Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Detailed Action
Claims filed on 10/17/2025 for patent application 18/392,811 has been acknowledged. Claims 1-20 are currently pending and have been considered below. Claims 1, 10, and 19 are independent claims. Claims 1, 10, and 19 have been amended. No new claims have been added.
In view of the amendments to claims 1, 10, and 19, the 35 U.S.C. 101 rejection of 1-20 has been withdrawn.
Response to Arguments
Applicant’s arguments with respect to claims 1-20 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1, 2, 9, 10, 11, 18, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Mukherjee et al. (US Patent Application Publication No. US 2022/0216990 A1, hereinafter, Mukherjee) in view of Sankar et al. (US Patent Application Publication No. US 2022/0366068 A1, hereinafter, Sankar).
Regarding Claim 1, Mukherjee discloses: An electronic device comprising:
a display;
a memory having stored thereon at least one notification application and a security notification management (SNM) module;
a network interface which enables the electronic device to connect to, and receive security notification data from, at least one second electronic device via a network; and
a processor communicatively coupled to the display, the memory, and the network interface, and which executes program code of the security notification management module, which enables the electronic device to:
detect receipt, within a predetermined time interval, of a plurality of security notifications from a second electronic device connected via a network and which provides secure user access to an electronic/online account, wherein each security notification contains different transaction authentication information generated for enabling the secure user access at different times within the predetermined time interval (Mukherjee, ¶[0017], “it may be customary for a bank to send an over the phone one time passcode or password (OTP) to a customer on the phone or email when the customer requests a credit card purchase transaction.” ¶[0020], “If the customer tries to use the OTP that is delivered late, he or she may discover that a time window to enter the OTP has closed.” ¶[0021], “there is a chance that an OTP that is sent later may be received by the customer earlier. Since only one OTP may be the valid OTP at any point for the transaction, from a security perspective it may be unclear which OTP should be the valid OTP from the bank side and which OTP the customer should enter for acceptance by the bank. This problem may be further complicated when a customer receives multiple OTPs and does not know which one to use.”);
determine that each of the plurality of security notifications are associated with a same transaction (Mukherjee, ¶[0021], “there is a chance that an OTP that is sent later may be received by the customer earlier. Since only one OTP may be the valid OTP at any point for the transaction, from a security perspective it may be unclear which OTP should be the valid OTP from the bank side and which OTP the customer should enter for acceptance by the bank. This problem may be further complicated when a customer receives multiple OTPs and does not know which one to use.”);
Mukherjee does not explicitly teach the following limitation that Sankar teaches:
identify a most recently received notification from the plurality of security notifications (Sankar, ¶[0049], “application 120a, during an initialization procedure, may authenticate, using application context 440 as described, with authentication management process 105 and based on application context 440, receive multiple passcode sets, including the depicted new passcode set 415 and prior passcode sets 416-419, as part of this initialization procedure. Thereafter, notifications from authentication management process 105 may include an indication of which one of passcode sets 415-419 is the current active passcode.”); and
modify at least one characteristic of each other earlier received notification from the plurality of security notifications that is not the most recently received notification to create a modified notification that includes an indication that an included transaction authentication information is obsolete (Sankar, ¶[0049], “notifications from authentication management process 105 may include an indication of which one of passcode sets 415-419 is the current active passcode.”).
Mukherjee in view of Sankar is analogous art because the references are from the “same field of endeavor” and are from the same “problem solving area.” Namely, they pertain to the field of “security methods and systems.” It would have been obvious for one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Mukherjee with Sankar to
“identify a most recently received notification from the plurality of security notifications; and
modify at least one characteristic of each other earlier received notification from the plurality of security notifications that is not the most recently received notification to create a modified notification that includes an indication that an included transaction authentication information is obsolete”;
because techniques are disclosed relating to methods that include an authentication management process, executing on a computer system, authorizing a plurality of applications to access a database, and sending one or more passcodes to the authorized applications (Sankar, Abstract).
Regarding Claim 2, Mukherjee in view of Sankar teaches: The electronic device of claim 1, wherein further, the processor: presents only the most recently received notification on a display in response to an input that triggers presenting of received notifications (Sankar, ¶[0049], “notifications from authentication management process 105 may include an indication of which one of passcode sets 415-419 is the current active passcode.”).
