Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This Office Action is in response to the amendment filed 8/19/2025 for application 18/427,679.
Claims 1-18 and 31-42 have been examined and are pending. Claims 1, 2, 6-8, 12-14, and 18 have been amended. Claims 31-42 have been added. Claims 1, 7, 13, 31, and 37 are independent claims. This Action is made FINAL.
Response to Arguments
The double patent rejections are maintained.
Applicant’s arguments with respect to claim(s) 1-18 and 31-42 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
The Examiner respectfully suggests that the claims be further amended and details in the specification be incorporated to distinguish the claimed invention over prior art of record. Should the Applicant desire an interview to further clarify the claim interpretation/rejections, please contact the Examiner at (571) 272 5368 to schedule an interview.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1-18 and 31-42 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-18 of U.S. Patent No. 10,097,538. Although the claims at issue are not identical, they are not patentably distinct from each other because all limitations recited in claims 1-18 and 31-42 of the instant application are encompassed by limitations recited in claims 1-18 of U.S. Patent No. 10,097,538 (see table below).
Instant Application 18/427,679
U.S. Patent No. 10,097,538
Claim 1 (Currently Amended): A method comprising:
receiving, at a server, from a trusted client computer device, a request to authenticate a mobile device of a user, the mobile device bearing a mobile app, the user having login credentials stored at the server, the trusted client computer device being different from the mobile device;
receiving, by the server, a user-supplied image file from the trusted client computer device;
storing, by the server, in a memory, the user-supplied image file;
converting, by the server, the user-supplied image file to a first byte array;
receiving, by the server, a mobile-supplied image file from the mobile device of the user and converting the mobile-supplied image file to a second byte array;
authenticating, by the server, the mobile device of the user in response to the second byte array matching the first byte array and in response to
.
1. A method comprising:
receiving, at a server, from a trusted client computer device, a request to authenticate a mobile device of a user, the mobile device bearing a mobile app, the user having login credentials stored at the server, the trusted client computer device being different from the mobile device;
storing, at the server, a list of Internet Protocol (IP) addresses of authorized client devices, wherein the trusted client computer device has an IP address included in the list or the trusted client device is coupled to the server using a Universal Second Factor (U2F) key;
requesting, by the server, from the trusted client computer device, a user-supplied memorable image file to be selected from a plurality of image files available to the user of the trusted client computer device including image files created by the user and image files not created by the user, and an International Mobile Equipment Identity (IMEI), and a phone number for a mobile device;
receiving, by the server, the user-supplied memorable image file, the IMEI, and the phone number of the mobile device;
storing, by the server, in a memory, the user-supplied memorable image file, the IMEI, and the phone number of the mobile device;
converting, by the server, the user-supplied memorable image file to a first byte array by renaming a file containing the user-supplied memorable image file to a .txt file;
associating, by the server, in the memory, the user-supplied memorable image file, the IMEI, and the phone number, with the login credentials of the user;
generating, by the server, a one-time activation Personal Identification Number (PIN);
requesting, by the server, a mobile-supplied image file and login credentials from the mobile device of the user;
receiving, by the server, the mobile-supplied image file from the mobile device of the user and converting the mobile-supplied image file to a second byte array;
activating the mobile app in response to the user entering the PIN in the mobile app; and
authenticating, by the server, the mobile device of the user in response to the second byte array matching the first byte array and in response to the login credentials of the user from the mobile device of the user matching the stored login credentials of the user, without requiring the PIN after the mobile app has been activated.
Claims 1-18 and 31-42 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-30 of U.S. Patent No. 11,265,311. Although the claims at issue are not identical, they are not patentably distinct from each other because all limitations recited in claims 1-18 and 31-42 of the instant application are encompassed by limitations recited in claims 1-18 of U.S. Patent No. 11,265,311 (see table below).
Instant Application 18/427,679
U.S. Patent No. 11,265,311
Claim 1 (Currently Amended): A method comprising:
receiving, at a server, from a trusted client computer device, a request to authenticate a mobile device of a user, the mobile device bearing a mobile app, the user having login credentials stored at the server, the trusted client computer device being different from the mobile device;
receiving, by the server, a user-supplied image file from the trusted client computer device;
storing, by the server, in a memory, the user-supplied image file;
converting, by the server, the user-supplied image file to a first byte array;
receiving, by the server, a mobile-supplied image file from the mobile device of the user and converting the mobile-supplied image file to a second byte array;
authenticating, by the server, the mobile device of the user in response to the second byte array matching the first byte array and in response to
.
1. A method comprising:
receiving, at a server, from a trusted client computer device, a request to authenticate a mobile device of a user, the mobile device bearing a mobile app, the user having login credentials stored at the server, the trusted client computer device being different from the mobile device;
storing, at the server, a list of Internet Protocol (IP) addresses of authorized client devices, wherein the trusted client computer device has an IP address included in the list;
requesting, by the server, from the trusted client computer device, a user-supplied memorable image file to be selected from a plurality of image files available to the user of the trusted client computer device including image files created by the user and image files not created by the user, and an International Mobile Equipment Identity (IMEI), and a phone number for a mobile device;
receiving, by the server, the user-supplied memorable image file, the IMEI, and the phone number of the mobile device;
storing, by the server, in a memory, the user-supplied memorable image file, the IMEI, and the phone number of the mobile device;
converting, by the server, the user-supplied memorable image file to a first byte array by renaming a file containing the user-supplied memorable image file to a .txt file;
associating, by the server, in the memory, the user-supplied memorable image file, the IMEI, and the phone number, with the login credentials of the user;
generating, by the server, a one-time activation Personal Identification Number (PIN);
requesting, by the server, a mobile-supplied image file and login credentials from the mobile device of the user;
receiving, by the server, the mobile-supplied image file from the mobile device of the user and converting the mobile-supplied image file to a second byte array;
activating the mobile app in response to the user entering the PIN in the mobile app; and
authenticating, by the server, the mobile device of the user in response to the second byte array matching the first byte array and in response to the login credentials of the user from the mobile device of the user matching the stored login credentials of the user, without requiring the PIN after the mobile app has been activated.
