Prosecution Insights
Browse Companies Examiners Firms Draft Your Response
Office ActionsDigital First Holdings LLC › 18375183
Last updated: April 19, 2026
Application No. 18/375,183

CROSS-CHANNEL AUTHENTICATION VIA A REMOTE TELLER

Final Rejection §103§DP
Filed
Sep 29, 2023
Examiner
SIDDIQI, MOHAMMAD A
Art Unit
2493
Tech Center
2400 — Computer Networks
Assignee
Digital First Holdings LLC
OA Round
2 (Final)
85%
Grant Probability
Favorable
3-4
OA Rounds
3y 1m
To Grant
99%
With Interview

Interview Optional

+15.4% interview lift. This examiner has a relatively high allow rate; a written response may suffice.
Based on 755 resolved cases, 2023–2026

Examiner Intelligence

SIDDIQI, MOHAMMAD A View full profile →
Grants 85% — above average
85%
Career Allow Rate
643 granted / 755 resolved
+27.2% vs TC avg
Strong +15% interview lift
Without
With
+15.4%
Interview Lift
resolved cases with interview
Typical timeline
3y 1m
Avg Prosecution
23 currently pending
Career history
778
Total Applications
across all art units

Statute-Specific Performance

§101
12.6%
-27.4% vs TC avg
§103
53.8%
+13.8% vs TC avg
§102
13.2%
-26.8% vs TC avg
§112
5.8%
-34.2% vs TC avg
Black line = Tech Center average estimate • Based on career data from 755 resolved cases

