Prosecution Insights
Browse Companies Examiners Firms Draft Your Response
Office ActionsDigital First Holdings LLC › 18375233
Last updated: May 29, 2026
Application No. 18/375,233

AUTHENTICATION PROVIDER ELIGIBILITY

Final Rejection §103§112
Filed
Sep 29, 2023
Examiner
LESNIEWSKI, VICTOR D
Art Unit
2493
Tech Center
2400 — Computer Networks
Assignee
Digital First Holdings LLC
OA Round
2 (Final)
58%
Grant Probability
Moderate
3-4
OA Rounds
8m
Est. Remaining
99%
With Interview

Interview Optional

+56.0% interview lift. Interview already conducted in this application's prosecution history. This examiner has a 58% grant rate with +56.0% interview lift. Since an interview has already been tried, recommend written response with narrowed claims based on precedent claim evolution patterns.
Based on 481 resolved cases, 2023–2026

Examiner Intelligence

LESNIEWSKI, VICTOR D View full profile →
Grants 58% of resolved cases
58%
Career Allowance Rate
280 granted / 481 resolved
At TC average
Strong +56% interview lift
Without
With
+56.0%
Interview Lift
resolved cases with interview
Typical timeline
3y 4m
Avg Prosecution
22 currently pending
Career history
506
Total Applications
across all art units

Statute-Specific Performance

§101
0.3%
-39.7% vs TC avg
§103
86.9%
+46.9% vs TC avg
§102
9.0%
-31.0% vs TC avg
§112
0.8%
-39.2% vs TC avg
Black line = Tech Center average estimate • Based on career data from 481 resolved cases