Claims 1-18 and 31-42 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-25 of U.S. Patent No. 11,924,197. Although the claims at issue are not identical, they are not patentably distinct from each other because all limitations recited in claims 1-18 and 31-42 of the instant application are encompassed by limitations recited in claims 1-25 of U.S. Patent No. 11,924,197 (see table below).
Instant Application 18/427,679
U.S. Patent No. 11,924,197
Claim 1 (Currently Amended): A method comprising:
receiving, at a server, from a trusted client computer device, a request to authenticate a mobile device of a user, the mobile device bearing a mobile app, the user having login credentials stored at the server, the trusted client computer device being different from the mobile device;
receiving, by the server, a user-supplied image file from the trusted client computer device;
storing, by the server, in a memory, the user-supplied image file;
converting, by the server, the user-supplied image file to a first byte array;
receiving, by the server, a mobile-supplied image file from the mobile device of the user and converting the mobile-supplied image file to a second byte array;
authenticating, by the server, the mobile device of the user in response to the second byte array matching the first byte array and in response to
.
1. A method comprising:
receiving, at a server, from a trusted client computer device, a request to authenticate a mobile device of a user, the mobile device bearing a mobile app, the user having login credentials stored at the server, the trusted client computer device being different from the mobile device, and
the trusted client computer being coupled to the server using a Universal Second Factor (U2F) key;
storing, at the server, a list of Internet Protocol (IP) addresses of authorized client devices, wherein the trusted client computer device has an IP address included in the list;
requesting, by the server, from the trusted client computer device, a user-supplied memorable image file to be selected from a plurality of image files available to the user of the trusted client computer device including image files created by the user and image files not created by the user;
receiving, by the server, the user-supplied memorable image file; storing, by the server, in a memory, the user-supplied memorable image file;
converting, by the server, the user-supplied memorable image file to a first byte array by renaming a file containing the user-supplied memorable image file to a .txt file;
associating, by the server, in the memory, the user-supplied memorable image file with the login credentials of the user;
generating, by the server, a one-time activation Personal Identification Number (PIN); requesting, by the server, a mobile-supplied image file and login credentials from the mobile device of the user;
receiving, by the server, the mobile-supplied image file from the mobile device of the user and converting the mobile-supplied image file to a second byte array;
activating the mobile app in response to the user entering the PIN in the mobile app; and
authenticating, by the server, the mobile device of the user in response to the second byte array matching the first byte array and in response to the login credentials of the user from the mobile device of the user matching the stored login credentials of the user, without requiring the PIN after the mobile app has been activated.
Claim Objections
Claim 13 is objected to because of the following informalities: on lines 15-16, the phone number lacks an antecedent basis. Appropriate correction is required.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically discloses as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1, 2, 4, 7, 8, 10, 13, 14, 16, 31, 32, 34, 37, 38, and 40 are rejected under 35 U.S.C. 103 as being unpatentable over Bao (US20170171200), filed March 2, 2016, in view of Chin (US20170083750), filed September 3, 2016, and Kamiya (US5040223), filed February 17, 1989.
Regarding claim 1, Bao discloses a method comprising:
receiving, at a server, from a trusted client computer device, a request to authenticate (Bao, paragraph 0058, client application server 230 may communicate a request to authenticate user device 210 to network authentication server 220);
a mobile device of a user, the mobile device bearing a mobile app, the user having login credentials stored at the server (Bao, paragraph 0015, authenticating a user device based on a mobile device number; paragraph 0049, registering for the authentication support service and providing client credentials to network authentication server 220);
the trusted client computer device being different from the mobile device (Bao, paragraph 0039; paragraph 0049, “this may include informing network authentication server 220 that user device 210 has requested and authorized network authentication server 220 to assist with logging in user device 210 via the two-factor authentication service required by client application server 230. In some implementations, registering for the authentication support service may also include client application server 230 providing one or more types of information identifying user device 210”);
authenticating, by the server, the mobile device of the user (Bao, paragraph 0015, authenticating a user device; paragraph 0016, authenticating a user device);
in response to login credentials of the user from the mobile device of the user matching the stored login credentials of the user (Bao, paragraph 0058, authentication server 220 may validate client credentials).
Bao does not explicitly disclose receiving, by the server, a user-supplied image file from the trusted client computer device; storing, by the server, in a memory, the user-supplied image file; receiving, by the server, a mobile-supplied image file from the mobile device of the user.
However, in an analogous art, Chin discloses receiving, by the server, a user-supplied image file from the trusted client computer device (Chin, paragraph 0047, third party device 14 receives registered fingerprint data from the fingerprint database 12. Comparison result send by third party device to fingerprint identifying apparatus for completing the authentication after the third party device 14 compares the fingerprint combination with the registered fingerprint data to generate the comparison result);
storing, by the server, in a memory, the user-supplied image file (Chin, paragraph 0061, registered fingerprint stored in the third party device 14);
receiving, by the server, a mobile-supplied image file from the mobile device of the user (Chin, fingerprint identifying apparatus 10 sends fingerprint to third party device 14).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Chin with method/ server/ computer program product/ method/ server of Bao to include receiving, by the server, a user-supplied image file from the trusted client computer device; storing, by the server, in a memory, the user-supplied image file; receiving, by the server, a mobile-supplied image file from the mobile device of the user to provide users with the benefits of an effective and complicated fingerprint identifying schemed providing a high level of security (Chin: paragraphs 0005 and 0006).
Bao and Chin do not explicitly disclose converting, by the server, the user-supplied image file to a first byte array; converting the mobile-supplied image file to a second byte array; in response to the second byte array matching the first byte array.
