DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Double Patenting
A rejection based on double patenting of the “same invention” type finds its support in the language of 35 U.S.C. 101 which states that “whoever invents or discovers any new and useful process... may obtain a patent therefor...” (Emphasis added). Thus, the term “same invention,” in this context, means an invention drawn to identical subject matter. See Miller v. Eagle Mfg. Co., 151 U.S. 186 (1894); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Ockert, 245 F.2d 467, 114 USPQ 330 (CCPA 1957).
A statutory type (35 U.S.C. 101) double patenting rejection can be overcome by canceling or amending the claims that are directed to the same invention so they are no longer coextensive in scope. The filing of a terminal disclaimer cannot overcome a double patenting rejection based upon 35 U.S.C. 101.
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13.
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer.
Claims 21, 22, 27, 33, 34 and 39 are rejected on the ground of non-statutory double patenting as being unpatentable over claims 1, 8, 9-10, and 17-18 of U.S. Patent No. 11,303,435. Although the claims at issue are not identical, they are not patentably distinct from each other. Shown as follows:
Application
Patent
21. (New) A method comprising:
obtaining, by an access device, a first biometric sample of a user;
generating a first biometric template from the first biometric sample;
for each mobile device of a plurality of mobile devices within a proximate vicinity of the access device, the plurality of mobile devices comprising a first mobile device:
retrieving a cryptographic value of the mobile device;
encrypting the first biometric template using the cryptographic value of the mobile device; and
broadcasting the encrypted first biometric template to the plurality of mobile devices;
receiving, from the first mobile device, a confirmation of a match between the first biometric template and a biometric template of the first mobile device, wherein the biometric template of the mobile device is generated from a biometric sample of the first mobile device; and
responsive to the confirmation, conducting a transaction between the access device and the first mobile device.
22. (New) The method of claim 21, wherein prior to obtaining the first biometric sample of the user, the method further comprises:
broadcasting a transmitting station identifier to each of the plurality of mobile devices; and
for each of the plurality of mobile devices, receiving, from the mobile device, the cryptographic value of the mobile device and storing the cryptographic value of the mobile device.
27. (New) The method of claim 21, wherein obtaining the first biometric sample of the user comprises one of:
taking a photographic image of the user's face;
taking a fingerprint of the user;
taking a voice sample of the user;
taking a DNA sample of the user;
taking a retinal scan of the user; and
taking a hair sample of the user.
1. A method comprising:
obtaining, by an access device, a second biometric sample of a user;
generating, by the access device, a second biometric template from the second biometric sample;
for each mobile device of a plurality of mobile devices within a proximate vicinity of the access device, the plurality of mobile devices comprising a first mobile device:
retrieving, by the access device, a public value of the mobile device, wherein:
the public value of the mobile device and a private value of the mobile device were generated by passing a first biometric template of the mobile device to a first function of a fuzzy extractor; and
the first biometric template of the mobile device was generated from a first biometric sample of the mobile device;
generating, by the access device, a secret cryptographic key by passing the second biometric template and the public value of the mobile device to a second function of the fuzzy extractor;
encrypting, by the access device, the second biometric template with the secret cryptographic key; and
broadcasting, by the access device, the encrypted second biometric template, wherein the encrypted second biometric template is received by the plurality of mobile devices;
receiving, by the access device and from the first mobile device, a confirmation of a match between the second biometric template and a first biometric template of the first mobile device after the first mobile device decrypts the encrypted second biometric template and compares the decrypted second biometric template to the first biometric template, wherein the first biometric template of the first mobile device is generated from a first biometric sample of the first mobile device; and
responsive to the confirmation, conducting a transaction between the access device and the first mobile device.
8. The method of claim 2, wherein prior to obtaining the second biometric sample of the user, the method further comprises:
broadcasting a transmitting station identifier to each of the plurality of mobile devices; and
for each of the plurality of mobile devices: receiving from the mobile device, the public value of the mobile device and storing the public value of the mobile device.
9. The method of claim 2 wherein obtaining the second biometric sample of the user comprises one of:
taking a photographic image of the user's face;
taking a fingerprint of the user;
taking a voice sample of the user;
taking a DNA sample of the user;
taking a retinal scan of the user; and
taking a hair sample of the user.
The comparison of claim 21 to claim 1 of the Patent is similar to the comparison of claim 33 compared to claim 10 of the Patent. The comparison of claim 22 to claim 8 of the Patent is similar to the comparison of claim 34 compared to claim 17 of the Patent. The comparison of claim 27 to claim 9 of the Patent is similar to the comparison of claim 39 compared to claim 18 of the Patent.