Office Action

§103 §DP
DETAILED ACTION Claims 1-4 and 6-20 are presented for examination. Claim 5 is canceled. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Double Patenting The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13. The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer. Claims 1 and 20 are provisionally rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of copending Application No. 18/375,176. Although the claims at issue are not identical, they are not patentably distinct from each other, please see the table below: Instant Application Copending Application No. 18/375,176 1. A computer-implemented method for authenticating an identity of an individual at a computing device of a trusted computing system, comprising: establishing, by an Automated Teller Machine (ATM) of a trusted computing system, a communication link with a first computing device of the trusted computing system, the first computing device operated by a remote bank teller; detecting, by the first computing device, an input event indicating that an individual at the ATM wishes to authenticate their identity; responsive to said detecting, transmitting, by the first computing device to a server of the trusted computing system, an authentication request for authenticating the identity of the individual; determining, by an authentication provider module configured to authenticate the identity of the individual independently of the trusted computing system, that the authentication request has been transmitted to the server of the trusted computing system; responsive to said determining, transmitting, by the authentication provider module, a notification to a mobile device of the individual, wherein the notification requests the individual to confirm that they are attempting to authenticate their identity at the ATM; responsive to the authentication provider module receiving a confirmation response to the notification, authenticating, by the authentication provider module, the identity of the individual; responsive to said authenticating, receiving, by the server, a response to the authentication request from the authentication provider module; and responsive to receiving the response, transmitting, by the server, the response to the first computing device to thereby authenticate the identity of the individual at the ATM. 2. The method as claimed in claim 1, further comprising: generating, by the first computing device, the authentication request. 3. The method as claimed in claim 2, further comprising: generating the authentication request as a set of data comprising at least a customer identifier for the individual and a request identifier for the authentication request. 4. The method as claimed in claim 1, wherein said determining comprises: displaying a unique identifier comprising a request identifier for the authentication request on a display of the ATM, wherein the unique identifier is a QR code or One-Time Passcode; and responsive to providing the unique identifier to the mobile device of the individual, receiving, by the authentication provider module, the request identifier from the mobile device, wherein providing the unique identifier to the mobile device comprises scanning the unique identifier with a camera of the mobile device or inputting the unique identifier into a graphical user interface of the mobile device. 5. The method as claimed in claim 4, further comprising: when the unique identifier is the QR code, responsive to scanning the QR code, automatically executing a mobile banking application on the mobile device and initiating an authentication process in the mobile banking application. 6. The method as claimed in claim 1, further comprising: responsive to receiving the authentication request at the server, providing the authentication request to an authentication request queue on the server. 7. The method as claimed in claim 6, wherein said determining comprises: monitoring, by the authentication provider module, the authentication request queue on the server for authentication requests that can be fulfilled by the authentication provider module. 8. The method as claimed in claim 7, wherein the step of determining further comprises: determining that at least one capability of the authentication provider module matches at least one requirement of the authentication request; or determining that the authentication provider module is indicated in the authentication request. 9. The method as claimed in claim 1, further comprising: inputting details associated with the individual into a user interface application executing on the first computing device; and responsive to inputting the details, obtaining a customer identifier for the individual. 10. The method as claimed in claim 1, further comprising: sending, by the first computing device, a query to the server to query a list of available authentication provider modules. 11. The method as claimed in claim 10, further comprising: selecting, at the first computing device, said authentication provider module from the list of available authentication provider modules. 12. The method as claimed in claim 1, further comprising: receiving, at the authentication provider module, the confirmation notification indicating that the individual wishes to authenticate their identity at the first computing device. 13. The method as claimed in claim 1, further comprising: responsive to determining, by the authentication provider module, that the authentication request requires multi-factor authentication to be performed, requesting the individual to perform biometric authentication at the mobile device when sending the notification. 14. The method as claimed in claim 1, further comprising: providing an authentication token, issued by an identity provider module external to the trusted computing system, to the mobile device of the individual; and when authenticating the identity of the individual via the authentication provider module, transmitting the authentication token from the mobile device of the individual to the authentication provider module. 15. The method as claimed in claim 1, further comprising: providing an authentication token, issued by a trusted identity provider module of the trusted computing system, to the authentication provider module; when transmitting the response to the authentication request to the server, providing the authentication token; and authenticating, by the server, the authentication token to authenticate the authentication provider module. 16. The method as claimed in claim 1, further comprising: responsive to receiving the response to the authentication request at the server, providing the response to an authentication response queue on the server. 17. The method as claimed in claim 16, further comprising: monitoring, by the first computing device, the authentication response queue for responses to authentication requests generated by the first computing device. 18. The method as claimed in claim 1, further comprising: responsive to authenticating, by the authentication provider module, the identity of the individual, generating, by the authentication provider module, the response to the authentication request. 