However, in an analogous art, Kamiya discloses converting, by the server, the user-supplied image file to a first byte array (Kamiya, col. 3, lines 48, through col. 4, line 7, “When verification is required, the input fingerprint is first converted to an array of pixels”);
converting the mobile-supplied image file to a second byte array (Kamiya, col. 3, lines 48, through col. 4, line 7, “When verification is required, the input fingerprint is first converted to an array of pixels, and temporarily stored in memory”);
in response to the second byte array matching the first byte array (Kamiya, col 8, lines 3-5, verification executed in two stages; col. 3, lines 48, through col. 4, line 7, “When verification is required, the input fingerprint is first converted to an array of pixels, and temporarily stored in memory. A judgement is then made as to whether the degree of correlation is within a first range, indicating that the input fingerprint is definitely accepted as identical to the registered fingerprint”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Kamiya with method/ server/ computer program product/ method/ server of Bao and Chin to include converting, by the server, the user-supplied image file to a first byte array; converting the mobile-supplied image file to a second byte array; in response to the second byte array matching the first byte array to provide users with the benefits of a high overall verification rate and a low rate of incorrect rejections of input fingerprints (Kamiya: col. 3, lines 22-26).
Regarding claim 2, Bao, Chin, and Kamiya disclose the method of claim 1 wherein the image file is created without use of a camera (Chin, paragraph 0046, pre-stored registered fingerprint data).
Regarding claim 4, disclose the method of claim 1 and further comprising authenticating, by the server, the mobile device of the user only if the second byte array matches the first byte array identically (Kamiya, col. 3, lines 48, through col. 4, line 7, “When verification is required, the input fingerprint is first converted to an array of pixels, and temporarily stored in memory. A judgement is then made as to whether the degree of correlation is within a first range, indicating that the input fingerprint is definitely accepted as identical to the registered fingerprint, within a second range. If the degree of correlation found in this second stage is above a specific threshold value, then the input fingerprint is accepted, while if it is below that threshold value, the input fingerprint is rejected.”).
Regarding claim 7, Bao discloses a server configured to receive, from a trusted client computer device, a request to authenticate (Bao, paragraph 0058, client application server 230 may communicate a request to authenticate user device 210 to network authentication server 220);
a mobile device of a user, the mobile device bearing a mobile app, the user having login credentials stored at the server (Bao, paragraph 0015, authenticating a user device based on a mobile device number; paragraph 0049, registering for the authentication support service and providing client credentials to network authentication server 220),
the trusted client computer device being different from the mobile device (Bao, paragraph 0039; paragraph 0049, “this may include informing network authentication server 220 that user device 210 has requested and authorized network authentication server 220 to assist with logging in user device 210 via the two-factor authentication service required by client application server 230. In some implementations, registering for the authentication support service may also include client application server 230 providing one or more types of information identifying user device 210”),
the server including a processor; and a memory for storing computer instructions that, when executed by the processor, cause the server to: (Bao, paragraph 0150, processor, memory, FIG. 1A shows server);
authenticate the mobile device of the user (Bao, paragraph 0015, authenticating a user device; paragraph 0016, authenticating a user device);
in response to login credentials of the user from the mobile device of the user matching the user's stored login credentials (Bao, paragraph 0058, authentication server 220 may validate client credentials).
Bao does not explicitly disclose receive a user-supplied image file from the trusted client computer device; store, in the memory, the user-supplied image file; receive a mobile-supplied image file from the mobile device of the user.
However, in an analogous art, Chin discloses receive a user-supplied image file from the trusted client computer device (Chin, paragraph 0047, third party device 14 receives registered fingerprint data from the fingerprint database 12. Comparison result send by third party device to fingerprint identifying apparatus for completing the authentication after the third party device 14 compares the fingerprint combination with the registered fingerprint data to generate the comparison result);
store, in the memory, the user-supplied image file (Chin, paragraph 0061, registered fingerprint stored in the third party device 14);
receive a mobile-supplied image file from the mobile device of the user (Chin, fingerprint identifying apparatus 10 sends fingerprint to third party device 14).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Chin with method/ server/ computer program product/ method/ server of Bao to include receive a user-supplied image file from the trusted client computer device; store, in the memory, the user-supplied image file; receive a mobile-supplied image file from the mobile device of the user to provide users with the benefits of an effective and complicated fingerprint identifying schemed providing a high level of security (Chin: paragraphs 0005 and 0006).
Bao and Chin disclose authenticate the mobile device of the user, but do not explicitly disclose convert the user-supplied image file to a first byte array; converting the mobile-supplied image file to a second byte array; authenticate the mobile device of the user in response to the second byte array matching the first byte array and in response to login credentials of the user from the mobile device of the user matching the user's stored login credentials.
However, in an analogous art, Kamiya discloses convert the user-supplied image file to a first byte array (Kamiya, col. 3, lines 48, through col. 4, line 7, “When verification is required, the input fingerprint is first converted to an array of pixels”);
converting the mobile-supplied image file to a second byte array; and (Kamiya, col. 3, lines 48, through col. 4, line 7, “When verification is required, the input fingerprint is first converted to an array of pixels, and temporarily stored in memory”);
authenticate the mobile device of the user in response to the second byte array matching the first byte array and in response to login credentials of the user from the mobile device of the user matching the user's stored login credentials (Kamiya, col 8, lines 3-5, verification executed in two stages; col. 3, lines 48, through col. 4, line 7, “When verification is required, the input fingerprint is first converted to an array of pixels, and temporarily stored in memory. A judgement is then made as to whether the degree of correlation is within a first range, indicating that the input fingerprint is definitely accepted as identical to the registered fingerprint”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Kamiya with method/ server/ computer program product/ method/ server of Bao and Chin to include convert the user-supplied image file to a first byte array; converting the mobile-supplied image file to a second byte array; authenticate the mobile device of the user in response to the second byte array matching the first byte array and in response to login credentials of the user from the mobile device of the user matching the user's stored login credentials to provide users with the benefits of a high overall verification rate and a low rate of incorrect rejections of input fingerprints (Kamiya: col. 3, lines 22-26).