The other claims 23-26, 28-32, 35-38 and 40 merely recite elements that are included in claims 21 and 33, but are not rejected under Double Patent.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 21-40 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more.
The analysis of the claims is based on the subject matter eligibility test that is detailed in the 2024 Patent Subject Matter Eligibility (SME) Guidance Update Including Artificial Intelligence (2024 AI SME Update)(July 2024), the 2019 Revision to the SME Guidance (2019 PEG)(January 2019) and the October 2019 SME Guidance Update (October 2019). The current guidance is referenced in the Manual of Patent Examining Procedure (MPEP) sections 2103 through 2106.07.
In Step 1 of the test, the claims were found to be directed to one of the four statutory categories, which is a process. Claims 21-32 are directed to the method of executing the process; and claims 33-40 are directed to an access device that executes the process. Therefore, the result of Step 1 is the claims are directed to at least one statutory category.
In Step 2A(1), the claims were found to recite an abstract idea. The [ind. claims] recite as follows:
obtaining, by an access device, a first biometric sample of a user;
generating a first biometric template from the first biometric sample;
for each mobile device of a plurality of mobile devices within a proximate vicinity of the access device, the plurality of mobile devices comprising a first mobile device:
retrieving a cryptographic value of the mobile device;
encrypting the first biometric template using the cryptographic value of the mobile device; and
broadcasting the encrypted first biometric template to the plurality of mobile devices;
receiving, from the first mobile device, a confirmation of a match between the first biometric template and a biometric template of the first mobile device, wherein the biometric template of the mobile device is generated from a biometric sample of the first mobile device; and
responsive to the confirmation, conducting a transaction between the access device and the first mobile device.
The emphasized elements are descriptive of an abstract idea. The functions recited are common of securing authentication data prior to the authentication process. The elements biometric sample and biometric template is considered as data related to identification. The encrypting function is encoding the identification data for delivery. All the elements are describing commercial interactions, where the authentication data is for a transaction, and legal interactions, where the biometric data is encrypted, and these are part of an abstract idea of certain methods of organizing human activity.
The dependent claims 22-32 and 34-40 further support the interpretation of the abstract idea. For example, the claims 27 and 39 recite the different biometric samples that could be obtained, but the method does not specify that the access device scanned or recorded the samples, and the broad term obtaining is interpreted to be receiving the identification data. All other claims follow the information of the independent claims reciting the abstract idea. Therefore, the result of Step 2A(1) is the claims recite an abstract idea.
In Step 2A(2), the claims that recite the abstract idea do not integrate the abstract idea into a practical application. Independent claims 21 and 31 recite by an access device and first mobile device to perform the transaction, data gathering and authentication. The functions of obtaining, generating, retrieving, encrypting, broadcasting, receiving and conducting as recited in the claims are describing functions of an authentication process for a transaction. The elements biometric sample and biometric template are recited as descriptive of the data to be compared, and are considered “extra-solution activity”. The function of encryption is recited to merely encode the data, which is transmitted to be authenticated but not decrypted.
The dependent claims 22-30 and 32-40 attempt to generally link the use of the abstract idea to a particular technological environment or field of use. Therefore, the result of Step 2A(2) is the claims do not integrate the abstract idea into a practical application.
In Step 2B, the claims do not include additional elements that are sufficient to amount to significantly more than the abstract idea. The claims recite an access device and first mobile device. While the additional elements limit the abstract idea to a specific field of technology, there is no improvement to the functions of the recited technology, nor is there an improvement to another technology or technical field. Thus, the additional elements merely recite instructions to execute the abstract idea. Considering the additional elements individually, the claims do not include elements that are sufficient to amount to significantly more than the abstract idea. Considering the additional elements in combination, the steps do not add any meaningful limits on practicing the abstract idea more than the elements analyzed individually and thus do not add significantly more to the claimed invention. Therefore, the result of Step 2B is the claims do not add significantly more to the abstract idea. The test concludes the claims 21-40 are patent ineligible.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 21 and 33 are rejected under AIA 35 U.S.C. 103(a) as being unpatentable over US_PGPub_2010/0134246 ("Kevenaar"), in view of US_PGPub_2016/0036810 ("Kim"), in view of US_Patent_9,633,383 ("Zamer").