Regarding Claim 9, Mukherjee in view of Sankar teaches: The electronic device of claim 1, wherein the transaction authentication information is a one-time passcode (Mukherjee, ¶[0017], “it may be customary for a bank to send an over the phone one time passcode or password (OTP) to a customer on the phone or email when the customer requests a credit card purchase transaction.”).
Regarding Claim 10, Mukherjee discloses: A method comprising:
detecting, by a processor of an electronic device, receipt within a predetermined time interval, of a plurality of security notifications from a second electronic device connected via a network and which provides secure user access to an electronic/online account, wherein each security notification contains different transaction authentication information generated for enabling the secure user access at different times within the predetermined time interval (Mukherjee, ¶[0017], “it may be customary for a bank to send an over the phone one time passcode or password (OTP) to a customer on the phone or email when the customer requests a credit card purchase transaction.” ¶[0020], “If the customer tries to use the OTP that is delivered late, he or she may discover that a time window to enter the OTP has closed.” ¶[0021], “there is a chance that an OTP that is sent later may be received by the customer earlier. Since only one OTP may be the valid OTP at any point for the transaction, from a security perspective it may be unclear which OTP should be the valid OTP from the bank side and which OTP the customer should enter for acceptance by the bank. This problem may be further complicated when a customer receives multiple OTPs and does not know which one to use.”);
determining that each of the plurality of security notifications are associated with a same transaction (Mukherjee, ¶[0021], “there is a chance that an OTP that is sent later may be received by the customer earlier. Since only one OTP may be the valid OTP at any point for the transaction, from a security perspective it may be unclear which OTP should be the valid OTP from the bank side and which OTP the customer should enter for acceptance by the bank. This problem may be further complicated when a customer receives multiple OTPs and does not know which one to use.”);
Mukherjee does not explicitly teach the following limitation that Sankar teaches:
identifying a most recently received notification from the plurality of security notifications (Sankar, ¶[0049], “application 120a, during an initialization procedure, may authenticate, using application context 440 as described, with authentication management process 105 and based on application context 440, receive multiple passcode sets, including the depicted new passcode set 415 and prior passcode sets 416-419, as part of this initialization procedure. Thereafter, notifications from authentication management process 105 may include an indication of which one of passcode sets 415-419 is the current active passcode.”); and
modifying at least one characteristic of each other earlier received notification from the plurality of security notifications that is not the most recently received notification to create a modified notification that includes an indication that an included transaction authentication information is obsolete (Sankar, ¶[0049], “notifications from authentication management process 105 may include an indication of which one of passcode sets 415-419 is the current active passcode.”).
Mukherjee in view of Sankar is analogous art because the references are from the “same field of endeavor” and are from the same “problem solving area.” Namely, they pertain to the field of “security methods and systems.” It would have been obvious for one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Mukherjee with Sankar to
“identifying a most recently received notification from the plurality of security notifications; and
modifying at least one characteristic of each other earlier received notification from the plurality of security notifications that is not the most recently received notification to create a modified notification that includes an indication that an included transaction authentication information is obsolete”;
because techniques are disclosed relating to methods that include an authentication management process, executing on a computer system, authorizing a plurality of applications to access a database, and sending one or more passcodes to the authorized applications (Sankar, Abstract).
Regarding Claim 11, Mukherjee in view of Sankar teaches: The method of claim 10, further comprising presenting only the most recently received notification on a display in response to an input that triggers presenting received notifications is received (Sankar, ¶[0049], “notifications from authentication management process 105 may include an indication of which one of passcode sets 415-419 is the current active passcode.”).
Regarding Claim 18, Mukherjee in view of Sankar teaches: The method of claim 10, wherein the transaction authentication information is a one-time passcode (Mukherjee, ¶[0017], “it may be customary for a bank to send an over the phone one time passcode or password (OTP) to a customer on the phone or email when the customer requests a credit card purchase transaction.”).
