Prosecution Insights
Last updated: July 17, 2026
Application No. 17/974,901

Context Aware Client Firewall for Mobile Devices in Cloud Security Systems

Non-Final OA §103
Filed
Oct 27, 2022
Examiner
BINCZAK, BRANDON MICHAEL
Art Unit
2437
Tech Center
2400 — Computer Networks
Assignee
Zscaler Inc.
OA Round
6 (Non-Final)
39%
Grant Probability
At Risk
6-7
OA Rounds
0m
Est. Remaining
72%
With Interview

Examiner Intelligence

Grants only 39% of cases
39%
Career Allowance Rate
25 granted / 64 resolved
-18.9% vs TC avg
Strong +33% interview lift
Without
With
+33.4%
Interview Lift
resolved cases with interview
Typical timeline
3y 1m
Avg Prosecution
22 currently pending
Career history
97
Total Applications
across all art units

Statute-Specific Performance

§101
1.3%
-38.7% vs TC avg
§103
95.4%
+55.4% vs TC avg
§102
0.3%
-39.7% vs TC avg
§112
3.0%
-37.0% vs TC avg
Black line = Tech Center average estimate • Based on career data from 64 resolved cases

Office Action

§103
8 aDETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Arguments Applicant’s arguments, see pages 9-17, filed 3/16/2026, with respect to the rejection of claims 1, 3, 5-8, 10, 12-15, 17, and 19-26 under 35 USC 103 have been fully considered. Regarding the argument directed to the amendments to the independent claims: These arguments are persuasive. Therefore, the rejection has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made in view of BANSAL et al (Doc ID US 20210234860 A1). Regarding the argument: “… Applicant respectfully submits that … Teal does not disclose that the personal firewall applies any computed overall risk value in its permit or deny decision, and Teal does not disclose any runtime computation of an overall risk for network traffic on the mobile device. … Akella's risk computation is performed by a computing system that receives and analyzes network data via a gateway.” In response to applicant's arguments against the references individually, one cannot show nonobviousness by attacking references individually where the rejections are based on combinations of references. See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986). “Applicant respectfully submits that the Office Action overextends the combination beyond what the references actually disclose. Akella describes that computing system 114 receives and analyzes network data via a gateway and computes static risk, dynamic risk, and overall risk at that computing system. Teal describes that a personal firewall permits or denies communications based on a security policy and that an administration facility may configure policy rules that determine interactions. Accordingly, the combination as taught by the cited disclosures most naturally yields a system in which the overall risk determined by Akella is reflected in policy rules that are then enforced by Teal's personal firewall, rather than a system in which the endpoint itself performs Akella's risk calculations. Examiner respectfully disagrees. That a cited combination of references may, arguendo, “naturally yield” a given system does not exclude another system from being considered obvious to one skilled in the art. In this case, TEAL teaches the claimed limitations of intercepting network traffic with a local agent, and allowing or blocking network traffic at a firewall based on rules. In combination, AKELLA teaches the limitations of calculating static and dynamic risk and determining overall risk. There are no functional distinctions in either TEAL or AKELLA that would prevent these aspects from being used in combination. Whatever other system may also be considered obvious by combining aspects of the references in a different way is immaterial application of the rejection as presented in the previous office action. Examiner notes that additional arguments are directed to the alleged allowability of claims based on their dependency to already-argued claims, and will not be addressed. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1, 6, 8, 13, 15, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over TEAL (Doc ID US 20190081983 A1), and further in view of AKELLA et al (Doc ID US 11349863 B2) and BANSAL et al (Doc ID US 20210234860 A1). Regarding claim 1: TEAL teaches: intercepting all network traffic to and from the mobile device via an agent being installed on the mobile device configured to deploy a firewall on the mobile device ([0106] "... Other features that may be provided by a personal firewall may include … monitoring and regulation of incoming and outgoing network traffic …"); allowing or blocking, via the firewall deployed on the mobile device, all of the network traffic, or a portion of the network traffic based on the computed overall risk ([0106] "… The personal firewall may permit or deny communications based on a security policy. Personal firewalls may be designed for … protection for only the computer on which it's installed.") and wherein the agent installed locally on the mobile device applies the computed overall risk to enforce the firewall deployed on the mobile device ([0106] "The personal firewall may permit or deny communications based on a security policy." and [0108] "... The administration facility 134 may configure policy rules that determine interactions, such as developing ... rules for determining access ..., including authentication, ... risk assessment ..."), whereby only the network traffic, or the portion thereof, permitted by the firewall is transmitted from or received at the mobile device ([0106] "The personal firewall may permit or deny communications based on a security policy."). AKELLA teaches the following limitations not taught by TEAL: A non-transitory