Office Action

§103 §112
DETAILED ACTION The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . The amendment filed 12/15/2025 has been placed of record in the file. Claims 1 and 19 have been amended. Claims 1-20 are pending. The applicant’s arguments with respect to claims 1-20 have been considered but are moot in view of the following new grounds of rejection. Response to Amendment Claims have been amended to further define the use of the authentication provider module. The amendment proves a change in scope to the independent claims as the independent claims now explicitly state that the authentication credentials delegate authentication authority to the authentication provider module, or the like. However, none of the amended claims show a patentable distinction over the prior art as evidenced by the following new grounds of rejection. Claim Rejections - 35 USC § 112 The following is a quotation of the first paragraph of 35 U.S.C. 112(a): (a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention. The following is a quotation of the first paragraph of pre-AIA 35 U.S.C. 112: The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention. Claims 1-20 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claims contain subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA 35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention. Here, independent claim 1 recites the use of authentication credentials “that enable the authentication provider module to independently authenticate the identity of an individual on behalf of the identity provider module” and “that delegate authentication authority to the authentication provider module.” Likewise, independent claim 19 recites wherein the authentication credentials “authorize the authentication provider module to independently authenticate individuals on behalf of the identity provider module.” No support for such an “authorization” or “delegation” could be found in the specification. It is unclear exactly what such an “authorization” or “delegation” would entail and how it would be implemented. Dependent claims 2-18 and 20 are rejected due to their dependence on the independent claims. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Sprague et al. (U.S. Patent Application Publication Number 2015/0089568), hereinafter referred to as Sprague, in view of Fryer (U.S. Patent Application Publication Number 2022/0217124), further in view of Oberheide et al. (U.S. Patent Application Publication Number 2014/0245389), hereinafter referred to as Oberheide. Sprague disclosed techniques for providing authentication via the use of device identification factors. In an analogous art, Fryer disclosed techniques for authenticating and authorizing a client device to access online resources. Also in an analogous art, Oberheide disclosed techniques for proxying federated authentication protocols. All of these systems are directed toward authentication of client devices utilizing an identity provider separate from a service provider. Regarding claim 1, Sprague discloses a computer-implemented method for providing an authentication provider module with authentication credentials, the method comprising: transmitting, by an authentication provider module that is configured to independently authenticate an identity of an individual, data, indicative of at least one attribute of the authentication provider module, to an identity provider module configured to issue authentication credentials (paragraph 80, context verification tests/factors communicated from user’s device to device identity server); and responsive to determining that the at least one attribute meets at least one predetermined authentication provider eligibility criterion, providing, by the identity provider module, the service provider with authentication credentials (paragraph 81, returns ID and trust score). Sprague does not explicitly state providing, by the identity provider module, the authentication module with the authentication credentials, the identity provider module configured to issue authentication credentials to authentication provider modules. However, returning authentication data to the client device for use was well known in the art as evidenced by Fryer. Since the inventions encompass the same field of endeavor, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system of Sprague by adding the ability for providing, by the identity provider module, the authentication module with the authentication credentials, the identity provider module configured to issue authentication credentials to authentication provider modules as provided by Fryer (see paragraph 27, IDP returns authorization code to client device). One of ordinary skill in the art would have recognized the benefit that providing authentication in this was way would assist in protecting user confidential information (see Fryer, paragraph 3). The combination of Sprague and Fryer does not explicitly state authentication credentials that enable the authentication provider module to independently authenticate the identity of an individual on behalf of the identity provider module and authentication credentials that delegate authentication authority to the authentication provider module. However, utilizing an authentication proxy in such a fashion was well known in the art as evidenced by Oberheide. Since the inventions encompass the same field of endeavor, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Sprague and Fryer by adding the ability for authentication credentials that enable the authentication provider module to independently authenticate the identity of an individual on behalf of the identity provider module and authentication credentials that delegate authentication authority to the authentication provider module as provided by Oberheide (see paragraph 32, federated authentication proxy for authorization delegation). One of ordinary skill in the art would have recognized the benefit that providing authentication proxies would assist in extending authentication security beyond the security level of a single identity provider (see Oberheide, paragraph 3). Regarding claim 2, the combination of Sprague, Fryer, and Oberheide discloses responsive to said providing, transmitting, by the identity provider module, an authentication token to the authentication provider module (Fryer, paragraph 28, IDP sends access token to client device). Regarding claim 3, the combination of Sprague, Fryer, and Oberheide discloses transmitting the authentication token as a token comprising data indicative of the at least one attribute (Fryer, paragraph 14, encrypted access token, and Sprague, paragraph 81, trust score, which is based on device tests/factors). Regarding claim 4, the combination of Sprague, Fryer, and Oberheide discloses prior to transmitting the authentication token, sending, by the authentication provider module, a request for the authentication token; and authenticating, by the identity provide module, the authentication provider module using the authentication credentials (Fryer, paragraph 28, sends token request message to IDP and IDP validates authorization code). Regarding claim 5, the combination of Sprague, Fryer, and Oberheide discloses wherein said providing comprises: storing the authentication credentials in a memory associated with the identity provider module (Fryer, paragraph 27, IDP generates authorization code and stores for later validation). Regarding claim 6, the combination of Sprague, Fryer, and Oberheide discloses providing a trust level score for the authentication provider module based on the at least one attribute (Sprague, paragraph 88, trust score based on device ID tests). Regarding claim 7, the combination of Sprague, Fryer, and Oberheide discloses transmitting the authentication token as a token comprising data indicative of the trust level score (Fryer, paragraph 14, encrypted access token, and Sprague, paragraph 81, trust score). Regarding claim 8, the combination of Sprague, Fryer, and Oberheide discloses determining that the at least one attribute meets the at least one predetermined authentication provider eligibility criterion based on a first subset of at least one attribute of said at least one attribute (Sprague, paragraph 87, multiple context verification tests/factors). Regarding claim 9, the combination of Sprague, Fryer, and Oberheide discloses determining a trust level score based on