Regarding Claim 19, Mukherjee discloses: A computer program product comprising a non-transitory computer readable medium having program instructions that when executed by a processor of an electronic device comprising a display, configure the electronic device to perform functions comprising:
detecting, by a processor of an electronic device, receipt within a predetermined time interval, of a plurality of security notifications from a second electronic device connected via a network and which provides secure user access to an electronic/online account, wherein each security notification contains different transaction authentication information generated for enabling the secure user access at different times within the predetermined time interval (Mukherjee, ¶[0017], “it may be customary for a bank to send an over the phone one time passcode or password (OTP) to a customer on the phone or email when the customer requests a credit card purchase transaction.” ¶[0020], “If the customer tries to use the OTP that is delivered late, he or she may discover that a time window to enter the OTP has closed.” ¶[0021], “there is a chance that an OTP that is sent later may be received by the customer earlier. Since only one OTP may be the valid OTP at any point for the transaction, from a security perspective it may be unclear which OTP should be the valid OTP from the bank side and which OTP the customer should enter for acceptance by the bank. This problem may be further complicated when a customer receives multiple OTPs and does not know which one to use.”);
determining that each of the plurality of security notifications are associated with a same transaction (Mukherjee, ¶[0021], “there is a chance that an OTP that is sent later may be received by the customer earlier. Since only one OTP may be the valid OTP at any point for the transaction, from a security perspective it may be unclear which OTP should be the valid OTP from the bank side and which OTP the customer should enter for acceptance by the bank. This problem may be further complicated when a customer receives multiple OTPs and does not know which one to use.”);
Mukherjee does not explicitly teach the following limitation that Sankar teaches:
identifying a most recently received notification from the plurality of security notifications (Sankar, ¶[0049], “application 120a, during an initialization procedure, may authenticate, using application context 440 as described, with authentication management process 105 and based on application context 440, receive multiple passcode sets, including the depicted new passcode set 415 and prior passcode sets 416-419, as part of this initialization procedure. Thereafter, notifications from authentication management process 105 may include an indication of which one of passcode sets 415-419 is the current active passcode.”); and
modifying at least one characteristic of each other earlier received notification from the plurality of security notifications that is not the most recently received notification to create a modified notification that includes an indication that an included transaction authentication information is obsolete (Sankar, ¶[0049], “notifications from authentication management process 105 may include an indication of which one of passcode sets 415-419 is the current active passcode.”).
Mukherjee in view of Sankar is analogous art because the references are from the “same field of endeavor” and are from the same “problem solving area.” Namely, they pertain to the field of “security methods and systems.” It would have been obvious for one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Mukherjee with Sankar to
“identifying a most recently received notification from the plurality of security notifications; and
modifying at least one characteristic of each other earlier received notification from the plurality of security notifications that is not the most recently received notification to create a modified notification that includes an indication that an included transaction authentication information is obsolete”;
because techniques are disclosed relating to methods that include an authentication management process, executing on a computer system, authorizing a plurality of applications to access a database, and sending one or more passcodes to the authorized applications (Sankar, Abstract).
Claims 3, 6, 12, and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Mukherjee et al. (US Patent Application Publication No. US 2022/0216990 A1, hereinafter, Mukherjee) in view of Sankar et al. (US Patent Application Publication No. US 2022/0366068 A1, hereinafter, Sankar) and further in view of Rang et al. (US Patent Application Publication No. US 2006/0095522 A1, hereinafter, Rang).
Regarding Claim 3, Mukherjee in view of Sankar teaches: The electronic device of claim 1, wherein further, the processor:
Mukherjee in view of Sankar does not explicitly teach the following limitation that Rang teaches:
presents each received notification of the plurality of security notifications in time sequence, with each other earlier received notification visibly presenting the indication of being obsolete (Rang, ¶[0030], “User B's registered devices with whom the session based IM is not established may remove the window displaying the previously received IM text messages, provide an indication that the IM conversation is no longer active, provide and indication that the previously received text messages in IM conversation have expired or are no longer valid, provide an indication that User B has replied to the IM conversation using anther registered device, and the like.”).
Mukherjee in view of Sankar and further in view of Rang is analogous art because the references are from the “same field of endeavor” and are from the same “problem solving area.” Namely, they pertain to the field of “security methods and systems.” It would have been obvious for one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Mukherjee in view of Sankar with Rang to
“present each received notification of the plurality of security notifications in time sequence, with each other earlier received notification visibly presenting the indication of being obsolete,”
because the disclosure teaches to provide an indication that the previously received text messages in IM conversation have expired or are no longer valid (Rang, ¶[0033]).
