Prosecution Insights
Browse Companies Examiners Firms Draft Your Response
Office ActionsFastly Inc. › 18165135
Last updated: April 19, 2026
Application No. 18/165,135

PROBABILISTIC DATA STRUCTURE FOR MANAGING TOKENS

Non-Final OA §103§112
Filed
Feb 06, 2023
Examiner
AYALA, KEVIN ALEXIS
Art Unit
2496
Tech Center
2400 — Computer Networks
Assignee
Fastly Inc.
OA Round
3 (Non-Final)
64%
Grant Probability
Moderate
3-4
OA Rounds
3y 4m
To Grant
96%
With Interview

This examiner grants 64% of cases after interview

+31.8% interview lift. A telephonic interview to clarify the technical implementation could significantly improve the outcome.
Based on 164 resolved cases, 2023–2026

Examiner Intelligence

AYALA, KEVIN ALEXIS View full profile →
Grants 64% of resolved cases
64%
Career Allow Rate
105 granted / 164 resolved
+6.0% vs TC avg
Strong +32% interview lift
Without
With
+31.8%
Interview Lift
resolved cases with interview
Typical timeline
3y 4m
Avg Prosecution
35 currently pending
Career history
199
Total Applications
across all art units

Statute-Specific Performance

§101
11.6%
-28.4% vs TC avg
§103
53.2%
+13.2% vs TC avg
§102
6.7%
-33.3% vs TC avg
§112
23.9%
-16.1% vs TC avg
Black line = Tech Center average estimate • Based on career data from 164 resolved cases