19. The method as claimed in claim 18, further comprising: generating the response to the authentication request as a set of data comprising at least a request identifier for the authentication request and a customer identifier for the individual. 20. A communication network, comprising: a trusted computing system comprising an Automated Teller Machine (ATM), a first computing device operated by a remote bank teller, and a server; a non-trusted computing system, external to the trusted computing system, comprising a mobile device of an individual at the ATM and a second computing device executing a respective authentication provider module that is configured to authenticate an identity of an individual independently of the trusted computing system; wherein the ATM is configured to: establish a communication link with the first computing device; wherein the first computing device is configured to: detect an input event indicating that the individual at the ATM wishes to authenticate their identity; and transmit an authentication request, for authenticating the identity of the individual, to the server; wherein the respective authentication provider module is configured to: determine that the authentication request has been transmitted to the server; transmit a notification to the mobile device, wherein the notification requests the individual to confirm that they are attempting to authenticate their identity at the ATM; and authenticate the identity of the individual; wherein the server is configured to: receive a response to the authentication request from the authentication provider module; and transmit the response to the first computing device to thereby authenticate the identity of the individual at the ATM. 1. A computer-implemented method for authenticating an identity of an individual at a computing device of a trusted computing system, comprising the steps of: detecting, by a first computing device of a trusted computing system, an input event indicating that an individual at the first computing device wishes to authenticate their identity; responsive to said detecting, transmitting, by the first computing device, an authentication request, for authenticating the identity of the individual, to a server of the trusted computing system and displaying a unique identifier comprising a request identifier for the authentication request on a display of the first computing device; responsive to providing the unique identifier to a mobile device of the individual, receiving, by an authentication provider module configured to authenticate the identity of the individual independently of the trusted computing system, the request identifier from the mobile device; responsive to said receiving, authenticating, by the authentication provider module, the identity of the individual; responsive to said authenticating, receiving, by the server, a response to the authentication request from the authentication provider module; and responsive to receiving the response, transmitting, by the server, the response to the first computing device to thereby authenticate the identity of the individual at the first computing device. 2. The method as claimed in claim 1, wherein the first computing device is an Automated Teller Machine or a kiosk. 3. The method as claimed in claim 1, further comprising: generating, by the first computing device, the authentication request. 4. The method as claimed in claim 3, further comprising: generating the authentication request as a set of data comprising at least the request identifier and a device identifier for the first computing device. 5. The method as claimed in claim 1, further comprising: displaying the unique identifier as a QR code or a One-Time Passcode. 6. The method as claimed in claim 1, wherein the step of providing the unique identifier to the mobile device comprises: scanning the unique identifier with a camera of the mobile device or inputting the unique identifier into a graphical user interface of the mobile device. 7. The method as claimed in claim 1, further comprising: displaying the unique identifier as a QR code comprising the request identifier; scanning the QR code via a camera of the mobile device; and responsive to scanning the QR code, automatically executing a mobile banking application on the mobile device and initiating an authentication process in the mobile banking application. 8. The method as claimed in claim 1, further comprising: responsive to receiving the authentication request at the server, providing the authentication request to an authentication request queue on the server. 9. The method as claimed in claim 8, further comprising: obtaining details of the authentication request from the authentication request queue using the request identifier. 10. The method as claimed in claim 9, wherein the step of authenticating, by the authentication provider module, the identity of the individual comprises: responsive to receiving, at the authentication provider module, the details of the authentication request, transmitting a notification to the mobile device requesting the individual to confirm that they are attempting to authenticate their identity at the first computing device. 11. The method as claimed in claim 10, further comprising: responsive to the individual responding to the notification transmitted to the mobile device, receiving, at the authentication provider module, a confirmation notification that the individual wishes to authenticate their identity at the first computing device. 12. The method as claimed in claim 10, further comprising: determining, by the authentication provider module, that the authentication request requires multi-factor authentication to be performed; and responsive to said determining, requesting the individual to perform biometric authentication at the mobile device when sending the notification. 13. The method as claimed in claim 1, further comprising: providing a first authentication token, issued by an identity provider module external to the trusted computing system, to the mobile device of the individual; and when authenticating the identity of the individual via the authentication provider module, transmitting the first authentication token from the mobile device of the individual to the authentication provider module. 14. The method as claimed in claim 1, further comprising: providing a second authentication token, issued by a trusted identity provider module of the trusted computing system, to the authentication provider module; when transmitting the response to the authentication request to the server, providing the second authentication token; and authenticating, by the server, the second authentication token to authenticate the authentication provider module. 15. The method as claimed in claim 1, further comprising: responsive to receiving the response to the authentication request at the server, providing the response to an authentication response queue on the server. 16. The method as claimed in claim 15, further comprising: monitoring, by the first computing device, the authentication response queue for responses to authentication requests generated by the first computing device. 