EFFICIENT AND SECURE AUTHENTICATION SYSTEM AND METHOD

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Status of Claims Claims 1-20 are pending, of which claims 16-20 are withdrawn. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1-2, 4, 6-13, 15 is/are rejected under 35 U.S.C. 103 as being unpatentable over Maiorana et al (US 11,356,472), and further in view of Basson et al (PGPUB 2021/0203651). Regarding Claim 1: Maiorana teaches a method, comprising: transmitting, by a resource provider computer, interaction history information comprising at least a plurality of addresses to a server computer ([col 6 line 23-47] login-processing system 106 transmits login-attempt event records 120 to the log-management system 108; data that could be included in one or more of the login-attempt event records 120 includes data items that are received by the login-processing system 106 in the respective login requests 116; these data items could include fields such as source IP address, username, user agent string, nonce value, and/or other request-header information); receiving, by the resource provider computer, a challenge summary, wherein the challenge summary associates each address of the plurality of addresses to a challenge rate from a range of challenge rates ([col 5 line 13-32] login-processing system 106 combined with threat detection system 102; [col 12 line 5-21] geotargeting preprocessing service 402 receives the login-attempt event-record updates 130, conducts some preprocessing that is further described below, and outputs what is referred to herein as geotargeting-model input data 404 to the geotargeting machine-learning model 406; [col 21 line 23-col 22 line 27] double-ended arrows between the IP-address column 702 and a record-index column 704 similarly indicate that a source IP address in a given row is associated with an arbitrary index value in the record-index column 704 and with aggregated feature values in a system-failure-rate column 706, a country-failure-rate column 708, a region-failure-rate column 710, a city-failure-rate column 712, an IP-address-failure-rate column 714, a total-logins column 716, an in-United-States column 718, an activity-error column 720, and a username-count column 722); determining, by the resource provider computer, a challenge rate threshold based on the challenge summary ([col 22 line 4-27] the geotargeting machine-learning model 406 takes a given row in the geotargeting-model input data 404 as input; in particular, the geotargeting machine-learning model 406 takes as input a vector that includes the numerical values from the feature columns 706-722. Every classifier (i.e., decision tree) in the ensemble (i.e., the distributed random forest) makes a classification of either blacklisted or allowed and accordingly casts its respective vote; for a given vector that corresponds with a given source IP address, then, the geotargeting machine-learning model 406 outputs a respective one of its geotargeting-model assessments 408; in some embodiments, the geotargeting-model assessments 408 are numerical values (e.g., values between 0-1) that reflect the fraction of trees that classified the vector as blacklisted, effectively voting to blacklist the associated source IP address. In other embodiments, the geotargeting-model assessments 408 are simple classifications: either blacklisted or allowed, depending on whether or not more than a threshold percentage (e.g., 50%, 54%, etc.) classified as blacklisted); interacting, by the resource provider computer, with a user utilizing at least an address from the plurality of addresses ([col 5 line 50-67] individual client systems 114 submit login requests 116 via the data network 112 to the login-processing system 106; [col 6 line 23-47] data items that are received by the login-processing system 106 in the respective login requests 116; these data items could include fields such as source IP address); determining, by the resource provider computer, if the challenge rate associated with the address exceeds the challenge rate threshold ([col 11 line 8-34] These models could assess login-failure rates over these different time frames, and flag instances in which a login-failure rate during any such time frame exceeds a baseline amount by a threshold number; [col 22 line 60-col 23 line 7] the threat-detection system 102 classifies, using the geotargeting machine-learning model 406, each of a plurality of source IP addresses as either blacklisted or allowed; the classifying of operation 802 is performed based on a set of aggregated geotargeting-model features 502 that correspond to login attempts from the source IP addresses that are being classified; [col 23 line 8-20] the geotargeting-model features 502 includes, in association with each respective source IP address, a geographical login-attempt failure rate of login attempts to the system from each of one or more geographical areas, where each such geographical area corresponds to the respective source IP address; as an example, the geotargeting-model features 502 could include a country login-attempt failure rate, a region login-attempt failure rate, and a city login-attempt failure rate for location associated with the corresponding source IP address); performing, by the resource provider computer, an authentication of the user if the challenge rate associated with the