a second subset of at least one attribute of said at least one attribute (Sprague, paragraph 87, multiple context verification tests/factors). Regarding claim 10, the combination of Sprague, Fryer, and Oberheide discloses determining the trust level score by: providing a respective weighting for each attribute of the second subset; and providing the trust level score as a summation of each respective weighting (Sprague, paragraph 87, aggregated weighting score). Regarding claim 11, the combination of Sprague, Fryer, and Oberheide discloses providing a high weighting category from a first weighting to a second weighting, less than the first weighting; providing a medium weighting category from a third weighting, less than the second weighting, to a fourth weighting, less than the third weighting; and providing a low weighting category from a fifth weighting, less than the fourth weighting, to a sixth weighting, less than the fifth weighting (Sprague, paragraph 87, each context verification test/factor has respective weight). Regarding claim 12, the combination of Sprague, Fryer, and Oberheide discloses categorising each attribute of the second subset into one of the high, medium or low weighting category (Sprague, paragraph 87, each context verification test/factor has respective weight). Regarding claim 13, the combination of Sprague, Fryer, and Oberheide discloses categorising into the high weighting category at least one attribute of: the authentication provider module and a trusted computing system comprising the identity provider module are provided by a common entity; or the authentication provider module is able to perform multi-factor authentication of an individual using biometric information from the individual (Sprague, paragraph 128, each device identity factor test has assigned trust score weight, and paragraph 80, biometric fingerprint). Regarding claim 14, the combination of Sprague, Fryer, and Oberheide discloses categorising into the medium weighting category at least one attribute of: the authentication provider module is able to provide geolocation information for the individual (Sprague, paragraph 128, each device identity factor test has assigned trust score weight, and paragraph 96, trusted geographic locations). Regarding claim 15, the combination of Sprague, Fryer, and Oberheide discloses categorising into the low weighting category at least one attribute of: the authentication provider module is able to perform multi-factor authentication of an individual using one time passcodes sent to a mobile device of the individual; or the authentication provider module requires re-authentication after a preconfigured time period has elapsed (Sprague, paragraph 128, each device identity factor test has assigned trust score weight, and paragraph 80, one-time-password). Regarding claim 16, the combination of Sprague, Fryer, and Oberheide discloses wherein the at least one attribute is one or more of: whether the authentication provider module and a trusted computing system comprising the identity provider module are provided by a common entity; whether the authentication provider module requires a minimum password difficulty for authentication of an individual; whether the authentication provider module is able to perform multi-factor authentication of an individual; whether the authentication provider module is able to provide geolocation information for the individual; whether the authentication provider module requires re-authentication after a preconfigured time period has elapsed (Sprague, paragraph 96, trusted geographic locations). Regarding claim 17, the combination of Sprague, Fryer, and Oberheide discloses wherein the at least one predetermined authentication provider eligibility criterion is one or more of: the authentication provider module and a trusted computing system comprising the identity provider module are provided by a common entity; the authentication provider module requires a minimum password difficulty for authentication of an individual; the authentication provider module is able to perform multi-factor authentication of an individual; the authentication provider module is able to provide geolocation information for the individual; the authentication provider module requires re-authentication after a preconfigured time period has elapsed (Sprague, paragraph 96, trusted geographic locations). Regarding claim 18, the combination of Sprague, Fryer, and Oberheide discloses wherein the at least one predetermined authentication provider eligibility criterion is only that the authentication provider module requires a minimum password difficulty for authentication of an individual (Sprague, paragraph 99, first and/or second passwords). Regarding claim 19, Sprague discloses a communication network, comprising: a trusted computing system comprising an identity provider module configured to issue authentication credentials (paragraph 80, device identity server); a non-trusted computing system comprising an authentication provider module that is configured to authenticate an identity of an individual independently of the trusted computing system (paragraph 79, user’s device); wherein the authentication provider module is configured to transmit data, indicative of at least one attribute of the authentication provider module, to the identity provider module (paragraph 80, context verification tests/factors communicated from user’s device to device identity server); wherein the identity provider module is configured to provide the service provider with authentication credentials responsive to determining that the at least one attribute meets at least one predetermined authentication provider eligibility criterion (paragraph 81, returns ID and trust score). Sprague does not explicitly state wherein the identity provider module is configured to provide the authentication module with the authentication credentials. However, returning authentication data to the client device for use was well known in the art as evidenced by Fryer. Since the inventions encompass the same field of endeavor, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system of Sprague by adding the ability that the identity provider module is configured to provide the authentication module with the authentication credentials as provided by Fryer (see paragraph 27, IDP returns authorization code to client device). One of ordinary skill in the art would have recognized the benefit that providing authentication in this was way would assist in protecting user confidential information (see Fryer, paragraph 3). The combination of Sprague and Fryer does not explicitly state wherein the authentication credentials provided to the authentication provider module authorize the authentication provider module to independently authenticate individuals on behalf of the identity provider module. However, utilizing an authentication proxy in such a fashion was well known in the art as evidenced by Oberheide. Since the inventions encompass the same field of endeavor, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Sprague and Fryer by adding the ability that the authentication credentials provided to the authentication provider module authorize the authentication provider module to independently authenticate individuals on behalf of the identity provider module as provided by Oberheide (see paragraph 32, federated authentication proxy for authorization delegation). One of ordinary skill in the art would have recognized the benefit that providing authentication proxies would assist in extending authentication security beyond the security level of a single identity provider (see Oberheide, paragraph 3). Regarding claim 20, the combination of Sprague, Fryer, and Oberheide discloses wherein the authentication provider module executes on a computing device of the non-trusted computing system and the identity provider module executes on a computing device of the trusted computing system (Sprague, paragraph 79, user’s device, and paragraph 80, device identity server). Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to Victor Lesniewski whose telephone number is (571)272-2812. The examiner can normally be reached Monday thru Friday, 9am to 5pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached at 571-272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /Victor Lesniewski/Primary Examiner, Art Unit 2493
Read full office action