17. The method as claimed in claim 1, further comprising: responsive to authenticating, by the authentication provider module, the identity of the individual, generating, by the authentication provider module, the response to the authentication request. 18. The method as claimed in claim 17, further comprising: generating the response to the authentication request as a set of data comprising at least the request identifier and a customer identifier for the individual. 19. A communication network, comprising: a trusted computing system comprising a first computing device and a server; a non-trusted computing system, external to the trusted computing system, comprising a mobile device of an individual at the first computing device and a second computing device executing a respective authentication provider module that is configured to authenticate an identity of the individual independently of the trusted computing system; wherein the first computing device is configured to: detect an input event indicating that the individual at the first computing device wishes to authenticate their identity; transmit an authentication request, for authenticating the identity of the individual, to the server; and display a unique identifier comprising a request identifier for the authentication request on a display of the first computing device; wherein the respective authentication provider module is configured to: receive the request identifier from the mobile device responsive to the unique identifier being provided to the mobile device; and authenticate the identity of the individual; wherein the server is configured to: receive a response to the authentication request from the respective authentication provider module; and transmit the response to the first computing device to thereby authenticate the identity of the individual at the first computing device. 20. The communication network as claimed in claim 19, wherein the first computing device is an Automated Teller Machine or Self-Service Terminal or kiosk, the second computing device is a server of the non-trusted computing system, and the respective authentication provider module is a mobile backend associated with a mobile banking application executing on the mobile device of the individual. This is a provisional nonstatutory double patenting rejection because the patentably indistinct claims have not in fact been patented. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. Claims1-4 and 6-20 are rejected under 35 U.S.C. 103 as being unpatentable over Ithabathula et al. (US Patent Application No. US 20190164165 A1) (Hereinafter Ithabathula) in view of Hitchcock et al. (US Patent Application No. US 10979430 ) (Hereinafter Hitchcock). As per claim 1, Ithabathula discloses a computer-implemented method for authenticating an identity of an individual at a computing device of a trusted computing system, comprising: establishing, by an Automated Teller Machine (ATM) of a trusted computing system, a communication link (para 29, network interface) with a first computing device of the trusted computing system (fig 1, interactive kiosk, the first computing device operated by a remote bank teller (para 59, 70, fig 1, interactive Kiosk); detecting, by the first computing device, an input event indicating that an individual at the ATM wishes to authenticate their identity (para 59,70, he account identifier may be sent directly to the authentication application); responsive to said detecting, transmitting, by the first computing device to a server of the trusted computing system, an authentication request for authenticating the identity of the individual (para 47, 72, he account identifier may be sent directly to the authentication application); determining, by an authentication provider module external to the trusted computing system (the authentication application identifies the user profile, identifies the mobile device , and verifies authentication factors (code biometric) thereby acting as an identity provider, because it resides on a backend system separates from the kiosk, it is external; fig 3, para 47-74) and configured to authenticate the identity of the individual independently of the trusted computing system, that the authentication request has been transmitted to the server of the trusted computing system (fig 1, para 47, 72, the account identifier may be sent directly to the authentication application, para 74, the authentication application may receive these values, and determine whether the received code matches a code associated); responsive to said determining, transmitting, by the authentication provider module, a notification to a mobile device of the individual, wherein the notification requests the individual to confirm that they are attempting to authenticate their identity at the ATM (the interactive kiosk may read an account identifier from the presented token and send the account identifier to an account management application including authentication application); responsive to the authentication provider module receiving a confirmation response to the notification, authenticating, by the authentication provider module, the identity of the individual (para 74, the authentication application may receive these values, and determine whether the received code matches a code associated) using authentication factors or credentials obtained by an identity provider module that is external to the trusted computing system (the authentication application identifies the user profile, identifies the mobile device , and verifies authentication factors (code biometric) thereby acting as an identity provider, because it resides on a backend system separates from the kiosk, it is external; fig 3, para 47-74); responsive to said authenticating, receiving, by the server, a response to the authentication request from the authentication provider module (fig 3, para 74, the authentication application may receive these values, and determine whether the received code matches a code associated); and responsive to receiving the response, transmitting, by the server, the response to the first computing device to thereby authenticate the identity of the individual at the ATM (fig 3, para 74, the authentication application may receive these values, and determine whether the received code matches a code associated). Ithabathula does not explicitly disclose authentication module. However Hitchcock authentication module (fig 3, authentication method requested to the authentication module). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Ithabathula and Hitchcock. The motivation would have been to build the network that provide endpoint security solutions (both hardware and software based). The Examiner notes that this motivation applies to all dependent and/or otherwise subsequently addressed claims. As per claim 2, claim is rejected for the same reasons and motivation as claim 1, above. In addition, Ithabathula discloses further comprising: generating, by the first computing device, the authentication request (para 71, a user presenting a physical token and the interactive kiosk reading an account identifier from the physical token). As per claim 3, claim is rejected for the same reasons and motivation as claim 1, above. In addition, Ithabathula discloses further comprising: generating the authentication request as a set of data comprising at least a customer identifier for the individual and a request identifier for the authentication request (para 71, 74, the interactive kiosk reading an account identifier from the physical token). As per claim 4, claim is rejected for the same reasons and motivation as claim 1, above. In addition, Ithabathula discloses wherein said determining comprises: displaying a unique identifier comprising a request identifier for the authentication request on a display of the ATM, wherein the unique identifier is a QR code or One-Time Passcode (para 72, a QR code, a barcode); and responsive to providing the unique identifier to the mobile device of the individual, receiving, by the authentication provider module, the request identifier from the mobile device, wherein providing the unique identifier to the mobile device comprises scanning the unique identifier with a camera of the mobile device or inputting the unique identifier into a graphical user interface of the mobile device (para 45, capture an image of a QR code); and responsive to scanning the QR code, executing a mobile banking application on the mobile device and initiating an authentication process in the mobile banking application based on the unique identifier being the QR code( the prior art discloses the sensing code, using mobile device, executing software on the device to process the code, and performing authentication based on the code, that reads on the claimed limitation , Fig3, para 44-74). As per claim 6, claim is rejected for the same reasons and motivation as claim 1, above. In addition, Hitchcock discloses further comprising: responsive to receiving the authentication request at the server, providing the authentication request to an authentication request queue on the server (col 17, lines 17-48, may add the request to a queue). As per claim 7, claim is rejected for the same reasons and motivation as claim 1, above. In addition, Hitchcock discloses , wherein said determining comprises: monitoring, by the authentication provider module, the authentication request queue on the server for authentication requests that can be fulfilled by the authentication provider module (fig 3, col 17, lines 17-48, service to select the authentication methods). As per claim 8, claim is rejected for the same reasons and motivation as claim 1, above. In addition, Hitchcock discloses wherein the step of determining further comprises: determining that at least one capability of the authentication provider module matches at least one requirement of the authentication request; or determining that the authentication provider module is indicated in the authentication request (fig 3, col 17, lines 17-48, service to select the authentication methods). As per claim 9, claim is rejected for the same reasons and motivation as claim 1, above. In addition, Ithabathula discloses further comprising: inputting details associated with the individual into a user interface application executing on the first computing device (para 45, 72); and responsive to inputting the details, obtaining a customer identifier for the individual (para 45, 72). As per claim 10, claim is rejected for the same reasons and motivation as claim 1, above. In addition, Hitchcock discloses further comprising: sending, by the first computing device, a query to the server to query a list of available authentication provider modules (fig 3, col 17, lines 17-48, service to select the authentication methods). As per claim 11, claim is rejected for the same reasons and motivation as claim 1, above. In addition, Hitchcock discloses selecting, at the first computing device, said authentication provider module from the list of available authentication provider modules (fig 3 and 4, col 17, lines 17-48, service to select the authentication methods). As per claim 12, claim is rejected for the same reasons and motivation as claim 1, above. In addition, Hitchcock discloses further comprising: receiving, at the authentication provider module, the confirmation notification indicating that the individual wishes to authenticate their identity at the first computing device (fig 3-6, Additional authentication possible). As per claim 13, claim is rejected for the same reasons and motivation as claim 1, above. In addition, Ithabathula discloses further comprising: responsive to determining, by the authentication provider module, that the authentication request requires multi-factor authentication to be performed, requesting the individual to perform biometric authentication at the mobile device when sending the notification (fig 1, col 5, lines 1-15, the authentication methods utilized by each computing device to enable user access to the computing device or to various features of the computing device. These authentication methods may include, but are not limited to, biometric information (e.g., voice recognition, facial recognition, retinal and/or iris scans, finger print recognition, etc.), one-time passwords (e.g., textual, non-textual, etc.), geolocation, multi-factor authentication, out-of-band authentication, and the like. Additionally, the computer-facilitated service). As per claim 14, claim is rejected for the same reasons and motivation as claim 1, above. In addition, Hitchcock discloses providing an authentication token, issued by an identity provider module external to the trusted computing system, to the mobile device of the individual (col 7, lines 10-20, trusted by the computer-facilitated service) ; and when authenticating the identity of the individual via the authentication provider module, transmitting the authentication token from the mobile device of the individual to the authentication provider module (fig 4, col 17, lines 50-67, The request from the user to access the one or more resources provided by the computer-facilitated service may include a cookie that may be used to indicate the identity of the user). As per claim 15, claim is rejected for the same reasons and motivation as claim 1, above. In addition, Hitchcock discloses further comprising: providing an authentication token, issued by a trusted identity provider module of the trusted computing system, to the authentication provider module (col 7, lines 10-20, trusted by the computer-facilitated service); when transmitting the response to the authentication request to the server, providing the authentication token (fig 4-6, col 17, lines 50-67, The request from the user to access the one or more resources provided by the computer-facilitated service may include a cookie that may be used to indicate the identity of the user); and authenticating, by the server, the authentication token to authenticate the authentication provider module (fig 4-6, col 17, lines 50-67, The request from the user to access the one or more resources provided by the computer-facilitated service may include a cookie that may be used to indicate the identity of the user). As per claim 16, claim is rejected for the same reasons and motivation as