Regarding Claim 6, Mukherjee in view of Sankar and further in view of Rang teaches: The electronic device of claim 1, wherein the processor monitors for receipt of a next security notification within the predetermined time interval, and in response to receiving a next security notification during the predetermined time interval (Mukherjee, ¶[0020], “If the customer tries to use the OTP that is delivered late, he or she may discover that a time window to enter the OTP has closed. Alternatively, if the window is not closed and the customer successfully enters the OTP, the window of acceptance at the merchant or bank side may have expired regardless of whether or not the customer successfully enters the OTP.”),
the processor marks a previously received security notification as obsolete (Rang, ¶[0030], “User B's registered devices with whom the session based IM is not established may remove the window displaying the previously received IM text messages, provide an indication that the IM conversation is no longer active, provide and indication that the previously received text messages in IM conversation have expired or are no longer valid, provide an indication that User B has replied to the IM conversation using anther registered device, and the like.”).
Regarding Claim 12, Mukherjee in view of Sankar and further in view of Rang teaches: The method of claim 10, further comprising presenting each received notification of the plurality of security notifications in time sequence, with each other earlier received notification visibly presenting the indication of being obsolete (Rang, ¶[0030], “User B's registered devices with whom the session based IM is not established may remove the window displaying the previously received IM text messages, provide an indication that the IM conversation is no longer active, provide and indication that the previously received text messages in IM conversation have expired or are no longer valid, provide an indication that User B has replied to the IM conversation using anther registered device, and the like.”).
Regarding Claim 15, Mukherjee in view of Sankar and further in view of Rang teaches: The method of claim 10, further comprising: monitoring for receipt of a next security notification within the predetermined time interval; and
in response to receiving a next security notification during the predetermined time interval (Mukherjee, ¶[0020], “If the customer tries to use the OTP that is delivered late, he or she may discover that a time window to enter the OTP has closed. Alternatively, if the window is not closed and the customer successfully enters the OTP, the window of acceptance at the merchant or bank side may have expired regardless of whether or not the customer successfully enters the OTP.”),
marking a previously received security notification as obsolete (Rang, ¶[0030], “User B's registered devices with whom the session based IM is not established may remove the window displaying the previously received IM text messages, provide an indication that the IM conversation is no longer active, provide and indication that the previously received text messages in IM conversation have expired or are no longer valid, provide an indication that User B has replied to the IM conversation using anther registered device, and the like.”).
Claims 4, 5, 13, and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Mukherjee et al. (US Patent Application Publication No. US 2022/0216990 A1, hereinafter, Mukherjee) in view of Sankar et al. (US Patent Application Publication No. US 2022/0366068 A1, hereinafter, Sankar) and further in view of IOS 17 (Apple IOS 17, Release Date: 9/18/2023).
Regarding Claim 4, Mukherjee in view of Sankar teaches: The electronic device of claim 1, wherein further, the processor:
concurrently with receipt of a next security notification for the same transaction (Mukherjee, ¶[0021], “when a bank determines that an OTP may be missing, and sends a new OTP instead. … This problem may be further complicated when a customer receives multiple OTPs and does not know which one to use.”).
Mukherjee in view of Sankar does not explicitly teach the following limitation that IOS 17 teaches:
sequentially removes, from a notification window of the electronic device, each other earlier received notification from the plurality of security notifications (IOS 17, paragraph 5, “Automatically delete one-time verification codes. One-time verification codes are filled in automatically, so you don’t need to leave the app or website you’re signing into. You can choose to automatically delete the verification codes after entering them with Autofill, or keep them.”),
Mukherjee in view of Sankar and further in view of IOS 17 is analogous art because the references are from the “same field of endeavor” and are from the same “problem solving area.” Namely, they pertain to the field of “security methods and systems.” It would have been obvious for one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Mukherjee in view of Sankar with IOS 17 to
“sequentially removes, from a notification window of the electronic device, each other earlier received notification from the plurality of security notifications”
Because some websites and apps offer two-factor authentication (also known as multifactor authentication) (IOS 17, paragraph 1).
