, 3, and 4, see the corresponding 35 U.S.C. § 112 rejection on current issues. The filed Specifications was reviewed for examples on these three factors on how they directly or specifically can impact how distance is measured to the target (or requesting device). Besides the § 112 issue, following claim 1’s interpretations, Bendersky’s numerous examples already established that after an authentication process, proximity and measuring the distance location as it’s based on something measurable is already established, and can be easily determined by the authenticating device/system. Examples about capturing a user’s movements and/or their biometrics and/or their corresponding identifier like via, barcodes, QR codes, RFID, etc.. Real time proximity data as it relates to the distance of the requesting user/device/systems are also captured by the authenticating device/system. All of this means that this factor with respect to the field of view of the camera is already met, because such information must be within the field of view of the camera, for that information to be captured and identified by the authenticating device/system (e.g., ¶¶ 74-75, 82-83, 993-94, 136, 147, and 223-227 and Figs. 3 and 23)); or a resolution of the camera (It’s not clear how resolution of the camera can impact the actual distance that’s being identified and measured). As to claim 6, Bendersky further discloses the non-transitory computer-readable storage medium of claim 3, wherein the request ID is received from the requesting computing device in an encoded signal and instructions for determining the proximity of the requesting target user to the operational context further cause the processor to: determine attenuation of the encoded signal (signal strength, e.g., ¶ 209); and measure the distance between the requesting computing device and the authenticating computing device based on the determined signal attenuation (signal strength tied to proximity, e.g., ¶ 209). As to claim 7, Bendersky further discloses the non-transitory computer-readable storage medium of claim 1, further comprising instructions that cause the processor to: responsive to authenticating the identity of the requesting target user, generate a data token identifying the requesting target user and the authenticating computing device, wherein the requesting target user is authenticated during a subsequent request by matching characteristic data to the identity of the requesting target user encoded in the data token (A token (in various forms – secret, code, key, password, etc.) can be utilized such that the system can refer back to it for subsequent access from the same user/user’s device, e.g., ¶¶ 70 and 130). As to claim 8, Bendersky further discloses the non-transitory computer-readable storage medium of claim 1, further comprising instructions for the processor to: responsive to determining the requesting target user is beyond a threshold proximity of the operational context, deny the request from the requesting target user for access to the operational context (Following what’s established in claim 1, since proximity is part of the evaluation process, if the system determines the proximity is too far, or over a threshold, then the user’s request can be denied, e.g., ¶¶ 225 and 227 and Fig. 23, step 2307 and Fig. 24, step 2408). As to claims 9-16, see the similar corresponding rejections of claims 1-8 respectively. As to claims 17, 18, 19, and 20, see the similar corresponding rejection of claims 1, 3, 4, and 6 respectively. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to Xiang Yu whose telephone number is (571)270-5695. The examiner can normally be reached M-F 9:30-3:00 (PST/PDT). Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Emmanuel Moise can be reached at (571)272-3865. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /Xiang Yu/Examiner, Art Unit 2455