computer-readable medium storing computer-executable instructions, and in response to execution of an application on a mobile device, the computer-executable instructions cause the mobile device to perform the steps of (Col 4 lines 8-11 "These computer program instructions may also be stored in a computer-readable medium that can direct a computer ... to function in a particular manner …", col 5 lines7-11 "… computer system 114 ... can include ... mobile devices …", and Col 11 lines 42-45 "… computing system 114 includes communication manager 402, memory 404, … processor 410 …"): deriving a static risk profile of the mobile device based on one or more parameters (Col 6 lines 12-17 "Computing system 114 computes a first static risk score corresponding to ... computing device 102). A static risk score ... can be a measure corresponding to one or more static risk factors ...") determining a dynamic risk of the mobile device based on dynamic network flow attributes monitored locally on the mobile device by the agent (Col 6 lines 58-61 "Dynamic influences ... provide a basis for computing dynamic risk scores and dynamic risk factors from analyzed network communication."); computing, on the mobile device, an overall risk for the network traffic based on the static risk profile and the dynamic risk (Col 6 lines 61-63 "An overall risk associated with a computing device can be computed from a combination of an associated static risk and dynamic risk."); and Intercepting network traffic on a device with a locally installed agent and using a local firewall to allow or block network traffic based on received policies are known techniques in the art, as demonstrated by TEAL. Further, calculating static and dynamic risk to the device associated with network traffic and determining overall risk based on the static and dynamic risk are known techniques in the art, as demonstrated by AKELLA. It would have been obvious to a person having ordinary skill in the art (PHOSITA) before the effective filing date of the claimed invention to modify the local traffic interception and firewall of TEAL with the network traffic risk calculation of AKELLA with the motivation to offload the need to maintain an up-to-date repository of risk parameters to a third party service such as a cloud or remote server. It is obvious to seek a third-party security service which has more concentrated expertise in maintaining risk parameters for risk calculations. BANSAL ‘860 teaches the following limitations not taught by TEAL: determining, by the agent, whether the source application is vulnerable or whether a user of the mobile device is not authorized to use the source application ([0168] "… looking up received source application information in the malware repository 1224 to determine if the source application is safe or unsafe …"); and based on at least one of the determination that the source application is vulnerable or the determination that the user is not authorized to use the source application ([0176] "... The results will be used by the mobile user device to determine the next actions to take. ... The first result (or condition) is ALLOW; the second is DENY; and the third, CAUTION."), whereby network traffic originating from or destined to the source application is blocked regardless of changes in a destination Internet Protocol address used by the source application ([0170] "… if another mobile user device sends similar network traffic from the same source application, the cloud server 1204 can immediately detect the malware and issue a DENY response."), Identifying a malicious source application and blocking communication to that source application in response to it being malicious are known techniques in the art, as demonstrated by BANSAL ‘860. It would have been obvious to a PHOSITA before the effective filing date of the claimed invention to modify the network traffic risk calculation of TEAL and AKELLA with the source application assessment and blocking of BANSAL ‘860 with the motivation to enable the system to block any communication from an application rather than individual network packets each time they are received. Regarding claim 6: The combination of TEAL, AKELLA, and BANSAL ‘860 teaches: The non-transitory computer-readable medium of claim 1, wherein prior to the intercepting, the steps comprise: authenticating a user of the mobile device (BANSAL ‘860 [0179] "… In the embodiment shown in FIG. 23, ... waiting for a ... authenticated mobile user device) to request that a tunnel be opened …"); downloading configuration, policy, and traffic forwarding rules associated with the user (BANSAL ‘860 [0180] "... the process 1300 further includes … downloading configuration information, … policies, and traffic rules/policies …"); and allowing or blocking all of the network traffic, or a portion of the network traffic based on the configuration, policy, and traffic forwarding rules (BANSAL ‘860 [0181] "… The process 1300 further includes allowing the cloud server to ... identify potential ... policy violations, as indicated in block 1312." and [0182] "... if ... the analysis reveals ... network packets ... do not violate any network or enterprise rules/policies, the process 1300 include following the ALLOW path ...."). Authenticating a user prior to network access, acquiring configuration, policy, and traffic management data, and filtering traffic based on the user and data are known techniques in the art, as demonstrated by BANSAL ‘860. It would have been obvious to a PHOSITA before the effective filing date of the claimed invention to modify the network traffic risk calculation of TEAL, AKELLA, and BANSAL ‘860 with the user