Regarding Claim 5, Mukherjee in view of Sankar teaches: The electronic device of claim 1, wherein further, the processor: deletes from the electronic device, each other earlier received notification from the plurality of security notifications (IOS 17, paragraph 5, “Automatically delete one-time verification codes. One-time verification codes are filled in automatically, so you don’t need to leave the app or website you’re signing into. You can choose to automatically delete the verification codes after entering them with Autofill, or keep them.”),
subsequent to receiving a next security notification for the same transaction (Mukherjee, ¶[0021], “when a bank determines that an OTP may be missing, and sends a new OTP instead. … This problem may be further complicated when a customer receives multiple OTPs and does not know which one to use.”).
Regarding Claim 13, Mukherjee in view of Sankar and further in view of IOS 17 teaches: The method of claim 10, further comprising sequentially removing, from a notification window of the electronic device, each other earlier received notification from the plurality of security notifications (IOS 17, paragraph 5, “Automatically delete one-time verification codes. One-time verification codes are filled in automatically, so you don’t need to leave the app or website you’re signing into. You can choose to automatically delete the verification codes after entering them with Autofill, or keep them.”),
concurrently with receipt of a next security notification for the same transaction (Mukherjee, ¶[0021], “when a bank determines that an OTP may be missing, and sends a new OTP instead. … This problem may be further complicated when a customer receives multiple OTPs and does not know which one to use.”).
Regarding Claim 14, Mukherjee in view of Sankar teaches: The method of claim 10, further comprising deleting from the electronic device, each other earlier received notification from the plurality of security notifications (IOS 17, paragraph 5, “Automatically delete one-time verification codes. One-time verification codes are filled in automatically, so you don’t need to leave the app or website you’re signing into. You can choose to automatically delete the verification codes after entering them with Autofill, or keep them.”),
subsequent to receiving a next security notification for the same transaction (Mukherjee, ¶[0021], “when a bank determines that an OTP may be missing, and sends a new OTP instead. … This problem may be further complicated when a customer receives multiple OTPs and does not know which one to use.”).
Claims 7, 16, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Mukherjee et al. (US Patent Application Publication No. US 2022/0216990 A1, hereinafter, Mukherjee) in view of Sankar et al. (US Patent Application Publication No. US 2022/0366068 A1, hereinafter, Sankar) and further in view of Keshet (US Patent Application Publication No. US 2024/0314118 A1).
Regarding Claim 7, Mukherjee in view of Sankar teaches: The electronic device of claim 1, wherein further, the processor:
that at least two of the plurality of security notifications correspond to a single transaction (Mukherjee, ¶[0021], “there is a chance that an OTP that is sent later may be received by the customer earlier. Since only one OTP may be the valid OTP at any point for the transaction, from a security perspective it may be unclear which OTP should be the valid OTP from the bank side and which OTP the customer should enter for acceptance by the bank.”).
Mukherjee in view of Sankar does not explicitly teach the following limitation that Keshet teaches:
identifies one or more metadata items within each of the plurality of security notifications; and
determines, based on the one or more metadata items (Keshet, ¶[0178], “the access agent may inspect the MFA token message(s), and/or message metadata to identify one or more attributes of the secure online resource 204 from which the MFA token(s) originate, for example, a name, a domain, a URL, a source (origin) IP address, an origin phone number, an origin email address, and/or the like.”),
Mukherjee in view of Sankar and further in view of Keshet is analogous art because the references are from the “same field of endeavor” and are from the same “problem solving area.” Namely, they pertain to the field of “security methods and systems.” It would have been obvious for one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Mukherjee in view of Sankar with Keshet to
“identifies one or more metadata items within each of the plurality of security notifications; and
determines, based on the one or more metadata items”;
because the secure online resource(s) disclosed is configured to authenticate the one or more users according to the received one or more MFA tokens (Keshet, Abstract).