Regarding claim 8, Bao, Chin, and Kamiya disclose the server of claim 7 and configured to receive an image file created without use of a camera (Chin, paragraph 0046, pre-stored registered fingerprint data).
Regarding claim 10, Bao, Chin, and Kamiya disclose the server of claim 7 and configured to authenticate the mobile device of the user only if the second byte array matches the first byte array identically (Kamiya, col. 3, lines 48, through col. 4, line 7, “When verification is required, the input fingerprint is first converted to an array of pixels, and temporarily stored in memory. A judgement is then made as to whether the degree of correlation is within a first range, indicating that the input fingerprint is definitely accepted as identical to the registered fingerprint, within a second range. If the degree of correlation found in this second stage is above a specific threshold value, then the input fingerprint is accepted, while if it is below that threshold value, the input fingerprint is rejected.”).
Regarding claim 13, Bao discloses a computer program product comprising a non-transitory computer readable medium bearing computer program code which, when programmed into a server having a memory causes the server to (Bao, paragraph 0150, processor memory, FIG. 1A shows server):
receive, from a trusted client computer device, a request to authenticate (Bao, paragraph 0058, client application server 230 may communicate a request to authenticate user device 210 to network authentication server 220);
a mobile device of a user, the mobile device bearing a mobile app, the user having login credentials stored at the server (Bao, paragraph 0015, authenticating a user device based on a mobile device number; paragraph 0049, registering for the authentication support service and providing client credentials to network authentication server 220);
the trusted client computer device being different from the mobile device (Bao, paragraph 0039; paragraph 0049, “this may include informing network authentication server 220 that user device 210 has requested and authorized network authentication server 220 to assist with logging in user device 210 via the two-factor authentication service required by client application server 230. In some implementations, registering for the authentication support service may also include client application server 230 providing one or more types of information identifying user device 210”);
the phone number of the mobile device (Bao, paragraph 0003, mobile device number (MDN), paragraph 0037, network authentication server may have access to user device MDNs);
authenticate the mobile device of the user (Bao, paragraph 0015, authenticating a user device; paragraph 0016, authenticating a user device);
in response to login credentials of the user from the mobile device of the user matching the user's stored login credentials (Bao, paragraph 0058, authentication server 220 may validate client credentials).
Bao does discloses the phone number of the mobile device, but does not explicitly disclose receive a user-supplied image file from the trusted client computer device; store, in the memory, the user-supplied image file, and the phone number of the mobile device; receive a mobile-supplied image file from the mobile device of the user.
However, in an analogous art, Chin discloses receive a user-supplied image file from the trusted client computer device (Chin, paragraph 0047, third party device 14 receives registered fingerprint data from the fingerprint database 12. Comparison result send by third party device to fingerprint identifying apparatus for completing the authentication after the third party device 14 compares the fingerprint combination with the registered fingerprint data to generate the comparison result);
store, in the memory, the user-supplied image file, and the phone number of the mobile device; (Chin, paragraph 0061, registered fingerprint stored in the third party device 14)
receive a mobile-supplied image file from the mobile device of the user and (Chin, fingerprint identifying apparatus 10 sends fingerprint to third party device 14).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Chin with method/ server/ computer program product/ method/ server of Bao to include receive a user-supplied image file from the trusted client computer device; store, in the memory, the user-supplied image file, and the phone number of the mobile device; receive a mobile-supplied image file from the mobile device of the user to provide users with the benefits of an effective and complicated fingerprint identifying schemed providing a high level of security (Chin: paragraphs 0005 and 0006).
Bao and Chin disclose authenticate the mobile device of the user in response to the second byte array matching the first byte array and in response to login credentials of the user from the mobile device of the user matching the user's stored login credentials, but do not explicitly disclose convert the user-supplied image file to a first byte array; convert the mobile-supplied image file to a second byte array; authenticate the mobile device of the user in response to the second byte array matching the first byte array and in response to login credentials of the user from the mobile device of the user matching the user's stored login credentials.
However, in an analogous art, Kamiya discloses convert the user-supplied image file to a first byte array (Kamiya, col. 3, lines 48, through col. 4, line 7, “When verification is required, the input fingerprint is first converted to an array of pixels”);
convert the mobile-supplied image file to a second byte array (Kamiya, col. 3, lines 48, through col. 4, line 7, “When verification is required, the input fingerprint is first converted to an array of pixels, and temporarily stored in memory”);
authenticate the mobile device of the user in response to the second byte array matching the first byte array and in response to login credentials of the user from the mobile device of the user matching the user's stored login credentials (Kamiya, col 8, lines 3-5, verification executed in two stages; col. 3, lines 48, through col. 4, line 7, “When verification is required, the input fingerprint is first converted to an array of pixels, and temporarily stored in memory. A judgement is then made as to whether the degree of correlation is within a first range, indicating that the input fingerprint is definitely accepted as identical to the registered fingerprint”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Kamiya with method/ server/ computer program product/ method/ server of Bao and Chin to include convert the user-supplied image file to a first byte array; convert the mobile-supplied image file to a second byte array; authenticate the mobile device of the user in response to the second byte array matching the first byte array and in response to login credentials of the user from the mobile device of the user matching the user's stored login credentials to provide users with the benefits of a high overall verification rate and a low rate of incorrect rejections of input fingerprints (Kamiya: col. 3, lines 22-26).
Regarding claim 14, Bao, Chin, and Kamiya disclose the computer program product of claim 13, wherein the image file is created without use of a camera (Chin, paragraph 0046, pre-stored registered fingerprint data).