Office Action

§103 §112
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Continued Examination Under 37 CFR 1.114 A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 12/16/2025 has been entered. Response to Arguments In response to the specification, filed 12/16/2025 on page 7 of the remarks, applications indicates that the abstract replaces the claim language disclosure. However, the abstract contains another language that should be avoided such as “described”. In response to 35 USC 112(b), filed 12/16/2025 on pages 7-8 of the remarks, the 35 USC 112(b) has been withdrawn in light of claim amendment. In response to 35 USC 103, filed 12/16/2025, for independent claims 1, 11 and 17 along with their respective dependent claims. Applicant argues that the prior arts does not teach determining whether the current token resides at a location of a data structure used to store tokens associated with the hash value. Applicant’s argument have been considered but are moot, because the newly recited amendment does not rely on the newly recited reference being applied to the prior rejection of record or any teaching or matter specifically challenged in the argument. Specification The abstract of the disclosure is objected to because the abstract recites “described”, these are phrases that should be avoided. A corrected abstract of the disclosure is required and must be presented on a separate sheet, apart from any other text. See MPEP § 608.01(b). Applicant is reminded of the proper language and format for an abstract of the disclosure. The abstract should be in narrative form and generally limited to a single paragraph on a separate sheet within the range of 50 to 150 words in length. The abstract should describe the disclosure sufficiently to assist readers in deciding whether there is a need for consulting the full patent text for details. The language should be clear and concise and should not repeat information given in the title. It should avoid using phrases which can be implied, such as, “The disclosure concerns,” “The disclosure defined by this invention,” “The disclosure describes,” etc. In addition, the form and legal phraseology often used in patent claims, such as “means” and “said,” should be avoided. Claim Rejections - 35 USC § 112 The following is a quotation of the first paragraph of 35 U.S.C. 112(a): (a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention. The following is a quotation of the first paragraph of pre-AIA 35 U.S.C. 112: The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention. Claims 1-20 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA 35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention. Re. claims 1, 11 and 17; the claims recites “in response to determining that the current token does not reside at the location, attempting to authenticate the client device using the current token”. The specification does not have support of in response to determining that the current token does not reside at the location, attempting to authenticate the client device using the current token. The specification in paragraph [0052] recites “The proxy server can determine whether the token exists (503) in the data structure based on the location associated with the hash value. If the token does exist at the location, the proxy server can reject the content request and report abuse (i.e., invalid use of a token or redundant use of a token) (504). If the token does not exist at the location associated with the hash value, the proxy server must next determine whether a different token exists at that location (505). Again, if yes, the proxy server can reject the content request (506) due to a collision in the location. If the location is instead empty, the proxy server can store the token provided by the client device in the location associated with the hash value (507)” and in [0036] recites “he proxy server can find that the token already exists at the location. If the token already exists, the proxy server can determine that the token is old (e.g., by identifying a timestamp of recordation at the location) or was previously used by the same or another client device, and it can reject the request for content. The proxy server can send a notification of rejection to the client device and request that the client device attempt to re-authenticate before content can be transmitted”. The specification does not indicate “in response to determining that the current token does not reside at the location, attempting to authenticate the client device using the current token”. Claims 2-10, 12-16 and 18-20 fall together accordingly as they do not cure the deficiencies of the independent claims. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-2, 4-5, 7, 9-12, and 14-19 are rejected under 35 U.S.C. 103 as being unpatentable over Knecht et al. (US 20170359432, hereinafter Knecht) in view of Rafsky et al. (US 20180203916 hereinafter Rafsky). Re. claim 1, Knecht discloses a method of operating a proxy server, the method comprising: receiving a request for content from a client device, wherein the request includes a current token (Knecht disclose a user at the client device 110 may request access to secured accounts [0015]. The server 120 receives an initial HTTP request 310 for a resource where the request includes a first location of the resource “/login” at the domain www.example.com. The request includes a cryptographic token [0059]). Knecht does not explicitly teach but Rafsky teaches producing a hash value based at least on the current token (Rafsky teaches MIMOSA may insert the assigned cluster ID value c.sub.i into H as a hash value under each of the MI tokens n.sub.i∘t.sub.iq as hash keys, where t.sub.iq∈L.sub.n.sub.i. In other words, MIMOSA effects the cluster assignment by storing values into the hash table [0326], hash value of the token); determining whether the current token resides at a location of a data structure used to store tokens associated with the hash value; and in response to determining that the current token does not reside at the location, attempting to authenticate the client device using the current token (Rafsky teaches MIMOSA may determine whether a token is present or absent by checking whether the hash table in memory contains a marker stored for the token [0073]. If the list of tokens from the data item that are present is empty, the data item is not similar to the other received data items, and the membership function may determine that it does not belong to any existing similarity cluster, the membership function may generate and return a new identifier [0076]. If no such existing token were found in the hash table, then it would be determined that D-G-H-R-T can start a new cluster [0083][0085][0223]. Obtain from the marker value an assigned cluster identifier for the data item 210 corresponding to the marked token [0249-0250][0015] Table 2, hash table determining if the token is in the table. If not then start a new cluster, cluster containing data item). Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to modify the method and system disclosed by Knecht to include producing a hash value based at least on the current token; determining whether the current token resides at a location used to store tokens associated with the hash value; and in response to determining that the current token does not reside at the location, attempting to authenticate the client device using the current token as disclosed by Rafsky. One of ordinary skill in the art would have been motivated for the purpose of error-free retrieval to be executed on computers at scales qualitatively larger and speeds qualitatively faster. Improve performance of storage or retrieval operations on cluster data (Rafsky [0094] and [0294]). Re. claim 2, Knecht-Rafsky teach the method of claim 1, Rafsky further teaches in response to successfully attempting to authenticate the client device using the current token, obtaining the content from a destination server and sending the content to the client device (Rafsky teaches MIMOSA may determine whether a token is present or absent by checking whether the hash table in memory contains a marker stored for the token [0073]. If the list of tokens from the data item that are present is empty, the data item is not similar to the other received data items, and the membership function may determine that it does not belong to any existing similarity cluster, the membership function may generate and return a new identifier [0076]. If no such existing token were found in the hash table, then it would be determined that D-G-H-R-T can start a new cluster [0083][0085][0223]. Obtain from the marker value an assigned cluster identifier for the data item 210 corresponding to the marked token [0249-0250][0015] Table 2). Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to modify the method and system disclosed by Knecht to include successfully attempting to authenticate the client device using the current token, obtaining the content from a destination server and sending the content to the client device as disclosed by Rafsky. One of ordinary skill in the art would have been motivated for the purpose of error-free retrieval to be executed on computers at scales qualitatively larger and speeds qualitatively faster. Improve performance of storage or retrieval operations on cluster data (Rafsky [0094] and [0294]). Re. claim 4, Knecht-Rafsky teach the method of claim 1, Rafsky further teaches wherein the current token is considered to not reside at the location associated with the hash value if the location is empty (Rafsky teaches MIMOSA may determine whether a token is present or absent by checking whether the hash table in memory contains a marker stored for the token [0073]. If the list of tokens from the data item that are present is empty, the data item is not similar to the other received data items, and the membership function may determine that it does not belong to any existing similarity cluster, the membership function may generate and return a new identifier [0076]. If no such existing token were found in the hash table, then it would be determined that D-G-H-R-T can start a new cluster [0083][0085][0223]. Obtain from the marker value an assigned cluster identifier for the data item 210 corresponding to the marked token [0249-0250][0015] table 2). Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to modify the method and system disclosed by Knecht to include wherein the current token is considered to not reside at the location associated with the hash value if the location is empty as disclosed by Rafsky. One of ordinary skill in the art would have been motivated for the purpose of error-free retrieval to be executed on computers at scales qualitatively larger and speeds qualitatively faster. Improve performance of storage or retrieval operations on cluster data (Rafsky [0094] and [0294]). Re. claim 5, Knecht-Rafsky teach the method of claim 4, Rafsky further teaches wherein the current token is considered to not reside at the location associated with the hash value if the location is occupied by a different token (Rafsky teaches MIMOSA may determine whether a token is present or absent by checking whether the hash table in memory contains a marker stored for the token [0073]. If the list of tokens from the data item that are present is empty, the data item is not similar to the other received data items, and the membership function may determine that it does not belong to any existing similarity cluster, the membership function may generate and return a new identifier [0076]. If no such existing token were found in the hash table, then it would be determined that D-G-H-R-T can start a new cluster [0083][0085][0223]. Obtain from the marker value an assigned cluster identifier for the data item 210 corresponding to the marked token [0249-0250][0015] Table 2). Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to modify the method and system disclosed by Knecht to include wherein the current token is considered to not reside at the location associated with the hash value if the location is occupied by a different token as disclosed by Rafsky. One of ordinary skill in the art would have been motivated for the purpose of error-free retrieval to be executed on computers at scales qualitatively larger and speeds qualitatively faster. Improve performance of storage or retrieval operations on cluster data (Rafsky [0094] and [0294]). Re. claim 7. Knecht-Rafsky teach the method of claim 1, wherein the current token is considered to reside at the location associated with the hash value if the location is occupied by the current token (Rafsky teaches MIMOSA may determine whether a token is present or absent by checking whether the hash table in memory contains a marker stored for the token [0073]. If the list of tokens from the data item that are present is empty, the data item is not similar to the other received data items, and the membership function may determine that it does not belong to any existing similarity cluster, the membership function may generate and return a new identifier [0076]. If no such existing token were found in the hash table, then it would be determined that D-G-H-R-T can start a new cluster [0083][0085][0223]. Obtain from the marker value an assigned cluster identifier for the data item 210 corresponding to the marked token [0249-0250][0015] Table 2). Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to modify the method and system disclosed by Knecht to include wherein the current token is considered to reside at the location associated with the hash value if the location is occupied by the current token as disclosed by Rafsky. One of ordinary skill in the art would have been motivated for the purpose of error-free retrieval to be executed on computers at scales qualitatively larger and speeds qualitatively faster. Improve performance of storage or retrieval operations on cluster data (Rafsky [0094] and [0294]). Re. claim 9, Knecht-Rafsky teach the method of claim 2, further comprising serving as a proxy for the client device when obtaining the content from the destination server (Knecht discloses correct account information is found and access to the resources is gained [0015][0027]. When the server 120 is a proxy server part of a cloud-based proxy service, the server 120 is operative to process requests received from the client device 110 by transmitting the request to the origin server 130 hosting the domain [0030][0020]. The server 120 may receive a response 362 (with the content of the resource at the location example.com/login) [0071]). Re. claim 10, Knecht-Rafsky teach the method of claim 2, further comprising serving as a proxy for the destination server when sending the content to the client device (Knecht