address does not exceed the challenge rate threshold ([col 23 line 31-41] the system to which login attempts are directed (via, e.g., the login-processing system 106) is configured to disallow login attempts from any source IP addresses on the system blacklist 320; i.e. login attempts from source IP addresses not on the system blacklist will be performed); and then initiating, by the resource provider computer, an authorization process of the interaction with the user ([col 5 line 50-67] after processing the login requests 116, the login-processing system 106 transmits login responses 118 via the data network 112 to the client systems 114; the login responses 118 could be login-granted responses, login-denied responses, or further-processing responses, as examples; an example of a further-processing response could be a request to answer one or more security questions, a request to enter a one-time password (e.g., numerical code) that is texted to a user's mobile device and/or e-mailed to a user's e-mail address, a request to enter a code from an authenticator app, and/or the like; such further-processing responses are examples of supplementary authentication protocols that are often referred to as falling under the rubric of two-factor authentication (2FA)). Maiorana does not explicitly teach receiving, by the resource provider computer, a challenge summary from the server computer. However, Basson teaches the concept of receiving, by a resource provider computer, a challenge summary from a server computer ([0022] computing environment 100 includes a client device 110, a model training system 120, an application server 130, a plurality of remote resources 140, and a login attempt data store 150; [0026] to generate the first model used to predict a maximum number of login attempts that corresponds to legitimate activity (hereinafter a “number of login attempts predictive model”), fraud detection model generator 122 can generate a first training data set including information about a number of login attempts associated with an application user account for the application hosted on application server 120 associated with a label indicating whether the application user account is associated with legitimate or fraudulent activity; to generate the training data set, fraud detection model generator 122 can retrieve historical login activity from login attempt data store 140 that includes a plurality of login records; [0080] Storage 510 is representative of a non-volatile memory, such as a disk drive, solid state drive, or a collection of storage devices distributed across multiple storage systems; although shown as a single unit, the storage 510 may be a combination of fixed and/or removable storage devices, such as fixed disc drives, removable memory cards or optical storage, network attached storage (NAS), or a storage area-network (SAN); storage 510, as illustrated, may include a login attempt data store 550; login attempt data store 550 generally represents a data repository in which historical user activity and information about fraudulent activity may be stored; as discussed, fraud detection model generator 520 can use the information included in login attempt data store 550 to generate the training data sets used to train the first and second predictive models for identifying a maximum number of login attempts and a maximum distance between usernames in successive requests corresponding to legitimate activity, respectively). It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the remote storage of challenge statistic teachings of Basson with the challenge-rate based authentication teachings of Maiorana, in order to provide the benefits of network attached storage systems, which allow storage and retrieval access to many devices connected to the same network, thereby creating a distributed architecture which improves efficiency, reliability, ease of access, and load balancing. Regarding Claim 2: Maiorana in view of Basson teaches the method of claim 1. In addition, Maiorana teaches wherein if the challenge rate associated with the address does exceed the challenge rate threshold, the authentication of the user is not performed ([col 11 line 8-34] these models could assess login-failure rates over these different time frames, and flag instances in which a login-failure rate during any such time frame exceeds a baseline amount by a threshold number; [col 22 line 60-col 23 line 7] the threat-detection system 102 classifies, using the geotargeting machine-learning model 406, each of a plurality of source IP addresses as either blacklisted or allowed; the classifying of operation 802 is performed based on a set of aggregated geotargeting-model features 502 that correspond to login attempts from the source IP addresses that are being classified; [col 23 line 8-20] the geotargeting-model features 502 includes, in association with each respective source IP address, a geographical login-attempt failure rate of login attempts to the system from each of one or more geographical areas, where each such geographical area corresponds to the respective source IP address. As an example, the geotargeting-model features 502 could include a country login-attempt failure rate, a region login-attempt failure rate, and a city login-attempt failure rate for location associated with the corresponding source IP address; [col 