Regarding claim 16, Bao, Chin, and Kamiya disclose the computer program product of claim 13 and further comprising code configured to cause the server to authenticate the mobile device of the user only if the second byte array matches the first byte array identically (Kamiya, col. 3, lines 48, through col. 4, line 7, “When verification is required, the input fingerprint is first converted to an array of pixels, and temporarily stored in memory. A judgement is then made as to whether the degree of correlation is within a first range, indicating that the input fingerprint is definitely accepted as identical to the registered fingerprint, within a second range. If the degree of correlation found in this second stage is above a specific threshold value, then the input fingerprint is accepted, while if it is below that threshold value, the input fingerprint is rejected.”).
Regarding claim 31, Bao discloses a method comprising: receiving, at a server, from a trusted client computer device, a request to authenticate (Bao, paragraph 0058, client application server 230 may communicate a request to authenticate user device 210 to network authentication server 220);
a mobile device of a user, the mobile device bearing a mobile app, the user having login credentials stored at the server (Bao, paragraph 0015, authenticating a user device based on a mobile device number; paragraph 0049, registering for the authentication support service and providing client credentials to network authentication server 220);
the trusted client computer device being different from the mobile device (Bao, paragraph 0039; paragraph 0049, “this may include informing network authentication server 220 that user device 210 has requested and authorized network authentication server 220 to assist with logging in user device 210 via the two-factor authentication service required by client application server 230. In some implementations, registering for the authentication support service may also include client application server 230 providing one or more types of information identifying user device 210”);
authenticating, by the server, the mobile device of the user (Bao, paragraph 0015, authenticating a user device; paragraph 0016, authenticating a user device);
in response to (Bao, paragraph 0058, authentication server 220 may validate client credentials).
Bao does not explicitly disclose receiving, by the server, a user-supplied image file from the trusted client computer device; storing, by the server, in a memory, the user-supplied image file; receiving, by the server, a mobile-supplied image file from the mobile device of the user.
However, in an analogous art, Chin discloses receiving, by the server, a user-supplied image file from the trusted client computer device (Chin, paragraph 0047, third party device 14 receives registered fingerprint data from the fingerprint database 12. Comparison result send by third party device to fingerprint identifying apparatus for completing the authentication after the third party device 14 compares the fingerprint combination with the registered fingerprint data to generate the comparison result);
storing, by the server, in a memory, the user-supplied image file (Chin, paragraph 0061, registered fingerprint stored in the third party device 14);
receiving, by the server, a mobile-supplied image file from the mobile device of the user and (Chin, fingerprint identifying apparatus 10 sends fingerprint to third party device 14).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Chin with method/ server/ computer program product/ method/ server of Bao to include receiving, by the server, a user-supplied image file from the trusted client computer device; storing, by the server, in a memory, the user-supplied image file; receiving, by the server, a mobile-supplied image file from the mobile device of the user to provide users with the benefits of an effective and complicated fingerprint identifying schemed providing a high level of security (Chin: paragraphs 0005 and 0006).
Bao and Chin do not explicitly disclose converting, by the server, the us; r-supplied image file to a first byte array; converting the mobile-supplied image file to a second byte array; in response to the second byte array matching the first byte array.
However, in an analogous art, Kamiya discloses converting, by the server, the user-supplied image file to a first byte array (Kamiya, col. 3, lines 48, through col. 4, line 7, “When verification is required, the input fingerprint is first converted to an array of pixels”);
converting the mobile-supplied image file to a second byte array (Kamiya, col. 3, lines 48, through col. 4, line 7, “When verification is required, the input fingerprint is first converted to an array of pixels, and temporarily stored in memory”);
in response to the second byte array matching the first byte array (Kamiya, col 8, lines 3-5, verification executed in two stages; col. 3, lines 48, through col. 4, line 7, “When verification is required, the input fingerprint is first converted to an array of pixels, and temporarily stored in memory. A judgement is then made as to whether the degree of correlation is within a first range, indicating that the input fingerprint is definitely accepted as identical to the registered fingerprint”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Kamiya with method/ server/ computer program product/ method/ server of Bao and Chin to include converting, by the server, the us; r-supplied image file to a first byte array; converting the mobile-supplied image file to a second byte array; in response to the second byte array matching the first byte array to provide users with the benefits of a high overall verification rate and a low rate of incorrect rejections of input fingerprints (Kamiya: col. 3, lines 22-26).
Regarding claim 32, Bao, Chin, and Kamiya disclose the method of claim 31 wherein the image file is created without use of a camera (Chin, paragraph 0046, pre-stored registered fingerprint data).
Regarding claim 34, Bao, Chin, and Kamiya disclose the method of claim 31 and further comprising authenticating, by the server, the mobile device of the user only if the second byte array matches the first byte array identically (Kamiya, col. 3, lines 48, through col. 4, line 7, “When verification is required, the input fingerprint is first converted to an array of pixels, and temporarily stored in memory. A judgement is then made as to whether the degree of correlation is within a first range, indicating that the input fingerprint is definitely accepted as identical to the registered fingerprint, within a second range. If the degree of correlation found in this second stage is above a specific threshold value, then the input fingerprint is accepted, while if it is below that threshold value, the input fingerprint is rejected.”).
Regarding claim 37, Bao discloses a server configured to receive, from a trusted client computer device, a request to authenticate (Bao, paragraph 0058, client application server 230 may communicate a request to authenticate user device 210 to network authentication server 220);
a mobile device of a user, the mobile device bearing a mobile app, the user having login credentials stored at the server (Bao, paragraph 0015, authenticating a user device based on a mobile device number; paragraph 0049, registering for the authentication support service and providing client credentials to network authentication server 220);
the trusted client computer device being different from the mobile device (Bao, paragraph 0039; paragraph 0049, “this may include informing network authentication server 220 that user device 210 has requested and authorized network authentication server 220 to assist with logging in user device 210 via the two-factor authentication service required by client application server 230. In some implementations, registering for the authentication support service may also include client application server 230 providing one or more types of information identifying user device 210”),
the server including a processor; and a memory for storing computer instructions that, when executed by the processor, cause the server to: (Bao, paragraph 0150, processor, memory, FIG. 1A shows server);
authenticate the mobile device of the user (Bao, paragraph 0015, authenticating a user device; paragraph 0016, authenticating a user device);
in response to login credentials of the user from the mobile device of the user matching the user's stored login credentials (Bao, paragraph 0058, authentication server 220 may validate client credentials).