Regarding Claims 21 and 33, Kevenaar teaches
obtaining... a first biometric sample of a user (Fig. 1 Item Z; [0029]);
generating a first biometric template (Fig. 1 Item X; [0029], [0044] "Wz,h(Sz)") from the first biometric sample (Fig. 1 Item Z; [0029]);
retrieving a cryptographic value (Fig. 1 Items K, T, X, Z; [0029], [0031], [0044], [0045] K=W2);
encrypting the first biometric template with the secret cryptographic key; and ([0043])
Kevenaar does not expressly teach
obtaining, by an access device, a first biometric sample
for each mobile device of a plurality of mobile devices within a proximate vicinity of the access device, the plurality of mobile devices comprising a first mobile device
[generating a secret cryptographic key with] a second function of the fuzzy extractor;
broadcasting [biometric information] to the plurality of mobile devices
receiving, from the first mobile device, [a confirmation]
conducting a transaction between the access device and the first mobile device.
However, Kim does teach
[obtaining] by an access device [a first biometric sample] (Fig. 7 Item 710, Fig. 8 Item 856; [0092], [0097])
for each mobile device of a plurality of mobile devices within a proximate vicinity ([0057]) of the access device, the plurality of mobile devices comprising a first mobile device (Fig. 7 Items 710, 720, 730, 740, 750, Fig. 8 Items 810, 820, 830; [0092], [0097]-[0098])
broadcasting [biometric information] to the plurality of mobile devices ([0092], [0097]-[0098])
It would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to modify the teachings of Kevenaar to include “the biometric wireless session connection of multiple devices”, as taught by Kim, to use biometrics while only revealing a "limited amount of information on the biometric." (Kevenaar at [0044]).
Kevenaar, in view of Kim, does not expressly teach
receiving, from the first mobile device, [a confirmation]
conducting a transaction between the access device and the first mobile device.
However, Zamer does teach
receiving, from the first mobile device, [a confirmation] (Col. 9 Ln. 13-26)
conducting a transaction between the access device and the first mobile device (Col. 10 Ln. 4-14).
It would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to modify the teachings of Kevenaar to include “the mobile device transaction teachings”, as taught by Zamer, to make a transaction with a wireless device, like smart phone, since "portable devices are gradually expanding" in their capabilities. (Kim at [0003]).
Regarding Claims 23 and 35, Kevenaar, in view of Kim, in view of Zamer, teaches the limitations of claims 21 and 33. Kevenaar teaches the cryptographic value is a public key. (See Kevenaar in [0043])
Regarding Claims 26 and 38, Kevenaar, in view of Kim, in view of Zamer, teaches the limitations of claims 21 and 33. Kevenaar, in view of Kim, teaches the mobile device is a mobile phone. (See Kim in at least [0045])
Regarding Claims 27 and 39, Kevenaar, in view of Kim, in view of Zamer, teaches the limitations of claims 21 and 33. Kevenaar teaches wherein obtaining the first biometric sample of the user comprises one of:
taking a photographic image of the user's face; taking a fingerprint of the user; taking a voice sample of the user; taking a DNA sample of the user; taking a retinal scan of the user; and taking a hair sample of the user ([0019]).
Regarding Claim 28, Kevenaar, in view of Kim, in view of Zamer, teaches the limitations of claim 21. Kevenaar, in view of Kim, in view of Zamer, teaches the cryptographic value is a public key (See Kevenaar in [0043]), and the mobile device is a mobile phone. (See Kim in at least [0045])
Regarding Claims 29 and 40, Kevenaar, in view of Kim, in view of Zamer, teaches the limitations of claims 21 and 33. Kevenaar, in view of Kim, teaches the access device encrypts a resource provider identifier along with the first biometric template, (See Kevenaar in [0043]) and broadcasts the encrypted first biometric template and the resource provider identifier to the plurality of mobile devices. (See Kim in Fig. 7 Items 710, 720, 730, 740, 750, Fig. 8 Items 810, 820, 830; [0092], [0097]-[0098])
Regarding Claim 30, Kevenaar, in view of Kim, in view of Zamer, teaches the limitations of claim 21. Kevenaar, in view of Kim, teaches the access device encrypts a resource provider identifier and a nonce along with the first biometric template, (See Kevenaar in [0043]) and broadcasts the encrypted first biometric template, resource provider identifier, and nonce to the plurality of mobile devices. (See Kim in Fig. 7 Items 710, 720, 730, 740, 750, Fig. 8 Items 810, 820, 830; [0092], [0097]-[0098])
Regarding Claim 31, Kevenaar, in view of Kim, in view of Zamer, teaches the limitations of claim 21. Kevenaar, in view of Kim, teaches the access device encrypts a resource provider identifier and a nonce along with the first biometric template, (See Kevenaar in [0043]) and broadcasts the encrypted first biometric template, resource provider identifier, and nonce to the plurality of mobile devices, (See Kim in Fig. 7 Items 710, 720, 730, 740, 750, Fig. 8 Items 810, 820, 830; [0092], [0097]-[0098]) and wherein the confirmation of the match is a digital signature in a message that is sent from the mobile device to the access device. (See Kevenaar in Fig. 1 Item Y, Z; [0036], [0037])
Regarding Claim 32, Kevenaar, in view of Kim, in view of Zamer, teaches the limitations of claim 31. Kevenaar, in view of Kim, teaches the message also includes the nonce (See Kevenaar in [0031], [0045]) and the resource provider identifier. (See Kim in [0133])
Claims 22, 25, 34 and 37 are rejected under AIA 35 U.S.C. 103(a) as being unpatentable over Kevenaar, in view of Kim, in view of Zamer, and further in view of US_PGPub_2015/0036894 ("Matsunami"), and further in view of US_PGPub_2015/0221149 ("Main").
