ACCESSORY SETUP USING A SETUP CODE

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Continued Examination Under 37 CFR 1.114 A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office Action has been withdrawn pursuant to 37 CFR 1.114. Applicant’s submission filed on 12/23/2025 has been entered. Response to Amendments This communication is in response to the amendments filed on 23 December 2025: Claims 1, 8 and 15 are amended. Claims 22-24 are added. Claims 1-24 are pending. Response to Arguments In response to Applicant’s remarks filed on 23 December 2025: a. Applicant’s arguments that the references do not teach or suggest the amended independent claims as discussed in the telephonic interview has been fully considered but is deemed not-persuasive due to the fact that no real argument is being presented by the Applicant. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. Claims 1-2, 7-9 and 14-16 are rejected under 35 U.S.C. 103 as being unpatentable over McLaughlin et al. (U.S. PGPub. 2015/0222517), hereinafter McLaughlin, in view of Donley et al. (U.S. PGPub. 2018/0352435), hereinafter Donley. Regarding claim 1, McLaughlin teaches A method, comprising: at a setup component of a computer system (McLaughlin, FIG. 13A, see “CONTROLLER 1302”, which is being read as a setup component of a computer system): receiving a first setup code for an accessory, wherein the accessory is different from the computer system (McLaughlin, FIG. 13A, see “ACCESSORY 1304” and “CONTROLLER 1302”, which are different from each other) (McLaughlin, Paragraph [0248], see “…controller 1302 can acquire the accessory’s setup code from the user”); and in response to receiving the first setup code: in accordance with a determination that a credential has not been previously established with the accessory (McLaughlin, FIG. 13A, which is setting up a pair start request between the controller and the accessory for the first time, therefore, no previous credential has been established with the accessory), sending, to the accessory, a request to add a first credential to grant one or more first entitlements with respect to the accessory, wherein the request to establish the first credential includes the first setup code (McLaughlin, Paragraph [0249], see “…controller 1302 can create an SRP session…set an SRP password using the user-entered setup code”) (McLaughlin, Paragraph [0250], see “…controller 1302 can generate a controller proof to prove its own identity…controller 1302 can send a verification request to the accessory, including public key pkC and proof proofC”) (McLaughlin, Paragraph [0262], see “…If the verification succeeds…controller 1304 can decrypt LTPKA and persistently store LTPKA and the accessory’s username userA as a paired accessory record”, which is being read as adding a first credential to grant one or more first entitlements with respect to the accessory); and McLaughlin does not teach the following limitation(s) as taught by Donley: in accordance with a determination that a credential has been previously established with the accessory, sending, to the accessory, a request to add a second credential to grant one or more second entitlements with respect to the accessory, wherein the second credential is different from the first credential, and wherein the request to add the second credential includes a second setup code that is different from the first setup code (Donley, Paragraph [0067], see “…watch 714 verifies the random number returned from new phone 722 is random number 762 in OOB key package…Once the user of new phone 722 is confirmed, watch 714 can respond to pairing requests from new phone 722 and pair with new phone 722 using OOB key 761 generated by watch 714”, where “OOB key 761” is analogous to involving a second setup code, where upon pairing, the new phone communicates with the accessory (with second entitlements)) (Donley, Paragraph [0098], see “…A validation is received from a phone having the ID key and a migration key. An encrypted message based on a first derived key is sent to the phone, and the encrypted message includes a random number. An encrypted message based on a second derived key is received from the phone including the random number, wherein the second derived key is different than the first derived key…”, where “second derived key” is analogous to a second credential that is different from the first credential) (Donley, Paragraph [0099], see “…encrypted off the record (OTR) messages can be communicated between the watch and new phone without having to re-authenticate a user…An out-of-band (OOB) key package is generated including a OOB key and the random number…”, where “OOB key package” is analogous to involving a second setup code that is different from the first setup code to set up the new phone and the accessory, where upon pairing, the new phone communicates with the accessory (with second entitlements)). Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques disclosed of McLaughlin, by implementing techniques of sending to an accessory a request to add different credentials to grant one or more second entitlements with respect to the accessory, disclosed of Donley. One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for accessory setup using a setup code, comprising of sending to an accessory a request to add different credentials to grant one or more second entitlements with respect to the accessory. This allows for better security management when connecting multiple devices or new devices to an accessory. Donley is deemed as analogous art due to the art disclosing techniques of sending to an accessory a request to add different credentials to grant one or more second entitlements with respect to the accessory (Donley, Paragraph [0098]). Regarding claim 2, McLaughlin as modified by Donley teaches The method of claim 1, wherein the first setup code is: determined from an image captured by a camera in communication with the computer system (McLaughlin, Paragraph [0248], see “…controller 1302 can acquire the accessory’s setup code from the user…the user can operate an onboard camera of controller 1302 to capture an image of the setup code as it appears on the accessory (the image can include a human-readable representation or a machine-readable representation, such as a bar code or quick-response (QR) code or the like)”); or received, via a communication channel, from a device different from the computer system Regarding claim 7, McLaughlin as modified by Donley teaches The method of claim 1, wherein the first setup code includes one or more characters, and wherein the second setup code includes one or more characters (McLaughlin, Paragraph [0242], see “…the user can be required to enter the accessory’s setup code (which can be, e.g., an eight-digit identification number that is specific to that accessory and not readily guessable)…,” where the setup codes include one or more characters). Regarding claims 8 and 15, the claims are rejected under the same reasoning as claim 1. Regarding claims 9 and 16, the claims are rejected under the same reasoning as claim 2. Regarding claim 14, the claim is rejected under the same reasoning as claim 7. Claims 5, 12 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over McLaughlin, in view of Donley, in further view of MASUMOTO et al. (U.S. PGPub. 