authentication and configuration method of BANSAL ‘860 with the motivation to not solely rely on risk analysis to determine network access. It is obvious to screen unauthorized users prior to allowing access, and likewise obvious to acquire configuration and policy data do that benign but prohibited network traffic may also be blocked. Regarding claims 8, 13, 15, and 19: These claims are rejected with the same justification, mutatis mutandis, as their counterpart claims 1 and 6 above. Claims 3, 5, 10, 12, and 17 are rejected under 35 U.S.C. 103 as being unpatentable over TEAL (Doc ID US 20190081983 A1), AKELLA et al (Doc ID US 11349863 B2), and BANSAL et al (Doc ID US 20210234860 A1) as applied to claims 1, 8, and 15 above, and further in view of BANSAL et al (Doc ID US 10225740 B2). Regarding claim 3: The combination of TEAL, AKELLA, and BANSAL ‘860 teaches: The non-transitory computer-readable medium of claim 1, BANSAL ‘740 teaches the following limitation not taught by the combination of TEAL, AKELLA, and BANSAL ‘860: wherein the parameters include geolocation (Col 3 lines 13-26 “... environment risk can include risk assessed by the cloud based security system based on geolocation ..."), network type, device posture (Col 2 lines 60-61 "... risk profiling thereof includes receiving posture data from the mobile device ..."), source application, and user risk profile (col 3 lines 13-26 "risk analysis can include ... application risk, ... user risk, and environment risk.”). Considering a variety of factors in a risk calculation is a known technique in the art, as demonstrated by BANSAL ‘740. It would have been obvious to a PHOSITA before the effective filing date of the claimed invention to modify the network traffic risk calculation of TEAL, AKELLA, and BANSAL ‘860 with the risk calculation parameters of BANSAL ‘740 with the motivation to sample a broad spectrum of factors when determining risk. It is obvious to consider such elements as location, device posture, and user risk in this calculation. Regarding claim 5: The combination of TEAL, AKELLA, and BANSAL ‘860 teaches: The non-transitory computer-readable medium of claim 1, BANSAL ‘740 teaches the following limitation not taught by the combination of TEAL, AKELLA, and BANSAL ‘860: wherein the dynamic network flow attributes are logged for reporting purposes (Col 7 line 67 to col 8 line 2 "Each of the logging nodes 140 may store data related to … network traffic processed by the processing nodes 110 for each external system."). Logging network traffic data for reporting is a known technique in the art, as demonstrated by BANSAL ‘740. It would have been obvious to a PHOSITA before the effective filing date of the claimed invention to modify the network traffic risk calculation of TEAL, AKELLA, and BANSAL ‘860 with the network data logs of BANSAL ‘740 with the motivation to retain network logs for later reports. It is obvious to maintain these logs so that administrators can examine it at a later time to troubleshoot problems or to conduct root cause analysis. Regarding claims 10, 12, and 17: These claims are rejected with the same justification, mutatis mutandis, as their counterpart claims 3 and 5 above. Claims 7, 14, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over TEAL (Doc ID US 20190081983 A1), AKELLA et al (Doc ID US 11349863 B2), and BANSAL et al (Doc ID US 20210234860 A1) as applied to claims 1, 8, and 15 above, and further in view of NEYSTADT et al (Doc ID US 20080244748 A1). Regarding claim 7: The combination of TEAL, AKELLA, and BANSAL ‘860 teaches: The non-transitory computer-readable medium of claim 1, NEYSTADT teaches the following limitation not taught by the combination of TEAL, AKELLA, and BANSAL ‘860: wherein the steps further comprise: consulting via the agent on the mobile device a cloud security system to derive the risk associated with the parameters ([0036] "… Security assessment criteria 220 may be received from ... a third party (for example, a local or remote service)."). Interacting with a remote third party for the purposes of risk calculation is a known technique in the art, as demonstrated by NEYSTADT. It would have been obvious to a PHOSITA before the effective filing date of the claimed invention to modify the network traffic risk calculation of TEAL, AKELLA, and BANSAL ‘860 with the remote security service of NEYSTADT with the motivation to offload the need to maintain an up-to-date repository of risk parameters to a third-party service such as a cloud or remote server. It is obvious to seek a third-party security service which has more concentrated expertise in maintaining risk parameters for risk calculations. Regarding claims 14 and 20: These claims are rejected with the same justification, mutatis mutandis, as their counterpart claim 7 above. Claim 21 is rejected under 35 U.S.C. 103 as being unpatentable over TEAL (Doc ID US 20190081983 A1), AKELLA et al (Doc ID US 11349863 B2), and BANSAL et al (Doc ID US 20210234860 A1) as applied to claim 1 above, and further in view of KUPPANNAN et al (Doc ID US 20200366648 A1). Regarding claim 21: The combination of TEAL, AKELLA, and BANSAL ‘860 teaches: The non-transitory computer-readable medium of claim 1, KUPPANNAN teaches the following limitations not taught by the combination of TEAL, AKELLA, and BANSAL ‘860: wherein, for each Domain Name System (DNS) query generated by the mobile device, the agent: records a mapping between the queried domain name and an Internet Protocol (IP) address returned in response to the DNS query ([0029] "The HNACS ... determines based on the intercepted DNS response, a mapping between the ... intercepted DNS query and an IP address