Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The communication received on 12/4/25 has been entered.
Applicant’s desire to review the options regarding the nonstatutory double patenting rejection once the claims are deemed to be allowable is acknowledged.
Response to Arguments
In light of applicant’s amendment, the previously cited 35 U.S.C. 112 rejection is withdrawn.
Applicant’s arguments with respect to art rejection as pertaining to the newly amended claims have been considered but are moot because the new ground of rejection.
The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.
Claim Rejections - 35 USC § 103
Claim(s) 1-20 is/are rejected under 35 U.S.C. 103 as obvious over Liberman (USPUB 20130133086) in view of Zheng (USPUB 20150244698).
As pe claims 1-2, as seen in Fig. 4 c, and discussed in the related text, Liberman teaches a computer-implemented method comprising: receiving, at a first user device (PC), one-time use authentication information from an authentication server without the authentication server receiving user login authentication information from the first user device (sending authentication data, step C); providing for communication of the one-time use authentication information from the first user device to a second user device (mobile device (TEL) reading the authentication data, step D); receiving, at the first user device, one-time password information (OTP) (sending the transaction, step F), the OTP information initially received at the second user device from the authentication server in response to a request for the OTP information transmitted from the second user device to the authentication server, the request for the OTP information based on the one-time use authentication information (steps E1, E5); and transmitting, from the first user device to the authentication server, the OTP information for verification of the first user device (step G), providing the one-time user authentication code comprises presenting a QR code on a display of the first user device authentication data displayed during step C in form of a QR-code, para 67-68).
Although Liberman suggests the use of the request for the one-time use authentication information generated by the authentication server for the first user device, Zheng fails to teach the authentication information comprising a globally unique identifier. However, in the related art Zheng suggests such solution (an authentication module generates and provides an internet website page to the device, session identifier that is the Universally Unique Identifier (UUID) value, para 73-74.) It would have been obvious to one of ordinary skill in the art at the time the application was filed to include Zheng’s teaching into Liberman given the benefit of uniquely identify session. Given the fact that the Liberman’s request for OTP information is part of the same session that would allow the first device to be authenticated, including the globally unique identifier for the purpose of validating the one-time use authentication information if not implicit, it would have been obvious because "a person of ordinary skill has good reason to pursue the known options within his or her technical grasp. If this leads to the anticipated success, it is likely the product not of innovation but of ordinary skill and common sense." Thus, even if Liberman/Zheng was not contemplate such solution, it would have been obvious to one of ordinary skill in the art at the time the application was filed to try including the GUID for the server to use the GUID to store data from the structure such as database, to validate issuance of the one-time use authentication information, as a person with ordinary skill has good reason to pursue the known options within his or her technical grasp, especially given the benefit of increased security and reliable authentication session.
The limitations of claims 4-6, are inherent: as clearly indicated by Liberman the devices communicate using network such as Internet (para 66, 79) and a skilled in the art would readily appreciate that network devices utilize IP addresses.
Even if not contemplated by Liberman, including generating information based on such parameters would have been [Official Notice is taken] old and well known in the art at the time the application was filed given the predictable benefit of scalability and device communication.
As per claims 7, 14 and 20, Liberman teaches the one-time use authentication information in conjunction with the OTP information for verification of the first user device conjunction (see steps C and F in Fig. 4C).
As per claims 8-9, 11-16 and 18-20, a skilled in the art would readily appreciate that computing devices offer their functionalities with processor executing computer instruction stored on the media.
Claim(s) 3, 10, 17 is/are rejected under 35 U.S.C. 103 as obvious over Liberman (USPUB 20130133086) in view of Dubey (USPN 9300644) or Hubner (USPUB 20150089607).
Liberman’s teaches the authentication server transferring the one-time use authentication information resulting in verification, as discussed above.
Liberma does not teach transmitting from the first device to the server, a request to log in to a website. However, such concept would have been obvious to one of ordinary skill in the art at the time the application was filed as illustrated by Dubey (see Fig. 4) or Hubner (upon user login attempt to the website the user prompted for one-time password, para 44) offering the predictable benefit of scalability and customization).
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a).
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Peter Poltorak whose telephone number is (571) 272-3840. The examiner can normally be reached Monday through Thursday from 9:00 a.m. to 5:00 p.m.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on (571) 272-6798. The fax phone number for the organization where this application or proceeding is assigned is (571) 273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).
/PIOTR POLTORAK/Primary Examiner, Art Unit 2433