2016/0285311), hereinafter Masumoto. Regarding claim 5, McLaughlin as modified by Donley do not teach the following limitation(s) as taught by Masumoto: The method of claim 1, wherein the setup code is received from an application of the computer system, and wherein the application is different from the setup component (Masumoto, Paragraph [0101], see “…when the application 30 receives the pairing request, the application 30 outputs a Pairing response including the PIN code to the RX controller 410…”, where the setup code is received from an application of the computer system, and the application is different from the setup component). Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques disclosed of McLaughlin, and techniques disclosed of Donley, by implementing techniques of the setup code being received from an application of the computer system, disclosed of Masumoto. One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for accessory setup using a setup code, comprising of the setup code being received from an application of the computer system. This allows for better security management and easier verification by receiving the setup code from the application used for pairing to an accessory. Masumoto is deemed as analogous art due to the art disclosing techniques of the setup code being received from an application of the computer system (Masumoto, Paragraph [0101]). Regarding claims 12 and 19, the claims are rejected under the same reasoning as claim 5. Claims 6, 13 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over McLaughlin, in view of Donley, in further view of Srivatsa et al. (U.S. PGPub. 2016/0360341), hereinafter Srivatsa. Regarding claim 6, McLaughlin as modified by Donley do not teach the following limitation(s) as taught by Srivatsa: The method of claim 1, further comprising: receiving, from an application of the computer system, an indication of an ecosystem (Srivatsa, Paragraph [0047], see “…the first device and second device may also be included in a specified group of devices or a designated set of devices, for example they may be associated with a common user account…of a user which may be maintained by a cloud-based server”, where “specified group of devices” is analogous to an indication of an ecosystem); and in response to receiving the indication of the ecosystem: in accordance with a determination that the ecosystem has not previously established a credential with the accessory, sending, to the accessory, a request to add a credential (Srivatsa, Paragraph [0049], see “…The cloud-based server may store respective information associated with various other devices that belong the specified group of devices…The information (associated with the first pairing) communicated by the first device to the cloud-based server may comprise various items relevant to the accessory device and/or to establishing a connection with the accessory device, such as link keys, addresses, and/or other information”, which is analogous to requesting to add a credential to with an accessory when a credential has not previously been established); and in accordance with a determination that the ecosystem has previously established a credential with the accessory, forgoing sending, to the accessory, a request to add a credential (Srivatsa, Paragraph [0052], see “…the second user device may simply connect with the accessory device using the previously stored link information (at both the second user device and the accessory device as described above) without requiring any user interaction and/or without requiring any multi-step pairing procedure”, which is analogous to forgoing sending to the accessory a request to add a credential when a credential has been previously established). Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques disclosed of McLaughlin, and techniques disclosed of Donley, by implementing techniques of utilizing an ecosystem involving multiple devices in order to determine whether to add credentials for pairing to an accessory, disclosed of Srivatsa. One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for accessory setup using a setup code, comprising of utilizing an ecosystem involving multiple devices in order to determine whether to add credentials for pairing to an accessory. This allows for better security management and time-efficiency within an ecosystem in order to determine whether credentials need to be added based on whether the ecosystem has previously established a credential with a specific accessory. Srivatsa is deemed as analogous art due to the art disclosing techniques of utilizing an ecosystem involving multiple devices in order to determine whether to add credentials for pairing to an accessory (Srivatsa, Paragraph [0047]). Regarding claims 13 and 20, the claims are rejected under the same reasoning as claim 6. Claim 21 is rejected under 35 U.S.C. 103 as being unpatentable over McLaughlin, in view of Donley, in further view of LAITINEN et al. (WO 2022/258131), hereinafter Laitinen. Regarding claim 21, McLaughlin as modified by Donley do not teach the following limitation(s) as taught by Laitinen: The method of claim 1, wherein: the request to add the first credential to grant the one or more first entitlements with respect to the accessory is a request to add the first credential to grant the one or more first entitlements to a first ecosystem with respect to the accessory (Laitinen, Page 6, Paragraph 2, see “…the token structure herein includes a hierarchical pattern, where the tokens are placed at different levels of authentication and can be used directly as access tokens to access services either within the ecosystem and/or outside the ecosystem, or used to authenticate the IoT device to a third-party ecosystem and receive other access tokens”) (Laitinen, Page 6, Paragraph 3, see “…the method includes accessing, by the IoT