discloses correct account information is found and access to the resources is gained [0015][0027]. When the server 120 is a proxy server part of a cloud-based proxy service, the server 120 is operative to process requests received from the client device 110 by transmitting the request to the origin server 130 hosting the domain [0030][0020]. The server 120 may receive a response 362 (with the content of the resource at the location example.com/login) [0071]). Re. claim 11, Knecht a computing device, comprising: one or more computer-readable storage media (Knecht discloses using computer-readable media [0074]); one or more processors (Knecht discloses one or more processors [0074]); and program instructions stored on the one or more computer-readable storage media that, when executed by the one or more processors (Knecht discloses one or more processors are coupled to other components to store codes and data for execution [0074]), direct the computing device to at least: receive a request for content from a client device, wherein the request includes a current token(Knecht disclose a user at the client device 110 may request access to secured accounts [0015]. The server 120 receives an initial HTTP request 310 for a resource where the request includes a first location of the resource “/login” at the domain www.example.com. The request includes a cryptographic token [0059]). Knecht does not explicitly teach but Rafsky teaches produce a hash value based at least on the current token (Rafsky teaches MIMOSA may insert the assigned cluster ID value c.sub.i into H as a hash value under each of the MI tokens n.sub.i∘t.sub.iq as hash keys, where t.sub.iq∈L.sub.n.sub.i. In other words, MIMOSA effects the cluster assignment by storing values into the hash table [0326], hash value of the token); determine whether the current token resides at a location of data structure used to store tokens associated with the hash value; and in response to determining that the current token does not reside at the location, attempt to authenticate the client device using the current token (Rafsky teaches MIMOSA may determine whether a token is present or absent by checking whether the hash table in memory contains a marker stored for the token [0073]. If the list of tokens from the data item that are present is empty, the data item is not similar to the other received data items, and the membership function may determine that it does not belong to any existing similarity cluster, the membership function may generate and return a new identifier [0076]. If no such existing token were found in the hash table, then it would be determined that D-G-H-R-T can start a new cluster [0083][0085][0223]. Obtain from the marker value an assigned cluster identifier for the data item 210 corresponding to the marked token [0249-0250][0015] Table 2, hash table determining if the token is in the table. If not then start a new cluster, cluster containing data item). Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to modify the method and system disclosed by Knecht to include producing a hash value based at least on the current token; determining whether the current token resides at a location used to store tokens associated with the hash value; and in response to determining that the current token does not reside at the location, attempting to authenticate the client device using the current token as disclosed by Rafsky. One of ordinary skill in the art would have been motivated for the purpose of error-free retrieval to be executed on computers at scales qualitatively larger and speeds qualitatively faster. Improve performance of storage or retrieval operations on cluster data (Rafsky [0094] and [0294]). Re. claim 12, rejection of claim 11 is included and claim 12 is rejected with the same rationale as applied in claims 9 and 10 above. Re. claim 14, rejection of claim 11 is included and claim 14 is rejected with the same rationale as applied in claims 4 and 5 above. Re. claim 15, rejection of claim 11 is included and claim 15 is rejected with the same rationale as applied in claim 7 above. Re. claim 16, rejection of claim 11 is included and claim 16 is rejected with the same rationale as applied in claims 9 and 10 above. Re. claim 17, Knecht discloses a method of operating a dual-proxy system, the method comprising: obtaining a request for content from a client device, wherein the request comprises a destination server information, a current token, and an IP address of the client device (Knecht disclose a user at the client device 110 may request access to secured accounts [0015]. The server 120 receives an initial HTTP request 310 for a resource where the request includes a first location of the resource “/login” at the domain www.example.com. The request includes a cryptographic token [0059]. Ip address of the server [0022]. IP address of the client device [0027]); forwarding, from a first proxy server, a portion of the request and an IP address of the first proxy server to a second proxy server, the portion of the request comprising the destination server information and the current token (Knecht discloses when the server 120 is a proxy server part of a cloud-based proxy service, the server 120 is operative to process requests received from the client device 110 by transmitting the request to the origin server 130 hosting the domain [0030][0059]); in response to successfully authenticating the client device, forwarding, from the second proxy server, the portion of the request and an IP address of the second proxy server to the destination server; and obtaining the content from the destination server (Knecht the server 120 verifies that the request is valid through the nonce value included in the cryptographic token 320. For example, the server 120 may determine upon decryption of the token that the structure of the expression was changed or that the cryptographic portion (<nonce>) is invalid. When the nonce is not valid, the proxy server blocks the client device and may also log that the client device has been blocked, which may affect a threat score applied to the client device [0064]). Knecht does not explicitly teach but Rafsky teaches attempting to authenticate the client device at the second proxy server using the current token by generating a hash value using the current token and comparing the current token with a token that resides at a location used to store tokens associated with the hash value (Rafsky teaches MIMOSA may determine whether a token is present or absent by checking whether the hash table in memory contains a marker stored for the token [0073]. If the list of tokens from the data item that are present is empty, the data item is not similar to the other received data items, and the membership function may determine that it does not belong to any existing similarity cluster, the membership function may generate and return a new identifier [0076]. If no such existing token were found in the hash table, then it would be determined that D-G-H-R-T can start a new cluster [0083][0085][0223]. Obtain from the marker value an assigned cluster identifier for the data item 210 corresponding to the marked token [0249-0250][0015] Table 2, hash table determining if the token is in the table. If not then start a new cluster, cluster containing data item). Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to modify the method and system disclosed by Knecht to include attempting to authenticate the client device at the second proxy server using the current as disclosed by Rafsky. One of ordinary skill in the art would have been motivated for the purpose of error-free retrieval to be executed on computers at scales qualitatively larger and speeds qualitatively faster. Improve performance of storage or retrieval operations on cluster data (Rafsky [0094] and [0294]). Re. claim 18, Knecht-Rafsky teach the method of claim 17, further comprising sending the content from the second proxy server to the first proxy server and sending the content from the first proxy server to the client device (Knecht discloses when the server 120 is a proxy server of a cloud-based proxy service, it analyzes the request and may transmit the request for the resource at the initial location to the appropriate origin server 130. The origin server 130 may process the request (and then transmit the response with the requested resource to the proxy server. The proxy server may analyze the incoming response and take one or more actions, including, for example, transmitting the response to the requesting client device 110 [0056]). Re. claim 19, Knecht-Rafsky teach the method of claim 17, Rafsky further teaches wherein successfully authenticating the client device comprises determining that the current token is different than the token at the location associated with the hash value (Rafsky teaches when the generated password hash value does not matches a compromised password hash value (e.g., does not exist in the collection of compromised password hash values), then authenticator module 126 can save the generated hash value in association with the user's account identifier in user password database 204 and allow the user access to the user's account in content management system 106 [0056][0055]). Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to modify the method and system disclosed by Knecht to wherein successfully authenticating the client device comprises determining that the current token is different than the token at the location associated with the hash value as disclosed by Rafsky. One of ordinary skill in the art would have been motivated for the purpose of prevent unauthorized access, ensuring only authorized clients and users can access content (Rafsky [0026]). Claims 3, 8 and 13 rejected under 35 U.S.C. 103 as being unpatentable over Knecht et al. (US 20170359432, hereinafter Knecht) in view of Rafsky et al. (US 20180203916 hereinafter Rafsky) and in further view of Lu et al. (US 20170026379, hereinafter Lu). Re. claim 3, Knecht-Rafsky teach the method of claim 1, further comprising, in response to unsuccessfully attempting to authenticate the client device using the current token, rejecting the request for content (Lu teaches reject a request to upload a file if the requesting device’s token has been revoked [0060]). Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to modify the method and system disclosed by Knecht-Rafsky to include wherein the current token is considered to not reside at the location associated with the hash value if the location is empty as disclosed by Lu. One of ordinary skill in the art would have been motivated for the purpose of prevent unauthorized access, ensuring only authorized clients and users can access content (Lu [0032]). Re. claim 8, Knecht-Rafsky teach the method of claim 7, further comprising, in response to determining that the current token resides at the location, rejecting the request for content (Lu teaches reject a request to upload a file if the requesting device’s token has been revoked [0060]). Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to modify the method and system disclosed by Knecht-Rafsky to include in response to determining that the current token resides at the location, rejecting the request for content as disclosed by Lu. One of ordinary skill in the art would have been motivated for the purpose of prevent unauthorized access, ensuring only authorized clients and users can access content (Lu [0032]). Re. claim 13, rejection of claim 11 is included and claim 13 is rejected with the same rationale as applied in claim 3 above. Claims 6 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Knecht et al. (US 20170359432, hereinafter Knecht) in view of Rafsky et al. (US 20180203916 hereinafter Rafsky) and in further view of Mani et al. (US 11438169, hereinafter Mani). Re. claim 6, Knecht-Rafsky teach the method of claim 5, Knecht-Rafsky do not explicitly teach but Mani teaches overwriting the different token with the current token at the location associated with the hash value (Mani teaches the universal access control device 406 may record the access credential by overriding an access credential stored in access credential data 428. In some embodiments, the access credential data 428 may be overwritten with the newly-received access credential only if the access control board 436 sends a signal to the reader device 434 to indicate that access has been granted [Col 10 lines 11-35][Col 10 lines 47-52]). Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to modify the method and system disclosed by Knecht-Rafsky to include in response to determining that the current token resides at the location, rejecting the request for content as disclosed by Mani. One of ordinary skill in the art would have been motivated for the purpose of allowing access to the secure location (Mani [Col 10 lines 36-46]). Re. claim 20, Knecht-Rafsky teach the method of claim 17, Knecht-Rafsky do not explicitly teach but Mani teaches wherein at least one among the first proxy server and the second proxy server distributes the current token to the client device prior to the request (Mani teaches the user device may access the token that was previously provided by the remote server [Col 17 line 62 – Col 18 line 7]). Therefore, it would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to modify the method and system disclosed by Knecht-Rafsky to include wherein at least one among the first proxy server and the second proxy server distributes the current token to the client device prior to the request as disclosed by Mani. One of ordinary skill in the art would have been motivated for the purpose of allowing access to the secure location and access to the token (Mani [Col 10 lines 36-46] [Col 17 line 62 – Col 18 line 7]). Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Johnson (US 9755834) discloses a request from a computing device for accessing a resource is received by an edge server, where the request includes a cookie containing a first token value and a second token value. Kim (KR 20180129475) the token generation unit (110) determines whether a token corresponding to the identification information exists within the user terminal (100), and if the corresponding token does not exist, a token can be generated by hashing the identification information. Any inquiry concerning this communication or earlier communications from the examiner should be directed to KEVIN A AYALA whose telephone number is (571)270-3912. The examiner can normally be reached Monday-Thursday 8AM-5PM; Friday: Variable EST. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge Ortiz-Criado can be reached at 571-272-7624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /KEVIN AYALA/Primary Examiner, Art Unit 2496
Read full office action