claim 1, above. In addition, Hitchcock discloses responsive to receiving the response to the authentication request at the server, providing the response to an authentication response queue on the server (col 17, lines 17-48, facilitated service may add the request to a queue, whereby the remote authentication providers of the computing devices and/or other services may access the queue to obtain the request). As per claim 17, claim is rejected for the same reasons and motivation as claim 1, above. In addition, Hitchcock discloses further comprising: monitoring, by the first computing device, the authentication response queue for responses to authentication requests generated by the first computing device (col 17, lines 17-48, facilitated service may add the request to a queue, whereby the remote authentication providers of the computing devices and/or other services may access the queue to obtain the request). As per claim 18, claim is rejected for the same reasons and motivation as claim 1, above. In addition, Ithabathula discloses further comprising: responsive to authenticating, by the authentication provider module, the identity of the individual, generating, by the authentication provider module, the response to the authentication request (para 5, account identifier, token, a value indicative of whether a sensed biometric attribute). As per claim 19, claim is rejected for the same reasons and motivation as claim 1, above. In addition, Ithabathula discloses further comprising: generating the response to the authentication request as a set of data comprising at least a request identifier for the authentication request and a customer identifier for the individual (para 5, account identifier, token, a value indicative of whether a sensed biometric attribute). As per claim 20, claim is rejected for the same reasons and motivation as claim 1, above. In addition, Ithabathula discloses a non-trusted computing system, external to the trusted computing system, comprising a mobile device of an individual at the ATM and a second computing device executing a respective authentication provider module that is configured to authenticate an identity of an individual independently of the trusted computing system (para 21, a mobile computing device, interactive kiosk , and physical token); wherein the ATM is configured to: establish a communication link with the first computing device (fig 1, interactive kiosk, the first computing device operated by a remote bank teller (para 59, 70, fig 1, interactive Kiosk). Response to Arguments Applicant's arguments filed 12/26/2025 have been fully considered but they are not persuasive, therefore rejections to claims 1-4, 6-20 is maintained. In response to Applicant’s arguments against the references individually, one cannot show non-obviousness by attacking references individually where the rejections are based on combinations of references. See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986). In this case Ithabathula discloses establishing, by an Automated Teller Machine (ATM) of a trusted computing system, a communication link (para 29, network interface) with a first computing device of the trusted computing system (fig 1, interactive kiosk, the first computing device operated by a remote bank teller (para 59, 70, fig 1, interactive Kiosk); detecting, by the first computing device, an input event indicating that an individual at the ATM wishes to authenticate their identity (para 59,70, he account identifier may be sent directly to the authentication application); responsive to said detecting, transmitting, by the first computing device to a server of the trusted computing system, an authentication request for authenticating the identity of the individual (para 47, 72, he account identifier may be sent directly to the authentication application); determining, by an authentication provider module external to the trusted computing system (the authentication application identifies the user profile, identifies the mobile device , and verifies authentication factors (code biometric) thereby acting as an identity provider, because it resides on a backend system separates from the kiosk, it is external; fig 3, para 47-74) and configured to authenticate the identity of the individual independently of the trusted computing system, that the authentication request has been transmitted to the server of the trusted computing system (fig 1, para 47, 72, the account identifier may be sent directly to the authentication application, para 74, the authentication application may receive these values, and determine whether the received code matches a code associated); responsive to said determining, transmitting, by the authentication provider module, a notification to a mobile device of the individual, wherein the notification requests the individual to confirm that they are attempting to authenticate their identity at the ATM (the interactive kiosk may read an account identifier from the presented token and send the account identifier to an account management application including authentication application); responsive to the authentication provider module receiving a confirmation response to the notification, authenticating, by the authentication provider module, the identity of the individual (para 74, the authentication application may receive these values, and determine whether the received code matches a code associated) using authentication factors or credentials obtained by an identity provider module that is external to the trusted computing system (the authentication application identifies the user profile, identifies the mobile device , and verifies authentication factors (code biometric) thereby acting as an identity provider, because it resides on a backend system separates from the kiosk, it is external; fig 3, para 47-74); responsive to said authenticating, receiving, by the server, a response to the authentication request from the authentication provider module (fig 3, para 74, the authentication application may receive these values, and determine whether the received code matches a code associated); and responsive to receiving the response, transmitting, by the server, the response to the first computing device to thereby authenticate the identity of the individual at the ATM (fig 3, para 74, the authentication application may receive these values, and determine whether the received code matches a code associated). Hitchcock authentication module (fig 3, authentication method requested to the authentication module). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Ithabathula and Hitchcock. The motivation would have been to build the network that provide endpoint security solutions (both hardware and software based). Conclusion Please see the attached PTO-892 for the prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOHAMMAD A SIDDIQI whose telephone number is (571)272-3976. The examiner can normally be reached Monday-Friday. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl G Colin can be reached at 571-272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /MOHAMMAD A SIDDIQI/Primary Examiner, Art Unit 2493
Read full office action