Bao does not explicitly disclose receive a user-supplied image file from the trusted client computer device; store, in the memory, the user-supplied image file; receive a mobile-supplied image file from the mobile device of the user.
However, in an analogous art, Chin discloses receive a user-supplied image file from the trusted client computer device (Chin, paragraph 0047, third party device 14 receives registered fingerprint data from the fingerprint database 12. Comparison result send by third party device to fingerprint identifying apparatus for completing the authentication after the third party device 14 compares the fingerprint combination with the registered fingerprint data to generate the comparison result);
store, in the memory, the user-supplied image file; (Chin, paragraph 0061, registered fingerprint stored in the third party device 14);
receive a mobile-supplied image file from the mobile device of the user and (Chin, fingerprint identifying apparatus 10 sends fingerprint to third party device 14).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Chin with method/ server/ computer program product/ method/ server of Bao to include receive a user-supplied image file from the trusted client computer device; store, in the memory, the user-supplied image file; receive a mobile-supplied image file from the mobile device of the user to provide users with the benefits of an effective and complicated fingerprint identifying schemed providing a high level of security (Chin: paragraphs 0005 and 0006).
Bao and Chin do not explicitly disclose convert the user-supplied image file to a first byte array; convert the mobile-supplied image file to a second byte array; in response to the second byte array matching the first byte array.
However, in an analogous art, Kamiya discloses convert the user-supplied image file to a first byte array (Kamiya, col. 3, lines 48, through col. 4, line 7, “When verification is required, the input fingerprint is first converted to an array of pixels”);
convert the mobile-supplied image file to a second byte array (Kamiya, col. 3, lines 48, through col. 4, line 7, “When verification is required, the input fingerprint is first converted to an array of pixels, and temporarily stored in memory”);
in response to the second byte array matching the first byte array (Kamiya, col 8, lines 3-5, verification executed in two stages; col. 3, lines 48, through col. 4, line 7, “When verification is required, the input fingerprint is first converted to an array of pixels, and temporarily stored in memory. A judgement is then made as to whether the degree of correlation is within a first range, indicating that the input fingerprint is definitely accepted as identical to the registered fingerprint”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Kamiya with method/ server/ computer program product/ method/ server of Bao and Chin to include convert the user-supplied image file to a first byte array; convert the mobile-supplied image file to a second byte array; in response to the second byte array matching the first byte array to provide users with the benefits of a high overall verification rate and a low rate of incorrect rejections of input fingerprints (Kamiya: col. 3, lines 22-26).
Regarding claim 38, Bao, Chin, and Kamiya disclose the server of claim 37 and configured to receive an image file created without use of a camera.(Chin, paragraph 0046, pre-stored registered fingerprint data).
Regarding claim 40, Bao, Chin, and Kamiya disclose the server of claim 37 and configured to authenticate the mobile device of the user only if the second byte array matches the first byte array identically. (Kamiya, col. 3, lines 48, through col. 4, line 7, “When verification is required, the input fingerprint is first converted to an array of pixels, and temporarily stored in memory. A judgement is then made as to whether the degree of correlation is within a first range, indicating that the input fingerprint is definitely accepted as identical to the registered fingerprint, within a second range. If the degree of correlation found in this second stage is above a specific threshold value, then the input fingerprint is accepted, while if it is below that threshold value, the input fingerprint is rejected.”).
Claims 3, 9, 15, 33, and 39 are rejected under 35 U.S.C. 103 as being unpatentable over Bao (US20170171200), filed March 2, 2016, in view of Chin (US20170083750), filed September 3, 2016, and Kamiya (US5040223), filed February 17, 1989, and further in view of Froelicher (US20170264600), published on September 14, 2017.
Regarding claim 3, Bao, Chin, and Kamiya disclose the method of claim 1.
Bao, Chin, and Kamiya do not explicitly disclose wherein the trusted client computer device is coupled to the server using a Universal Second Factor (U2F) key.
However, in an analogous art, Froelicher discloses wherein the trusted client computer device is coupled to the server using a Universal Second Factor (U2F) key (Froelicher, paragraph 0059, “During authentication, the client device (e.g., 104, 108) proves possession of the private key (e.g., 520) to a server (e.g., 120) by signing a challenge, which involves a user-friendly action such as providing a fingerprint, entering a PIN or speaking into a microphone. With U2F, authentication a strong second factor, such as a Near Field Communication (NFC) tap or USB security token may be required for full authentication.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Froelicher with the method/ server/ computer program product/ method/ server of Bao, Chin, and Kamiya to include, wherein the trusted client computer device is coupled to the server using a Universal Second Factor (U2F) key, to provide users with the benefits of a strong second factor (Froelicher: paragraph 0059).
Regarding claim 9, Bao, Chin, and Kamiya disclose the server of claim 7.
Bao, Chin, and Kamiya do not explicitly disclose wherein the trusted client computer device is coupled to the server using a Universal Second Factor (U2F) key.
However, in an analogous art, Froelicher discloses wherein the trusted client computer device is coupled to the server using a Universal Second Factor (U2F) key (Froelicher, paragraph 0059, “During authentication, the client device (e.g., 104, 108) proves possession of the private key (e.g., 520) to a server (e.g., 120) by signing a challenge, which involves a user-friendly action such as providing a fingerprint, entering a PIN or speaking into a microphone. With U2F, authentication a strong second factor, such as a Near Field Communication (NFC) tap or USB security token may be required for full authentication.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Froelicher with the method/ server/ computer program product/ method/ server of Bao, Chin, and Kamiya to include, wherein the trusted client computer device is coupled to the server using a Universal Second Factor (U2F) key, to provide users with the benefits of a strong second factor (Froelicher: paragraph 0059).
