Method for securely sending an email

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This office action is in response to the applicant’s filling of an Amendments/Remarks on 12/5/2025. The claims 1, 3-6, 8-9, 11-12, 14-15, 17-18 and 20 are pending. Response to Arguments Applicant’s arguments with respect to claims 1, 3 and 20 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument. Specifically, the new ground of rejection below incorporate newly applied prior art, Simon Blythe (US Pub No 2021/0184851 submitted with IDS filed 9/30/25), for teaching the newly amended limitations of “an encrypted secure channel”. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1, 3-6, 8- 9, 11-12, 14-15, 17-18 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Bjorn Jakobsson (US Pub No 2017/0230323) in view of Simon Blythe (US Pub No 2021/0184851 submitted with IDS filed 9/30/25). With respect to claim 1, Jakobsson teaches a method of securely sending an electronic mail, the method comprising: receiving, at an electronic mail server, a request from a user to send the electronic mail, with the user having an electronic mail account on the electronic mail server, [and the user having previously identified himself to the electronic mail account] (e.g., “At 204, it is determined that an email message purporting to originate from the sender's first email address has been sent to a recipient” ¶ 0078 & Fig. 2A with the sender having mail account with the electronic mail server by “a sender, having a first email address, is associated with a set of secondary contact data items. Examples of secondary contact data items include a (cellular) phone number, a second email address, an instant messaging identifier, or any other appropriate contact data item.” ¶ 0077); in response to receiving the request, sending, by the server, a security test to be completed by the user to a trusted device associated with the user via a [encrypted] secure channel (e.g., “At 206, prior to allowing access by the recipient to the email message, it is requested, using at least one secondary contact item in the set of secondary contact data items, that the sender confirm that the email message was indeed originated by the sender. For example second factor authentication is performed to verify or confirm that the sender did originate the email message. In some embodiments, the at least one secondary contact item is associated with a secondary communication channel. For example, the request may be made using SMS and/or email. “ ¶ 0078 and trusted sender is enrolled in a secondary communication channel ¶ 0088); the server receiving the security test, completed by the user, via the [encrypted] secure channel (e.g., “At 208, in response to receiving a confirmation from the sender” ¶ 0078); the server verifying the security test completed by the user (e.g., “At 208, in response to receiving a confirmation from the sender that the sender did originate the email message” ¶ 0078); and the server sending the electronic mail if the test is validated by the user (e.g., the server releasing “the email message is delivered to the recipient” ¶ 0078). Jakobsson disclose the claimed subject matter as discussed above with regards to the sender having an account with the mail server but does not explicitly disclose the receiving of the request is with the user having previously identified himself to the electronic mail account. However, analogous art from the same field of endeavor, Blythe teaches the receiving of the request is with the user having previously identified himself to the electronic mail account (e.g., checking receiver’s authentication as well as server checking sender’s credentials @ Fig. 6 #609 & 0080-0087). Jakobsson further teaches the use of a secure channel by using only known and valid 2FA contact information (¶ 0054) or using industry secured 2FA token (¶ 0057) but does not explicitly disclose the secure channel is an encrypted channel. However, Blythe teaches an encrypted secure channel (e.g., “In step 611, the secure messaging provider 300 sends the encryption key 216 associated with the corresponding transaction block 108 to the receiver's authentication device 100b over the secure communication channel.” ¶ 0088 as well as using “secure link” ¶ 0076-0077 and the secure communication channel encrypts the messages ¶ 0027-0028). Therefore, based on Jakobsson in view of Blythe, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teaching of Blythe to the system of Jakobsson in order to ensure that a received email is authentic preventing viruses, hackers and eavesdropping (@ Blythe ¶ 0002-0006). Hence, it would have been obvious to combine the references to obtain the invention as specified in the instant claim. The limitations of claim 3 are substantially similar to claim 1 above, and therefore the claim is likewise rejected with Jakobsson further teaching the blocking of email and “In some embodiments, blocking also includes reporting of the message to an admin” (@ Fig. 9 and ¶ 0262). Jakobsson further teaches quarantining a message, requesting the sender to perform a security test, after not receiving a response before a threshold time has elapsed, permanently blocking the message (@ Fig. 10 and ¶ 0263). Therefore, Jakobsson teaches the additional limitations of “the server rejecting the email or sending it to a recipient other than the one specified in the message, if the test is not validated by the user”. With respect to claim 4, Jakobsson further teaches wherein the method further comprises: receiving, at the electronic mail server, another request from the user to send another electronic mail; checking a predetermined security parameter; sending of the e-mail by the server if the predetermined security parameter is satisfied (e.g., receiving additional emails ¶ 0064 & 0252 and checking the emails against a deception detectors algorithm ¶ 0103-0117). With respect to claim 5, Jakobsson further teaches the security parameter comprising: an elapsed time between sending the request and the other request, a change of IP address used by the user and a date on which the request is sent by the user (e.g., deceptive compare having multiple addresses and domains ¶ 0108, checking for change in reply-to-address ¶ 0257, and using timestamp of multiple emails to establish relationship ¶ 0255). With respect to claim 6, the references above further teach in which the security test comprises a comparison of a biometric input with biometric data associated with the user and stored on the trusted device associated with the user (e.g., the second factor can be a stronger factor including biometric @ Jakobsson ¶ 0054; and performing biometric authentication @ Blythe ¶ 0027, 0053 & 0069). The reason to combine Blythe to Jakobsson is similar to claim 1 above. The limitations of claim 8 are substantially similar to claim 6 above, and therefore the claim is likewise rejected. With respect to claim 9, Jakobsson further teaches in which the trusted device associated with the user is a mobile telephone or a USB key (e.g., cell phone ¶ 0044). The limitations of claim 11 are substantially similar to claim 9 above, and therefore the claim is likewise rejected. With respect to claim 12, Jakobsson further teaches wherein the trusted device comprises an application for completing the security test (e.g., 2FA confirmation via multiple application ¶ 0047-0050, 0068 & 0078). The limitations of claim 14 are substantially similar to claim 12 above, and therefore the claim is likewise rejected. The limitations of claim 15 are substantially similar to claim 1 above, and therefore the claim is likewise rejected. The limitations of claim 17 are substantially similar to claim 3 above, and therefore the claim is likewise rejected. The limitations of claim 18 are substantially similar to claim 1 above, and therefore the claim is likewise rejected. The limitations of claim 20 are substantially similar to claim 1 above, and therefore the claim is likewise rejected with Jakobsson further teaching the request is to receive the electronic mail and sending the security test to the user at @ ¶ 0053 & 0061. Jakobsson also teaches requesting the recipient to pass a security test before releasing the email (¶ 0069, 0264 & 0270-0271). Therefore, the prior arts teaches claim 20 as a whole. Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHAU LE whose telephone number is (571)270-7217. The examiner can normally be reached M-F 8:00-5:00. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, LINGLAN EDWARDS can be reached at (571) 270-5440. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /CHAU LE/Primary Examiner, Art Unit 2408