Regarding Claim 16, Mukherjee in view of Sankar and further in view of Keshet teaches: The method of claim 10, further comprising:
identifying one or more metadata items within each of the plurality of security notifications; and
determining, based on the one or more metadata items (Keshet, ¶[0178], “the access agent may inspect the MFA token message(s), and/or message metadata to identify one or more attributes of the secure online resource 204 from which the MFA token(s) originate, for example, a name, a domain, a URL, a source (origin) IP address, an origin phone number, an origin email address, and/or the like.”),
that at least two of the plurality of security notifications correspond to a single transaction (Mukherjee, ¶[0021], “there is a chance that an OTP that is sent later may be received by the customer earlier. Since only one OTP may be the valid OTP at any point for the transaction, from a security perspective it may be unclear which OTP should be the valid OTP from the bank side and which OTP the customer should enter for acceptance by the bank.”).
Regarding Claim 20, Mukherjee in view of Sankar and further in view of Keshet teaches: The computer program product of claim 19, further comprising program instructions for:
identifying one or more metadata items within each of the plurality of security notifications; and
determining, based on the one or more metadata items (Keshet, ¶[0178], “the access agent may inspect the MFA token message(s), and/or message metadata to identify one or more attributes of the secure online resource 204 from which the MFA token(s) originate, for example, a name, a domain, a URL, a source (origin) IP address, an origin phone number, an origin email address, and/or the like.”),
that at least two of the plurality of security notifications correspond to a single transaction (Mukherjee, ¶[0021], “there is a chance that an OTP that is sent later may be received by the customer earlier. Since only one OTP may be the valid OTP at any point for the transaction, from a security perspective it may be unclear which OTP should be the valid OTP from the bank side and which OTP the customer should enter for acceptance by the bank.”).
Claims 8 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Mukherjee et al. (US Patent Application Publication No. US 2022/0216990 A1, hereinafter, Mukherjee) in view of Sankar et al. (US Patent Application Publication No. US 2022/0366068 A1, hereinafter, Sankar) and further in view of Keshet (US Patent Application Publication No. US 2024/0314118 A1) and Gwak (US Patent Application Publication No. US 2013/0120292 A1).
Regarding Claim 8, Mukherjee in view of Sankar and further in view of Keshet teaches: The electronic device of claim 7,
from the plurality of security notifications that correspond to the single transaction (Mukherjee, ¶[0021], “there is a chance that an OTP that is sent later may be received by the customer earlier. Since only one OTP may be the valid OTP at any point for the transaction, from a security perspective it may be unclear which OTP should be the valid OTP from the bank side and which OTP the customer should enter for acceptance by the bank. This problem may be further complicated when a customer receives multiple OTPs and does not know which one to use.”).
Mukherjee in view of Sankar and further in view of Keshet does not explicitly teach the following limitation that Gwak teaches:
wherein further, the processor renders a number on the display that indicates a number of notifications (Gwak, ¶[0033], “the portable device can display the number of text messages currently received”)
Mukherjee in view of Sankar and further in view of Keshet and Gwak is analogous art because the references are from the “same field of endeavor” and are from the same “problem solving area.” Namely, they pertain to the field of “security methods and systems.” It would have been obvious for one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Mukherjee in view of Sankar and further in view of Keshet with Gwak to
“renders a number on the display that indicates a number of notifications”
Because the portable device can display the number of text messages currently received (Gwak, ¶[0033]).
Regarding Claim 17, Mukherjee in view of Sankar and further in view of Keshet and Gwak teaches: The method of claim 16, further comprising displaying a number that indicates a number of notifications (Gwak, ¶[0033], “the portable device can display the number of text messages currently received.”)
from the plurality of security notifications that correspond to the single transaction (Mukherjee, ¶[0021], “there is a chance that an OTP that is sent later may be received by the customer earlier. Since only one OTP may be the valid OTP at any point for the transaction, from a security perspective it may be unclear which OTP should be the valid OTP from the bank side and which OTP the customer should enter for acceptance by the bank. This problem may be further complicated when a customer receives multiple OTPs and does not know which one to use.”).
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to EDGAR W XIE whose telephone number is (703)756-4777. The examiner can normally be reached Monday - Friday, 8:00am - 5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JEFFREY PWU can be reached at (571)272-6798. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/EDGAR W XIE/ Examiner, Art Unit 2433
/WASIKA NIPA/ Primary Examiner, Art Unit 2433