Prosecution Insights
Browse Companies Examiners Firms Draft Your Response
Office ActionsLumen Vector LLC › 18593736
Last updated: April 19, 2026
Application No. 18/593,736

AUTHENTICATING PRESENTED CREDENTIALS OF INDIVIDUALS

Non-Final OA §103§112
Filed
Mar 01, 2024
Examiner
CELANI, NICHOLAS P
Art Unit
2449
Tech Center
2400 — Computer Networks
Assignee
Lumen Vector LLC
OA Round
1 (Non-Final)
46%
Grant Probability
Moderate
1-2
OA Rounds
3y 2m
To Grant
88%
With Interview

Interview Optional

+42.2% interview lift. This examiner has a relatively high allow rate; a written response may suffice.
Based on 454 resolved cases, 2023–2026

Examiner Intelligence

CELANI, NICHOLAS P View full profile →
Grants 46% of resolved cases
46%
Career Allow Rate
207 granted / 454 resolved
-12.4% vs TC avg
Strong +42% interview lift
Without
With
+42.2%
Interview Lift
resolved cases with interview
Typical timeline
3y 2m
Avg Prosecution
41 currently pending
Career history
495
Total Applications
across all art units

Statute-Specific Performance

§101
14.7%
-25.3% vs TC avg
§103
49.5%
+9.5% vs TC avg
§102
2.7%
-37.3% vs TC avg
§112
24.3%
-15.7% vs TC avg
Black line = Tech Center average estimate • Based on career data from 454 resolved cases