device, a first service within the base ecosystem using a base level token as an access token…”); the request to add the second credential to grant the one or more second entitlements with respect to the accessory is a request to add the second credential to grant the one or more second entitlements to a second ecosystem with respect to the accessory (Laitinen, Page 6, Paragraph 2, see “…the token structure herein includes a hierarchical pattern, where the tokens are placed at different levels of authentication and can be used directly as access tokens to access services either within the ecosystem and/or outside the ecosystem, or used to authenticate the IoT device to a third-party ecosystem and receive other access tokens”) (Laitinen, Page 6, Paragraph 4 and Page 7, Paragraph 1, see “…The method includes provisioning, by the second level authority, the IoT device with second level tokens configured to access a service within and/or outside the second level ecosystem or to request to join a next level ecosystem controlled by a next level authority which has a trust relationship with the second level ecosystem”, which is analogous to adding a second credential (e.g., second level token) to grant one or more second entitlements to a second ecosystem (e.g., access to a next level ecosystem); the second ecosystem is different from the first ecosystem (Laitinen, Page 6, Paragraph 2, see “…the token structure herein includes a hierarchical pattern, where the tokens are placed at different levels of authentication and can be used directly as access tokens to access services either within the ecosystem and/or outside the ecosystem, or used to authenticate the IoT device to a third-party ecosystem and receive other access tokens”, where “within the ecosystem”, “outside the ecosystem” and “third-party ecosystem” are analogous to a second ecosystem and a first ecosystem, being different from one another). Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques disclosed of McLaughlin, and techniques disclosed of Donley, by implementing techniques of utilizing two different ecosystems and two different credentials for gaining access with respect to the accessory, disclosed of Laitinen. One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for accessory setup using a setup code, comprising of utilizing two different ecosystems and two different credentials for gaining access with respect to the accessory. This allows for better security management and a better user-friendly environment by allowing an accessory to gain access to two different ecosystems by utilizing two different credentials to access the respective ecosystem. Laitinen is deemed as analogous art due to the art disclosing techniques of utilizing two different ecosystems and two different credentials for gaining access with respect to the accessory (Laitinen, Page 6, Paragraph 2). Claim 24 is rejected under 35 U.S.C. 103 as being unpatentable over McLaughlin, in view of Donley, in further view of Eisen et al. (U.S. PGPub. 2020/0092272), hereinafter Eisen. Regarding claim 24, McLaughlin as modified by Donley do not teach the following limitation(s) as taught by Eisen: The method of claim 1, wherein: the first setup code is received by scanning a QR code (Eisen, Paragraph [0043], see “…the software and/or applications may allow the user to scan graphical authentication indicia such as a QR code displayed on another device or the same device, and transmit authentication data between the user device 104 and the authentication system 102…”, which is analogous to receiving a first setup code (i.e., for authentication) by scanning a QR code) (Eisen, Paragraph [0125], see “The nonce data may be transmitted to the authentication system by the user device 900…the user device may transmit nonce data simultaneously with the scanned QR code data to the authentication system…); the determination that a credential has not been previously established with the accessory includes a determination that the QR code has not been previously used (Eisen, FIG. 7, which shows a user scanning a QR code and establishing a credential with the user and service provider based on the QR code not being scanned previously) (Eisen, Paragraph [0036], see “…The unique QR code can be a one-time unique QR code. A one-time unique QR code may become invalid after the first user of the QR code…The graphical authentication indicia or QR codes can be used to mutually verify the identities between a user and an online service provider…”, where determination that a credential has not been previously established with the accessory (user device) includes a determination that the QR code has not been previously used); and the determination that a credential has been previously established with the accessory includes a determination that the QR code has been previously used (Eisen, Paragraph [0036], see “…The unique QR code can be a one-time unique QR code. A one-time unique QR code may become invalid after the first user of the QR code…The graphical authentication indicia or QR codes can be used to mutually verify the identities between a user and an online service provider…”, where determination that a credential has been previously established with the accessory (user device) includes a determination that the QR code has been previously used). Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques disclosed of McLaughlin, and techniques disclosed of Donley, by implementing techniques of utilizing a QR code to determine whether credentials have been previously established with an accessory, disclosed of Eisen. One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for accessory setup using a setup code, comprising of utilizing a QR code to determine whether credentials have been previously established with an accessory. This allows for better security management by utilizing one-time codes that can be tracked on whether they have been previously used. Eisen is deemed as analogous art due to the art disclosing techniques of utilizing a QR code to determine whether credentials have been previously established with an accessory (Eisen, FIG. 7 and Paragraph [0036]). Allowable Subject Matter Claims 3-4, 10-11, 17-18 and 22-23 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to RODMAN ALEXANDER MAHMOUDI whose telephone number is (571)272-8747. The examiner can normally be reached on M-F 11:00am – 7:00pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Philip Chea can be reached on (571) 272-3951. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /RODMAN ALEXANDER MAHMOUDI/Examiner, Art Unit 2499