Prosecution Timeline

Sep 29, 2023
Application Filed
Aug 11, 2025
Non-Final Rejection mailed — §103, §112
Dec 02, 2025
Interview Requested
Dec 08, 2025
Applicant Interview (Telephonic)
Dec 08, 2025
Examiner Interview Summary
Dec 15, 2025
Response Filed
May 19, 2026
Final Rejection mailed — §103, §112 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

17/835,074
Patent 12579276
Application Vulnerability Score Based on Stack Traces
3y 9m to grant Granted Mar 17, 2026
18/733,543
Patent 12580945
SIMULATION AND VISUALIZATION OF MALWARE SPREAD THROUGH SHARING OF DATA OBJECTS IN CLOUD APPLICATIONS
1y 9m to grant Granted Mar 17, 2026
18/162,011
Patent 12568378
SYSTEM AND METHOD FOR VALIDATING AUTHORITY OF DEVICE BASED ON IP ADDRESS
3y 1m to grant Granted Mar 03, 2026
18/258,234
Patent 12567970
METHOD FOR MANAGING A ONE-TIME-PASSWORD
2y 8m to grant Granted Mar 03, 2026
18/696,479
Patent 12566854
METHOD FOR DETECTING MOBILE MALICIOUS APPLICATION BASED ON IMPLEMENTATION FEATURES, RECORDING MEDIUM, AND DEVICE FOR PERFORMING THE METHOD
1y 11m to grant Granted Mar 03, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

3-4
Expected OA Rounds
58%
Grant Probability
99%
With Interview (+56.0%)
3y 4m (~8m remaining)
Median Time to Grant
Moderate
PTA Risk
Based on 481 resolved cases by this examiner. Grant probability derived from career allowance rate.

Ready to respond to this office action?

IP Author drafts your complete OA response — amendments, arguments, and claim strategy — in minutes, not days.

Start Drafting Your Response →

Data sourced from USPTO Patent File Wrapper (daily) and Office Action Archive (weekly). Analysis generated by IP Author.

Data: USPTO Patent File Wrapper (daily) • Office Action Archive (weekly) • 89M+ prosecution events

© 2026 IP Author — Browse Office ActionsExaminersCompaniesFirms

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month