Prosecution Timeline

Feb 06, 2023
Application Filed
May 28, 2025
Non-Final Rejection — §103, §112
Aug 26, 2025
Response Filed
Sep 11, 2025
Final Rejection — §103, §112
Nov 05, 2025
Interview Requested
Dec 02, 2025
Interview Requested
Dec 16, 2025
Request for Continued Examination
Dec 20, 2025
Response after Non-Final Action
Feb 21, 2026
Non-Final Rejection — §103, §112 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

17/293,398
Patent 12549375
DEFINING AND MANAGING FORMS IN A DISTRIBUTED LEDGER TRUST NETWORK
2y 5m to grant Granted Feb 10, 2026
17/330,368
Patent 12542684
SOCIAL MEDIA CONTENT MANAGEMENT SYSTEMS
2y 5m to grant Granted Feb 03, 2026
18/510,462
Patent 12542675
SYSTEMS AND METHODS FOR ENCRYPTED MULTIFACTOR AUTHENTICATION USING IMAGING DEVICES AND IMAGE ENHANCEMENT
2y 5m to grant Granted Feb 03, 2026
16/826,484
Patent 12531746
ENABLING CONSENSUS IN DISTRIBUTED TRANSACTION PROCESSING SYSTEMS
2y 5m to grant Granted Jan 20, 2026
17/449,616
Patent 12530454
Behavior analysis based on finite-state machine for malware detection
2y 5m to grant Granted Jan 20, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

3-4
Expected OA Rounds
64%
Grant Probability
96%
With Interview (+31.8%)
3y 4m
Median Time to Grant
High
PTA Risk
Based on 164 resolved cases by this examiner. Grant probability derived from career allow rate.

Ready to respond to this office action?

IP Author drafts your complete OA response — amendments, arguments, and claim strategy — in minutes, not days.

Start Drafting Your Response →

Data sourced from USPTO Patent File Wrapper (daily) and Office Action Archive (weekly). Analysis generated by IP Author.

Data: USPTO Patent File Wrapper (daily) • Office Action Archive (weekly) • 89M+ prosecution events

© 2026 IP Author — Browse Office ActionsExaminersCompaniesFirms

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month