Prosecution Timeline

Sep 29, 2023
Application Filed
Jul 25, 2025
Non-Final Rejection — §103, §DP
Dec 02, 2025
Interview Requested
Dec 26, 2025
Response Filed
Mar 21, 2026
Final Rejection — §103, §DP (current)

Precedent Cases

Applications granted by this same examiner with similar technology

18/055,285
Patent 12587471
DYNAMIC AUTHORIZATION BASED ON EXECUTION PATH STATUS
2y 5m to grant Granted Mar 24, 2026
18/627,166
Patent 12580753
METHOD FOR GENERATING AT LEAST ONE CRYPTOGRAPHIC KEY AS WELL AS A COMPUTER PROGRAM PRODUCT AND A DEVICE THEREFOR
2y 5m to grant Granted Mar 17, 2026
18/397,674
Patent 12574255
SECURE PROGRAMMING SYSTEM, OPERATING METHOD THEREOF AND COMPUTER READABLE RECORDING MEDIUM USING SUCH OPERATING METHOD
2y 5m to grant Granted Mar 10, 2026
18/746,270
Patent 12574399
TECHNIQUES FOR ENRICHING DEVICE PROFILES AND MITIGATING CYBERSECURITY THREATS USING ENRICHED DEVICE PROFILES
2y 5m to grant Granted Mar 10, 2026
18/193,204
Patent 12566876
Protecting Sensitive Information Shared To A Video Conference
2y 5m to grant Granted Mar 03, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

3-4
Expected OA Rounds
85%
Grant Probability
99%
With Interview (+15.4%)
3y 1m
Median Time to Grant
Moderate
PTA Risk
Based on 755 resolved cases by this examiner. Grant probability derived from career allow rate.

Ready to respond to this office action?

IP Author drafts your complete OA response — amendments, arguments, and claim strategy — in minutes, not days.

Start Drafting Your Response →

Data sourced from USPTO Patent File Wrapper (daily) and Office Action Archive (weekly). Analysis generated by IP Author.

Data: USPTO Patent File Wrapper (daily) • Office Action Archive (weekly) • 89M+ prosecution events

© 2026 IP Author — Browse Office ActionsExaminersCompaniesFirms

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month