Regarding claims 22 and 34, Kevenaar, in view of Kim, in view of Zamer, teaches the limitations of claims 21 and 33. Kevenaar teaches:
wherein prior to obtaining the first biometric sample of the user (Fig. 1 Item Z; [0029]), the method further comprises:
receiving ... the public value ([0045], [0057]) ...
Kevenaar does not teach:
broadcasting . .. to each of the plurality of mobile devices; and
for each of the plurality of mobile devices:
and storing the [biometric feature] ...
broadcasting a transmitting station identifier [to mobile devices]
Kim teaches:
broadcasting ... to each of the plurality of mobile devices; and ([0092], [0097]-[0098])
for each of the plurality of mobile devices (Fig. 7 Items 710, 720, 730, 740, 750, Fig. 8, Items 810, 820, 830; [0092], [0097]-[0098])
It would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to modify the teachings of Kevenaar to include “biometric wireless session connection of multiple devices”, as taught by Kim, to use biometrics while only revealing a "limited amount of information on the biometric. " (Kevenaar at 0044.)
Kevenaar, in view of Kim, in view of Zamer, in view of Buhan, does not expressly teach:
and storing the [biometric feature] ...
broadcasting a transmitting station identifier [to mobile devices]
Matsunami teaches:
and storing the [biometric feature] ([0030]) ...
It would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to modify the teachings of Kevenaar to include “biometric cryptography”, as taught by Matsunami, to have the "feature information ... reduced" for "simple distance calculation[s.] " (Matsunami at [0003].)
Kevenaar, in view of Kim, in view of Zamer, in view of Buhan, in view of Matsunami, does not expressly teach:
broadcasting a transmitting station identifier [to mobile devices]
Main teaches:
broadcasting a transmitting station identifier [to mobile devices] ([0025], [0028])
It would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to modify the teachings of Kevenaar to include “WIFI wallet”, as taught by Main, to make a transaction wirelessly given the "ubiquity of wireless routers and access points. " (Main at [0005].)
Regarding Claims 25 and 37, Kevenaar, in view of Kim, in view of Zamer, teaches the limitations of claims 21 and 33. Kevenaar, in view of Kim, in view of Zamer, does not expressly teach the access device is a terminal that allows access to the user.
However, Main does teach a terminal that allows access to the user. ([0047])
It would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to modify the teachings of Kevenaar to include “user access terminal”, as taught by Main, to make a transaction wirelessly given the "ubiquity of wireless routers and access points. " (Main at [0005].)
Claims 24 and 36 are rejected under AIA 35 U.S.C. 103(a) as being unpatentable over Kevenaar, in view of Kim, in view of Zamer, and further in view of in view of Non_Patent_Literature "Secure Ad-hoc Pairing with Biometrics SAfE" ("Buhan").
Regarding Claims 24 and 36, Kevenaar, in view of Kim, in view of Zamer, teaches the limitations of claims 21 and 33. Kevenaar, in view of Kim, in view of Zamer, does not expressly teach wherein the cryptographic value was generated using a fuzzy extractor.
However, Buhan does teach [generating a secret cryptographic key with] a second function of the fuzzy extractor (Buhan, Fig. 2 of mB'=Flip(mB,{xB}... p. 4 Section The Paring Protocol)
It would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to modify the teachings of Kevenaar to include "fuzzy extractor cryptography", as taught by Buhan, to solve the "pairing problem" of two devices (Buhan at p. 1 Section Introduction) by utilizing a "key agreement scheme" or "key-agreement protocol" (pp. 2-3 of Section Related Work) for increasing security.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to EDGAR R. MARTINEZ-HERNANDEZ whose telephone number is (571)270-0658. The examiner can normally be reached M-F from 9:00 am - 5:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, John W. Hayes can be reached at 571-272-6708. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/ERM/Examiner, Art Unit 3697
/JOHN W HAYES/Supervisory Patent Examiner, Art Unit 3697