23 line 31-41] the system to which login attempts are directed (via, e.g., the login-processing system 106) is configured to disallow login attempts from any source IP addresses on the system blacklist 320). Regarding Claim 4: Maiorana in view of Basson teaches the method of claim 1. In addition, Basson teaches wherein the interacting with the user includes receiving an access request for a resource associated with the resource provider computer ([abstract] method generally includes receiving a request to connect an application to a remote service). The rationale to combine Maiorana and Basson is the same as provided for claim 1 due to the overlapping subject matter between claims 1 and 4. Regarding Claim 6: Maiorana in view of Basson teaches the method of claim 5. In addition, Maiorana teaches wherein the method is managed by a plug-in integrated in the resource provider computer ([col 5 line 13-32] in some embodiments, the “system” to which login attempts are being directed could refer to a combination of the threat-detection system 102 and the login-processing system 106, or to a combination of all of the entities in the enterprise system; in some embodiments, the threat-detection system 102 and the login-processing system 106 are different functional parts that are both implemented by a single component (e.g., a server); in other embodiments, those two entities are realized in or as physically separate entities (e.g., servers)). Regarding Claim 7: Maiorana in view of Basson teaches the method of claim 1. In addition, Maiorana teaches wherein the plurality of addresses comprise internet protocol (IP) addresses ([col 6 line 23-47] example data that could be included in one or more of the login-attempt event records 120 includes data items that are received by the login-processing system 106 in the respective login requests 116; these data items could include fields such as source IP address). Regarding Claim 8: Maiorana in view of Basson teaches the method of claim 1. In addition, Maiorana teaches wherein the challenge summary includes interaction volumes and authorization volumes associated with the plurality of addresses ([col 18 line 10-col 19 line 17] total-logins column 616 could include numerical values that reflect, in the training data, the total number of login attempts from that particular corresponding source IP address; this could be a raw number (e.g., integer) or could be normalized to a 0-to-1 scale, among other options; the inclusion of both the IP-address-failure-rate column 614 and the total-logins column 616 could reflect that, not only is the failure rate of a given source IP address informative, but so is the magnitude of the number of login attempts being made from that source IP address). Regarding Claim 9: Maiorana in view of Basson teaches the method of claim 1. In addition, Maiorana teaches wherein initiating the authorization process comprises transmitting an authorization request message to an authorizing entity associated with the address ([col 5 line 50-67] individual client systems 114 submit login requests 116 via the data network 112 to the login-processing system 106). Regarding Claim 10: Maiorana in view of Basson teaches the method of claim 1. In addition, Basson teaches wherein initiating the authorization process comprises transmitting an authorization request message to an authorizing entity associated with the address via a transport computer ([0046] a system receives a request to connect a software application with a remote resource using a first set of credentials; [0049] the system attempts to authenticate with the remote service using the first set of credentials). The rationale to combine Maiorana and Basson is the same as provided for claim 1 due to the overlapping subject matter between claims 1 and 10. Regarding Claim 11: Maiorana in view of Basson teaches the method of claim 1. In addition, Basson teaches wherein performing the authentication of the user comprises: transmitting an authentication request message to an authorizing entity computer via the server computer ([0046] a system receives a request to connect a software application with a remote resource using a first set of credentials; [0049] the system attempts to authenticate with the remote service using the first set of credentials). The rationale to combine Maiorana and Basson is the same as provided for claim 1 due to the overlapping subject matter between claims 1 and 11. Regarding Claim 12: Maiorana in view of Basson teaches the method of claim 11. In addition, Maiorana teaches wherein the authorizing entity transmits a request for a secret from a user device operated by the user ([col 5 line 50-67] the login responses 118 could be login-granted responses, login-denied responses, or further-processing responses, as examples; an example of a further-processing response could be a request to answer one or more security questions, a request to enter a one-time password (e.g., numerical code) that is texted to a user's mobile device and/or e-mailed to a user's e-mail address, a request to enter a code from an authenticator app, and/or the like; such further-processing responses are examples of supplementary authentication protocols that are often referred to as falling under the rubric of two-factor authentication (2FA)). Regarding Claim 13: Maiorana in view of Basson teaches the