corresponding to the hostname .... HNACS converts the hostnames into IP addresses."); and applies rules of the firewall to the network traffic addressed to the IP address based on the mapped domain name ([0029] "… ... thereby allowing the host-based firewall to implement the hostname based firewall policy …"). Mapping IP addresses to DNS queries and applying firewall rules to traffic involving the addresses are known techniques in the art, as demonstrated by KUPPANNAN. It would have been obvious to a PHOSITA before the effective filing date of the claimed invention to modify the network traffic risk calculation of TEAL, AKELLA, and BANSAL ‘860 with the DNS filtering of KUPPANNAN with the motivation to expand the use-cases of the system from IP addresses to DNS queries. It is obvious to include DNS queries as many connection attempts will begin with a user-entered host-name. It is obvious to include the DNS queries in a risk assessment of network traffic. Claim 22 is rejected under 35 U.S.C. 103 as being unpatentable over TEAL (Doc ID US 20190081983 A1), AKELLA et al (Doc ID US 11349863 B2), and BANSAL et al (Doc ID US 20210234860 A1) as applied to claim 1 above, and further in view of BEN-SHALOM et al (Doc ID US 20080159152 A1). Regarding claim 22: The combination of TEAL, AKELLA, and BANSAL ‘860 teaches: The non-transitory computer-readable medium of claim 1, BEN-SHALOM teaches the following limitations not taught by the combination of TEAL, AKELLA, and BANSAL ‘860: wherein the steps further comprise conditionally allowing, by the agent, a network flow of the intercepted network traffic for deception purposes while continuing to monitor the network flow and send a risk profile of the network flow to the cloud security system ([0014] "… intrusion prevention system 112 ... designed to analyze, detect and report on security related events …" and [0015] "… IPS 112 may be connected to a router 114 …. Router 114 may be configured to deliver both expected data packets as well as any suspicious and/or infected data packets that are allowed to pass through IPS 112."). Sometimes allowing certain network flows and providing reports on the traffic are known techniques in the art, as demonstrated by BEN-SHALOM. It would have been obvious to a PHOSITA before the effective filing date of the claimed invention to modify the network traffic risk calculation of TEAL, AKELLA, and BANSAL ‘860 with the conditionally allowed network flow and reporting of BEN-SHALOM with the motivation to assess suspicious flow further by monitoring its behavior once beyond the firewall. It is obvious to sometimes allow suspicious traffic and to report its presence when attempting to assess risk of network traffic. Claim 23 is rejected under 35 U.S.C. 103 as being unpatentable over TEAL (Doc ID US 20190081983 A1), AKELLA et al (Doc ID US 11349863 B2), and BANSAL et al (Doc ID US 20210234860 A1) as applied to claim 1 above, and further in view of CAPELLMAN (Doc ID US 20230281314 A1). Regarding claim 23: The combination of TEAL, AKELLA, and BANSAL ‘860 teaches: The non-transitory computer-readable medium of claim 1, CAPELLMAN teaches the following limitations not taught by the combination of TEAL, AKELLA, and BANSAL ‘860: wherein the agent installed on the mobile device is to re-evaluate the static risk profile and recompute the overall risk each time the mobile device experiences a change in network connectivity or after a periodic interval ([0011] "… The device data can include ... internet protocol (IP) addresses accessed at the client device, implemented security settings at the client device ..."" and [0040] ""... the risk score 142 can be periodically updated (e.g., recomputed) or can be updated based on certain types of events, such as a new network connection ...".). Examiner notes that the prior art does not explicitly categorize the evaluated factors into static and dynamic factors which are combined. Rather, factors identified in the specification of the instant application as being representative of static and dynamic factors are represented among the plurality of evaluated factors in the prior art. Occasionally reassessing risk after time has passed or there has been a network change is a known technique in the art, as demonstrated by CAPELLMAN. It would have been obvious to a PHOSITA before the effective filing date of the claimed invention to modify the network traffic risk calculation of TEAL, AKELLA, and BANSAL ‘860 with the risk profile reassessment of CAPELLMAN with the motivation to ensure that calculated risk profiles do not become “stale” over time so that they no longer are an accurate representation of the actual risk. It is obvious to periodically reassess risk present in an environment as dynamic as an online network environment. Claim 24 is rejected under 35 U.S.C. 103 as being unpatentable over TEAL (Doc ID US 20190081983 A1), AKELLA et al (Doc ID US 11349863 B2), and BANSAL et al (Doc ID US 20210234860 A1) as applied to claim 1 above, and further in view of CRISLER et al (Doc ID US 20160359900 A1). Regarding claim 24: The combination of TEAL, AKELLA, and BANSAL ‘860 teaches: The non-transitory computer-readable medium of claim 1, CRISLER teaches the following limitations not taught by the combination of TEAL, AKELLA, and BANSAL ‘860: wherein, for each network flow, the agent records a tuple comprising a client-application identifier, a source Internet Protocol (IP) address, a source port, a destination IP address, a destination port, a destination domain name, and a protocol, and wherein determining the dynamic risk comprises using the recorded tuple as the dynamic network flow attributes ([0033] "The network