Regarding claim 15, Bao, Chin, and Kamiya disclose the computer program product of claim 13.
Bao, Chin, and Kamiya do not explicitly disclose wherein the trusted client computer device is coupled to the server using a Universal Second Factor (U2F) key.
However, in an analogous art, Froelicher discloses wherein the trusted client computer device is coupled to the server using a Universal Second Factor (U2F) key (Froelicher, paragraph 0059, “During authentication, the client device (e.g., 104, 108) proves possession of the private key (e.g., 520) to a server (e.g., 120) by signing a challenge, which involves a user-friendly action such as providing a fingerprint, entering a PIN or speaking into a microphone. With U2F, authentication a strong second factor, such as a Near Field Communication (NFC) tap or USB security token may be required for full authentication.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Froelicher with the method/ server/ computer program product/ method/ server of Bao, Chin, and Kamiya to include, wherein the trusted client computer device is coupled to the server using a Universal Second Factor (U2F) key, to provide users with the benefits of a strong second factor (Froelicher: paragraph 0059).
Regarding claim 33, Bao, Chin, and Kamiya disclose the method of claim 31.
Bao, Chin, and Kamiya do not explicitly disclose wherein the trusted client computer device is coupled to the server using a Universal Second Factor (U2F) key.
However, in an analogous art, Froelicher discloses wherein the trusted client computer device is coupled to the server using a Universal Second Factor (U2F) key (Froelicher, paragraph 0059, “During authentication, the client device (e.g., 104, 108) proves possession of the private key (e.g., 520) to a server (e.g., 120) by signing a challenge, which involves a user-friendly action such as providing a fingerprint, entering a PIN or speaking into a microphone. With U2F, authentication a strong second factor, such as a Near Field Communication (NFC) tap or USB security token may be required for full authentication.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Froelicher with the method/ server/ computer program product/ method/ server of Bao, Chin, and Kamiya to include, wherein the trusted client computer device is coupled to the server using a Universal Second Factor (U2F) key, to provide users with the benefits of a strong second factor (Froelicher: paragraph 0059).
Regarding claim 39, Bao, Chin, and Kamiya disclose the server of claim 37.
Bao, Chin, and Kamiya do not explicitly disclose wherein the trusted client computer device is coupled to the server using a Universal Second Factor (U2F) key.
However, in an analogous art, Froelicher discloses wherein the trusted client computer device is coupled to the server using a Universal Second Factor (U2F) key (Froelicher, paragraph 0059, “During authentication, the client device (e.g., 104, 108) proves possession of the private key (e.g., 520) to a server (e.g., 120) by signing a challenge, which involves a user-friendly action such as providing a fingerprint, entering a PIN or speaking into a microphone. With U2F, authentication a strong second factor, such as a Near Field Communication (NFC) tap or USB security token may be required for full authentication.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Froelicher with the method/ server/ computer program product/ method/ server of Bao, Chin, and Kamiya to include, wherein the trusted client computer device is coupled to the server using a Universal Second Factor (U2F) key, to provide users with the benefits of a strong second factor (Froelicher: paragraph 0059).
Claims 5, 11, 17, 35, and 41 are rejected under 35 U.S.C. 103 as being unpatentable over Bao (US20170171200), filed March 2, 2016, in view of Chin (US20170083750), filed September 3, 2016, and Kamiya (US5040223), filed February 17, 1989, and further in view of Cooley (US20090158399), published on June 18, 2009.
Regarding claim 5, Bao, Chin, and Kamiya disclose the method of claim 1.
Bao, Chin, and Kamiya do not explicitly disclose comprising receiving and verifying login credentials, at the server, before requesting, by the server, the mobile-supplied image file.
However, in an analogous art, Cooley discloses comprising receiving and verifying login credentials, at the server, before requesting, by the server, the mobile-supplied image file (Cooley, paragraph 0005, the step of asking for a username occurs before “the second page may display a validation image and/or a phrase and a challenge question (e.g., "What city where you born in?")”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Cooley with the method/ server/ computer program product/ method/ server of Bao, Chin, and Kamiya to include, comprising receiving and verifying login credentials, at the server, before requesting, by the server, the mobile-supplied image file to provide users with the benefits of a multi-step authentication sequence (Cooley: paragraph 0002).
Regarding claim 11, Bao, Chin, and Kamiya disclose the server of claim 7.
Bao, Chin, and Kamiya do not explicitly disclose configured to receive and verify login credentials before requesting the mobile-supplied image file.
However, in an analogous art, Cooley discloses configured to receive and verify login credentials before requesting the mobile-supplied image file (Cooley, paragraph 0005, the step of asking for a username occurs before “the second page may display a validation image and/or a phrase and a challenge question (e.g., "What city where you born in?")”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Cooley with the method/ server/ computer program product/ method/ server of Bao, Chin, and Kamiya to include configured to receive and verify login credentials before requesting the mobile-supplied image file to provide users with the benefits of a multi-step authentication sequence (Cooley: paragraph 0002).
Regarding claim 17, Bao, Chin, and Kamiya disclose the computer program product of claim 13.
Bao, Chin, and Kamiya do not explicitly disclose comprising receiving and verifying login credentials, at the server, before requesting, by the server, the mobile-supplied image file.
However, in an analogous art, Cooley discloses comprising receiving and verifying login credentials, at the server, before requesting, by the server, the mobile-supplied image file (Cooley, paragraph 0005, the step of asking for a username occurs before “the second page may display a validation image and/or a phrase and a challenge question (e.g., "What city where you born in?")”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Cooley with the method/ server/ computer program product/ method/ server of Bao, Chin, and Kamiya to include, comprising receiving and verifying login credentials, at the server, before requesting, by the server, the mobile-supplied image file to provide users with the benefits of a multi-step authentication sequence (Cooley: paragraph 0002).