method of claim 1. In addition, Maiorana teaches wherein the method includes not performing, by the resource provider computer, the authentication of the user if the challenge rate associated with the address does exceed the challenge rate threshold ([col 11 line 8-34] these models could assess login-failure rates over these different time frames, and flag instances in which a login-failure rate during any such time frame exceeds a baseline amount by a threshold number; [col 22 line 60-col 23 line 7] the threat-detection system 102 classifies, using the geotargeting machine-learning model 406, each of a plurality of source IP addresses as either blacklisted or allowed; the classifying of operation 802 is performed based on a set of aggregated geotargeting-model features 502 that correspond to login attempts from the source IP addresses that are being classified; [col 23 line 8-20] the geotargeting-model features 502 includes, in association with each respective source IP address, a geographical login-attempt failure rate of login attempts to the system from each of one or more geographical areas, where each such geographical area corresponds to the respective source IP address. As an example, the geotargeting-model features 502 could include a country login-attempt failure rate, a region login-attempt failure rate, and a city login-attempt failure rate for location associated with the corresponding source IP address; [col 23 line 31-41] the system to which login attempts are directed (via, e.g., the login-processing system 106) is configured to disallow login attempts from any source IP addresses on the system blacklist 320). Regarding Claim 15: Maiorana teaches a server computer comprising: a memory configured to store computer-executable instructions ([col 3 line 5-14], data storage containing instructions executable by the at least one processor); and a processor in communication with the memory configured to execute the computer-executable instructions to at least ([col 3 line 5-14], data storage containing instructions executable by the at least one processor): transmit interaction history information comprising at least a plurality of addresses to a computer ([col 6 line 23-47] login-processing system 106 transmits login-attempt event records 120 to the log-management system 108; data that could be included in one or more of the login-attempt event records 120 includes data items that are received by the login-processing system 106 in the respective login requests 116; these data items could include fields such as source IP address, username, user agent string, nonce value, and/or other request-header information); receive a challenge summary, wherein the challenge summary associates each address of the plurality of addresses to a challenge rate from a range of challenge rates ([col 5 line 13-32] login-processing system 106 combined with threat detection system 102; [col 12 line 5-21] geotargeting preprocessing service 402 receives the login-attempt event-record updates 130, conducts some preprocessing that is further described below, and outputs what is referred to herein as geotargeting-model input data 404 to the geotargeting machine-learning model 406; [col 21 line 23-col 22 line 27] double-ended arrows between the IP-address column 702 and a record-index column 704 similarly indicate that a source IP address in a given row is associated with an arbitrary index value in the record-index column 704 and with aggregated feature values in a system-failure-rate column 706, a country-failure-rate column 708, a region-failure-rate column 710, a city-failure-rate column 712, an IP-address-failure-rate column 714, a total-logins column 716, an in-United-States column 718, an activity-error column 720, and a username-count column 722); determine a challenge rate threshold based on the challenge summary ([col 22 line 4-27] the geotargeting machine-learning model 406 takes a given row in the geotargeting-model input data 404 as input; in particular, the geotargeting machine-learning model 406 takes as input a vector that includes the numerical values from the feature columns 706-722. Every classifier (i.e., decision tree) in the ensemble (i.e., the distributed random forest) makes a classification of either blacklisted or allowed and accordingly casts its respective vote; for a given vector that corresponds with a given source IP address, then, the geotargeting machine-learning model 406 outputs a respective one of its geotargeting-model assessments 408; in some embodiments, the geotargeting-model assessments 408 are numerical values (e.g., values between 0-1) that reflect the fraction of trees that classified the vector as blacklisted, effectively voting to blacklist the associated source IP address. In other embodiments, the geotargeting-model assessments 408 are simple classifications: either blacklisted or allowed, depending on whether or not more than a threshold percentage (e.g., 50%, 54%, etc.) classified as blacklisted); interact with a user utilizing at least an address from the plurality of addresses ([col 5 line 50-67] individual client systems 114 submit login requests 116 via the data network 112 to the login-processing system 106; [col 6 line 23-47] data items that are received by the login-processing system 106 in the respective login requests 116; these data items could include fields