analyzer may then collect ... data attributes associated with the ... traffic so intercepted or log files so received′. The data attributes may include, for example, sources and destinations of the traffic (e.g., an Internet Protocol (IP) address or domain name), network port and network protocol identifiers associated with the traffic, ... and other suitable metadata ..." and [0035] "The network analyzer 102 may be configured to initiate a block or redirection of the intercepted traffic based on threats scores associated with the values of the data attributes."). Recording source and destination information for IP addresses and ports, domain information, and protocol information as part of collecting network flow information is a well-known technique in the art, as demonstrated by CRISLER. It would have been obvious to a PHOSITA before the effective filing date of the claimed invention to modify the network traffic risk calculation of TEAL, AKELLA, and BANSAL ‘860 with the network flow attributes of CRISLER with the motivation to use the most commonly used attributes of network data to determine a risk profile. Claim 25 is rejected under 35 U.S.C. 103 as being unpatentable over TEAL (Doc ID US 20190081983 A1), AKELLA et al (Doc ID US 11349863 B2), and BANSAL et al (Doc ID US 20210234860 A1) as applied to claim 1 above, and further in view of BASAVAPATNA et al (Doc ID US 20130097711 A1). Regarding claim 25: The combination of TEAL, AKELLA, and BANSAL ‘860 teaches: The non-transitory computer-readable medium of claim 1, BASAVAPATNA teaches the following limitations not taught by the combination of TEAL, AKELLA, and BANSAL ‘860: wherein the agent determines Wi-Fi security information for a wireless access network used by the mobile device and transmits the Wi-Fi security information to the cloud security system to enrich hotspot risk data ([0015] "... Pre-existing risk assessment data for the identified particular wireless access point can be generated in connection with at least one previous encounter ... by an endpoint device. The previous encounter with the particular wireless access point may have been made, for example, by an endpoint device other than the particular endpoint device."), and wherein the agent derives the static risk profile based at least in part on hotspot risk data obtained from the cloud security system ([0013] "The wireless access point risk assessor ... can receive a query from a particular endpoint device identifying a particular wireless access point ... and send query result data ... characterizing pre-assessed risk associated with the particular wireless access point. ... the system can ... calculate a risk profile for the particular endpoint device based on a set of device attributes including risk associated with wireless access points accessed by the particular endpoint device."). Utilizing Wi-Fi “hotspot” (access point) information to inform a central repository and to formulate risk profiles is a well-known technique in the art, as demonstrated by BASAVAPATNA. It would have been obvious to a PHOSITA before the effective filing date of the claimed invention to modify the network traffic risk calculation of TEAL, AKELLA, and BANSAL ‘860 with the Wi-Fi access point security information of BASAVAPATNA with the motivation to include the point from which a device is accessing the network as a consideration in the static (and by extension, overall) risk profile of the device. Claim 26 is rejected under 35 U.S.C. 103 as being unpatentable over TEAL (Doc ID US 20190081983 A1), AKELLA et al (Doc ID US 11349863 B2), and BANSAL et al (Doc ID US 20210234860 A1) as applied to claim 1 above, and further in view of ZAMIR et al (Doc ID US 20240143737 A1). Regarding claim 26: The combination of TEAL, AKELLA, and BANSAL ‘860 teaches: The non-transitory computer-readable medium of claim 1, ZAMIR teaches the following limitations not taught by the combination of TEAL, AKELLA, and BANSAL ‘860: wherein the steps further comprise logging, by the agent, network flows of the intercepted network traffic and transmitting the logged network flows from the mobile device to a preconfigured Security Information and Event Management cloud system for reporting purposes ([0022] "In addition to providing the network data 124 to the analytics 108, … the collector 114 also provides the network data 124 to a security information and event management (SIEM) …"). Sending captured network traffic data as log data to a Security Information and Event Management (SIEM) system is a known technique in the art, as demonstrated by ZAMIR. It would have been obvious to a PHOSITA before the effective filing date of the claimed invention to modify the network traffic risk calculation of TEAL, AKELLA, and BANSAL ‘860 with the SIEM log upload of ZAMIR with the motivation maintain a log of the analyzed network data for future manual analysis by security or IT professionals, or to diagnose the system. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. NELLEN (Doc ID US 20190141015 A1) teaches a decentralized, zero-trust firewall similar to that in the instant application. However, it is based around protecting an individual user device, and not for protecting a networked system against other user devices. Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRANDON BINCZAK whose telephone number is (703)756-4528. The examiner can normally be reached M-F 0800-1700. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Alexander Lagor can be reached on (571) 270-5143. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /BB/Examiner, Art Unit 2437 /ALEXANDER LAGOR/Supervisory Patent Examiner, Art Unit 2437
Read full office action