Regarding claim 35, Bao, Chin, and Kamiya disclose the method of claim 31.
Bao, Chin, and Kamiya do not explicitly disclose comprising receiving and verifying login credentials, at the server, before requesting, by the server, the mobile-supplied image file.
However, in an analogous art, Cooley discloses comprising receiving and verifying login credentials, at the server, before requesting, by the server, the mobile-supplied image file (Cooley, paragraph 0005, the step of asking for a username occurs before “the second page may display a validation image and/or a phrase and a challenge question (e.g., "What city where you born in?")”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Cooley with the method/ server/ computer program product/ method/ server of Bao, Chin, and Kamiya to include, comprising receiving and verifying login credentials, at the server, before requesting, by the server, the mobile-supplied image file to provide users with the benefits of a multi-step authentication sequence (Cooley: paragraph 0002).
Regarding claim 41, Bao, Chin, and Kamiya disclose the server of claim 37.
Bao, Chin, and Kamiya do not explicitly disclose configured to receive and verify login credentials before requesting the mobile-supplied image file.
However, in an analogous art, Cooley discloses configured to receive and verify login credentials before requesting the mobile-supplied image file (Cooley, paragraph 0005, the step of asking for a username occurs before “the second page may display a validation image and/or a phrase and a challenge question (e.g., "What city where you born in?")”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Cooley with the method/ server/ computer program product/ method/ server of Bao, Chin, and Kamiya to include configured to receive and verify login credentials before requesting the mobile-supplied image file to provide users with the benefits of a multi-step authentication sequence (Cooley: paragraph 0002).
Claims 6, 12, 18, 36, and 42 rejected under 35 U.S.C. 103 as being unpatentable over Bao (US20170171200), filed March 2, 2016, in view of Chin (US20170083750), filed September 3, 2016, and Kamiya (US5040223), filed February 17, 1989, and further in view of Bajaj (US20080109657), filed November 6, 2006.
Regarding claim 6, Bao, Chin, and Kamiya disclose the method of claim 1.
Bao, Chin, and Kamiya do not explicitly disclose wherein the user-supplied image file is an image file created by the user.
However, in an analogous art, Bajaj discloses wherein the user-supplied image file is an image file created by the user (Bajaj, paragraph 0014, image can be created by user, trusted third party; paragraph 0028, authentication server).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Bajaj with the method/ server/ computer program product/ method/ server of Bao, Chin, and Kamiya to include wherein the user-supplied image file is an image file created by the user to provide users with the benefits of a reliable and robust technology for providing assurance to a user that the site being viewed is true and authentic (Bajaj: paragraphs 0001-0005).
Regarding claim 12, Bao, Chin, and Kamiya disclose the server of claim 7.
Bao, Chin, and Kamiya do not explicitly disclose wherein the user-supplied image file is an image file created by the user.
However, in an analogous art, Bajaj discloses wherein the user-supplied image file is an image file created by the user (Bajaj, paragraph 0014, image can be created by user, trusted third party; paragraph 0028, authentication server).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Bajaj with the method/ server/ computer program product/ method/ server of Bao, Chin, and Kamiya to include wherein the user-supplied image file is an image file created by the user to provide users with the benefits of a reliable and robust technology for providing assurance to a user that the site being viewed is true and authentic (Bajaj: paragraphs 0001-0005).
Regarding claim 18, Bao, Chin, and Kamiya disclose the server of claim 13.
Bao, Chin, and Kamiya do not explicitly disclose wherein the user-supplied image file is an image file created by the user.
However, in an analogous art, Bajaj discloses wherein the user-supplied image file is an image file created by the user (Bajaj, paragraph 0014, image can be created by user, trusted third party; paragraph 0028, authentication server).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Bajaj with the method/ server/ computer program product/ method/ server of Bao, Chin, and Kamiya to include wherein the user-supplied image file is an image file created by the user to provide users with the benefits of a reliable and robust technology for providing assurance to a user that the site being viewed is true and authentic (Bajaj: paragraphs 0001-0005).
Regarding claim 36, Bao, Chin, and Kamiya disclose the method of claim 31.
Bao, Chin, and Kamiya do not explicitly disclose wherein the user-supplied image file is an image file created by the user.
However, in an analogous art, Bajaj discloses wherein the user-supplied image file is an image file created by the user (Bajaj, paragraph 0014, image can be created by user, trusted third party; paragraph 0028, authentication server).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Bajaj with the method/ server/ computer program product/ method/ server of Bao, Chin, and Kamiya to include wherein the user-supplied image file is an image file created by the user to provide users with the benefits of a reliable and robust technology for providing assurance to a user that the site being viewed is true and authentic (Bajaj: paragraphs 0001-0005).
Regarding claim 42, Bao, Chin, and Kamiya disclose the server of claim 37.
Bao, Chin, and Kamiya do not explicitly disclose wherein the user-supplied image file is an image file created by the user.
However, in an analogous art, Bajaj discloses wherein the user-supplied image file is an image file created by the user (Bajaj, paragraph 0014, image can be created by user, trusted third party; paragraph 0028, authentication server).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Bajaj with the method/ server/ computer program product/ method/ server of Bao, Chin, and Kamiya to include wherein the user-supplied image file is an image file created by the user to provide users with the benefits of a reliable and robust technology for providing assurance to a user that the site being viewed is true and authentic (Bajaj: paragraphs 0001-0005).
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to WALTER J MALINOWSKI whose telephone number is (571)272-5368. The examiner can normally be reached 8-6:30 MTWH.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, LUU PHAM can be reached at 5712705002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/W.J.M/ Examiner, Art Unit 2439
/LUU T PHAM/ Supervisory Patent Examiner, Art Unit 2439
Prosecution Insights