such as source IP address); determine if the challenge rate associated with the address exceeds the challenge rate threshold ([col 11 line 8-34] These models could assess login-failure rates over these different time frames, and flag instances in which a login-failure rate during any such time frame exceeds a baseline amount by a threshold number; [col 22 line 60-col 23 line 7] the threat-detection system 102 classifies, using the geotargeting machine-learning model 406, each of a plurality of source IP addresses as either blacklisted or allowed; the classifying of operation 802 is performed based on a set of aggregated geotargeting-model features 502 that correspond to login attempts from the source IP addresses that are being classified; [col 23 line 8-20] the geotargeting-model features 502 includes, in association with each respective source IP address, a geographical login-attempt failure rate of login attempts to the system from each of one or more geographical areas, where each such geographical area corresponds to the respective source IP address; as an example, the geotargeting-model features 502 could include a country login-attempt failure rate, a region login-attempt failure rate, and a city login-attempt failure rate for location associated with the corresponding source IP address); perform an authentication of the user if the challenge rate associated with the address does not exceed the challenge rate threshold ([col 23 line 31-41] the system to which login attempts are directed (via, e.g., the login-processing system 106) is configured to disallow login attempts from any source IP addresses on the system blacklist 320; i.e. login attempts from source IP addresses not on the system blacklist will be performed); and then initiate an authorization process of the interaction with the user ([col 5 line 50-67] after processing the login requests 116, the login-processing system 106 transmits login responses 118 via the data network 112 to the client systems 114; the login responses 118 could be login-granted responses, login-denied responses, or further-processing responses, as examples; an example of a further-processing response could be a request to answer one or more security questions, a request to enter a one-time password (e.g., numerical code) that is texted to a user's mobile device and/or e-mailed to a user's e-mail address, a request to enter a code from an authenticator app, and/or the like; such further-processing responses are examples of supplementary authentication protocols that are often referred to as falling under the rubric of two-factor authentication (2FA)). Maiorana does not explicitly teach receiving a challenge summary from the computer. However, Basson teaches the concept of receiving a challenge summary from a computer ([0022] computing environment 100 includes a client device 110, a model training system 120, an application server 130, a plurality of remote resources 140, and a login attempt data store 150; [0026] to generate the first model used to predict a maximum number of login attempts that corresponds to legitimate activity (hereinafter a “number of login attempts predictive model”), fraud detection model generator 122 can generate a first training data set including information about a number of login attempts associated with an application user account for the application hosted on application server 120 associated with a label indicating whether the application user account is associated with legitimate or fraudulent activity; to generate the training data set, fraud detection model generator 122 can retrieve historical login activity from login attempt data store 140 that includes a plurality of login records; [0080] Storage 510 is representative of a non-volatile memory, such as a disk drive, solid state drive, or a collection of storage devices distributed across multiple storage systems; although shown as a single unit, the storage 510 may be a combination of fixed and/or removable storage devices, such as fixed disc drives, removable memory cards or optical storage, network attached storage (NAS), or a storage area-network (SAN); storage 510, as illustrated, may include a login attempt data store 550; login attempt data store 550 generally represents a data repository in which historical user activity and information about fraudulent activity may be stored; as discussed, fraud detection model generator 520 can use the information included in login attempt data store 550 to generate the training data sets used to train the first and second predictive models for identifying a maximum number of login attempts and a maximum distance between usernames in successive requests corresponding to legitimate activity, respectively). It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the remote storage of challenge statistic teachings of Basson with the challenge-rate based authentication teachings of Maiorana, in order to provide the benefits of network attached storage systems, which allow storage and retrieval access to many devices connected to the same network, thereby creating a distributed architecture which improves efficiency, reliability, ease of access, and load balancing. Claim(s) 3 is/are rejected under 35 U.S.C. 103 as being unpatentable over Maiorana in view of Basson, and further in view of Yadav et al (PGPUB 2016/0080502). Regarding Claim 