Prosecution Timeline

Show 9 earlier events
Aug 19, 2025
Final Rejection mailed — §103
Oct 14, 2025
Response after Non-Final Action
Nov 18, 2025
Request for Continued Examination
Nov 23, 2025
Response after Non-Final Action
Dec 17, 2025
Non-Final Rejection mailed — §103
Mar 16, 2026
Response Filed
Apr 20, 2026
Final Rejection mailed — §103
Jun 19, 2026
Response after Non-Final Action

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12634133
COMPUTING SYSTEMS AND METHODS FOR PROTECTING APPLICATION PROGRAMMING INTERFACES WITH TWO-FACTOR AUTHENTICATION
3y 4m to grant Granted May 19, 2026
Patent 12470534
PARTIAL POOL CREDENTIALLING AUTHENTICATION SYSTEM
2y 6m to grant Granted Nov 11, 2025
Patent 12452224
IMAGE DISPLAY DEVICE AND SYSTEM, AND OPERATION METHOD FOR SAME
2y 11m to grant Granted Oct 21, 2025
Patent 12425867
REGISTRATION AND SECURITY ENHANCEMENTS FOR A WTRU WITH MULTIPLE USIMS
3y 7m to grant Granted Sep 23, 2025
Patent 12417283
IOT ADAPTIVE THREAT PREVENTION
3y 9m to grant Granted Sep 16, 2025
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

6-7
Expected OA Rounds
39%
Grant Probability
72%
With Interview (+33.4%)
3y 1m (~0m remaining)
Median Time to Grant
High
PTA Risk
Based on 64 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month