3: Maiorana in view of Basson teaches the method of claim 1. Neither Maiorana nor Basson explicitly teaches wherein the server computer is a directory server comprising a routing table. However, Yadav teaches the concept wherein a server computer is a directory server comprising a routing table ([0101] active directory (AD) servers; [0346] routing tables at each device). It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the directory server and routing tables teachings of Yadav with the challenge-rate based authentication teachings of Maiorana in view of Basson. Use of Active Directory servers as a means of controlling identity and authentication, as well as use of routing tables to control network traffic, are both well-known in the art. A person of ordinary skill in the art would have been motivated to incorporate well-known technology to solve common problems of routing and authentication in order to benefit from industry standards and proven technology to provide a system that is efficient, easier to implement, and well-understood by personnel responsible for implementation. Claim(s) 5 is/are rejected under 35 U.S.C. 103 as being unpatentable over Maiorana in view of Basson, and further in view of Yadav et al (PGPUB 2020/0120144), hereinafter Yadav 2. Regarding Claim 5: Maiorana in view of Basson teaches the method of claim 1. Neither Maiorana nor Basson explicitly teaches wherein the plurality of addresses comprise institution identifiers. However, Yadav 2 teaches the concept wherein a plurality of addresses comprise institution identifiers ([0036] the identifier 114 may include one or more attributes related to the user 140 of the user device 110, such as personal information related to the user (e.g., one or more user names, passwords, photograph images, biometric IDs, addresses, phone numbers, social security number, etc.) and banking information and/or funding sources (e.g., one or more banking institutions, credit card issuers, user account numbers, security data and information, etc.); in various implementations, the identifier 114 may be passed with a request (e.g., a user login request, a payment transaction request, etc.) to the service provider server 130 via the network 160, and the identifier 114 may be used by the service provider server 130 to associate the user with a particular user account maintained by the service provider server 130). It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the institution identifiers of Yadav 2 with the challenge-rate based authentication teachings of Maiorana in view of Basson, in order to improve security and compatibility by incorporating further identification factors for use in an authentication/authorization system, thereby increasing the certainty that a user requesting login is authentic, reducing the risk of false positives or unauthorized access. Claim(s) 14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Maiorana in view of Basson, and further in view of Dee (US 11,271,933). Regarding Claim 14: Maiorana in view of Basson teaches the method of claim 1. In addition, Basson teaches wherein performing the authentication of the user comprises: transmitting an authentication request message to an authorizing entity computer via the server computer ([0046] a system receives a request to connect a software application with a remote resource using a first set of credentials; [0049] the system attempts to authenticate with the remote service using the first set of credentials). The rationale to combine Maiorana and Basson is the same as provided for claim 1 due to the overlapping subject matter between claims 1 and 14. Neither Maiorana nor Basson explicitly teaches receiving an authentication response message from the authorizing entity computer via the server computer. However, Dee teaches the concept of receiving an authentication response message from the authorizing entity computer via the server computer ([col 7 line 28-46] with reference to Fig. 2, during the authentication challenge execution phase 220, the issuer system 170 may receive a challenge request and may request the consumer 105 to provide consumer credentials; the issuer system 170 may then transmit a result request to the security server 160A by way of the directory server 160B, and receive a result response from the security server 160A; thereafter, during the payment authorization phase 222, the issuer system 170 may provide a challenge response to HAS 10 and may complete the payment transaction). It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the authentication response message teachings of Dee with the challenge-rate based authentication teachings of Maiorana in view of Basson, in order to provide confirmation from an authorizing entity to a requestor that an authentication had passed or failed, thereby allowing the requestor to perform the necessary security response, such as executing or denying a login, transaction, file access, etc. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to FORREST L CAREY whose telephone number is (571)270-7814. The examiner can normally be reached 9:00AM-5:30PM M-F. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Amir Mehrmanesh can be reached at (571) 270-3351. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /FORREST L CAREY/Examiner, Art Unit 2491 /AMIR MEHRMANESH/Supervisory Patent Examiner, Art Unit 2491