Office Action

§103 §112
DETAILED ACTION The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention. In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. Claims 1-20 are rejected in the Instant Application. Priority Examiner acknowledges Applicant’s claim to priority benefits of 63/488496 filed 3/4/2023. Claim Rejections Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. Claim(s) 20 is/are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA the applicant regards as the invention. Claim 20 begins with “receiving a second request from the second client device to authenticate the identity of the first user” but the remainder of the claim proceeds as if the authentication is of the second user (see, e.g., “and providing, to the first client device, an indication of the identity of the second user”). The claim generally proceeds as a mirror to the previous claim, which authenticated the identity of the first user. Examiner views the use of “first” in the first limitation as a typo and Applicant meant “second” but the claim as written is self-contradictory and creates an indefiniteness of scope. Claim Rejections - 35 USC § 103 A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-12 and 14-20 are rejected under 35 U.S.C. 103 as being unpatentable over Coffing (US Pub. 2009/0117883) in view of Hatti (US Pub. 2020/0295948). With respect to Claim 1, Coffing teaches a method of authenticating an individual, comprising: registering, at the server device, an agent account for an agent associated with the organization; (An agent of an organization will be taught later. para. 6, 95, 99, 109, 141; user creates profile that is stored in a database. para. 15, 27, 38; system provides access to profiles that include user-defined data such as name, phone number or contact information) generating an authenticated identity object based on receiving an indication of an authenticated identity of the agent account from the organization account, wherein the authenticated identity object is maintained in a storage accessible to the server device; (Figs. 1-3, paras. 69-70, 74; authentication server stores user name and password that provide access to an account that has user ID, device ID and tokens.) receiving an authentication request from a first client device to authenticate an identity of a first user of the first client device with respect to the organization; (paras. 69-70, 74, 78-80, 82; user logs in and server verifies the user’s identity.) generating, based on the authentication request, a dynamic token associated with the authenticated identity object; (paras. 69-70, 80, 82; server generates tokens and provides them to the user’s device. paras. 15, 63, 69-70; tokens may be single use, finite use, or may expire over time.) providing the dynamic token to the first client device; (para. 69-70, 80, 82; server generates tokens and provides them to client device.) receiving the dynamic token from a second client device, the dynamic token having been received by a second user of the second client device from the first user; (Fig. 1, para. 63, 70, 83; User A transmits token to User B. Fig. 4, para. 71; User B sends User A’s token that it has received to the authentication server.) authenticating the identity of the first user as the agent based on verifying that the dynamic token received from the second client device is associated with the authenticated identity object maintained at the server device; (paras. 71-73; server determines if token is valid by keeping a record of tokens as they are generated and looking up the received token on the list.) and providing, to the second client device, an indication that the first user is associated with the organization. (para. 63, 71, 134; system returns User A’s profile to User B.) But Coffing does not explicitly teach an agent associated with an organization. Hatti, however, does teach registering, at a server device, an organization account for an organization; an agent associated with the organization (Coffing already taught registration, however Hatti also teaches registration, see paras. 46-47; verifier receives identity instance and extracts association record. Association record relates an organization ID to a user ID and includes association details. Para. 152; employment records. To the extent the reference does not explicitly disclose an agency relationship, Examiner takes official notice of agents of an organization and it would have been obvious to one of ordinary skill prior to the effective filing date to register the agent relationship in order to allow for verification of that relationship.) It would have been obvious to one of ordinary skill prior to the effective filing date to combine the method of Coffing with the registration of the organization in order to verify a person’s status of association with an organization. (Hatti, para. 1) With respect to Claim 2, modified Coffing teaches the method of claim 1, and Hatti also teaches wherein providing the indication that the first user is associated with the organization includes providing, to the second client device, an indication that the first user is the agent. (paras. 96-97; system verifies association status of user. para. 116; system identifies status is valid.) The same motivation to combine as the independent claim applies here. With respect to Claim 3, modified Coffing teaches the method of claim 1, and Hatti also teaches wherein receiving the indication includes receiving, from the organization account, an indication of a trusted relationship between the organization and the agent. (paras. 96-97; system verifies association status of user. para. 116; system identifies status is valid. To the extent that the association does not explicitly identify a trust relationship, Examiner takes official notice of a trusted relationship and it would have been obvious to one of ordinary skill prior to the effective filing date to identify a trusted relationship as an association status in order to allow for verification of the trusted relationship.) The same motivation to combine as the independent claim applies here. With respect to Claim 4, modified Coffing teaches the method of claim 1, and Coffing also teaches wherein receiving the authentication request is based on a secure login of the first user to the agent account, and wherein receiving the dynamic token is based on a secure login of the second user to a second user account. (paras. 69-70, 74, 78-80, 82; user logs in and server verifies the user’s identity. para. 133; User B logs in to gain access to the service. Para. 132; user A and User B may both provide data to authenticate that there is an intended transmittal between the users. Regardless, it would have been obvious to one of ordinary skill prior to the effective filing date to require a log in prior to submitting a token in order to keep track of messages sent and received between users and profiles viewed by users, see para. 38.) With respect to Claim 5, modified Coffing teaches the method of claim 4, and Coffing also teaches wherein the secure login of the agent account and of the second user account each includes an associated user providing a password and one or more biometrics on an associated client device. (paras. 17, 74, 79; login using password. para. 74, 88-89; credentials may include biometrics) With respect to Claim 6, modified Coffing teaches the method of claim 1, and Hatti also teaches wherein receiving the dynamic token from the second client device includes receiving, from the second client device, an indication of the organization. (paras. 47-48, 113; system requesting verification transmits organization id along with user id.) The same motivation to combine as the independent claim applies here. With respect to Claim 7, modified Coffing teaches the method of claim 1, and Coffing also teaches wherein generating the authenticated identity object includes receiving identity information associated with the agent and associating the identity information with the authenticated identity object. (Figs. 1-3, paras. 69-70, 74; authentication server stores user name and password that provide access to an account that has user ID, device ID and tokens.) With respect to Claim 8, modified Coffing teaches the method of claim 7, and Coffing also teaches wherein the identity information includes one or more of a name of the agent, a photo associated with the agent, contact information of the agent, employment information of the agent, a task of the agent, permissions of the agent, an authentication history of the agent, or an authentication rating of the agent. (para. 27, 102; name, phone number, email address, photo) With respect to Claim 9, modified Coffing teaches the method of claim 7, and Coffing also teaches wherein providing the indication includes providing, to the second client device, a portion of the identity information associated with the authenticated identity object. (para. 63, 71, 134; system returns User A’s profile to User B. para. 20, 24; token provides access to whatever granular detail of profile information the user wants to share.) With respect to Claim 10, modified Coffing teaches the method of claim 1, and Coffing also teaches wherein the authenticated identity object maintained in the storage is encrypted. (para. 153; profile information may be encrypted. It would have been obvious to one of ordinary skill prior to the effective filing date to encrypt the stored profile in order to protect user information. See, e.g., para. 103; profile contains credit card information.) With respect to Claim 11, modified Coffing teaches the method of claim 1, and Coffing also teaches wherein the dynamic token includes one or more of a quick read (QR) code, an alphanumeric code, a password, or a passphrase. (para. 155-156; system may use QR codes in same manner as tokens. Para. 72; token stores password information. Para. 96; generation of tokens due to random code such as a cryptographic key.) With respect to Claim 12, modified Coffing teaches the method of claim 1, and Coffing also teaches wherein generating the dynamic token includes determining a time threshold for the dynamic token to expire. (para. 15, 63; tokens may be set to expire over time.) With respect to Claim 14, modified Coffing teaches the method of claim 1, and Coffing also teaches wherein the dynamic token is received by the second user from the first user through a dialogue between the first user and the second user including one or more of in-person communication, telecommunication, messaging, or email. (Fig. 1, para. 63, 70, 83; User A transmits token to User B. para. 63, 85-86, 97; in person communication. Para. 67, 86; token passes over messaging or email.) With respect to Claim 15, modified Coffing teaches the method of claim 1, and Coffing also teaches wherein the dynamic token is received by the second user from the first user through an interaction of the first user and the second user exchanging data through one or more of a QR code, a bar code, near-field communication (NFC), radio frequency identification (RFID), Bluetooth, or a data network. (para. 97; NFC. Para. 155-156; qr code) With respect to Claim 16, modified Coffing teaches the method of claim 1, and Coffing also teaches wherein receiving the dynamic token from the second client device is based on user input by the second user to the second client device. (para. 71; Request for another party’s profile, which suggests an input. Profile delivery may be due to subsequent input where input is prompted.) With respect to Claim 17, Coffing teaches a method of authenticating an individual, comprising: registering, at a server device, a first user account for a first user; (para. 6, 95, 99, 109, 141; user creates profile that is stored in a database. para. 15, 27, 38; system provides access to profiles that include user-defined data such as name, phone number or contact information) registering, at the server device, a second user account for a second user; (para. 6, 95, 99, 109, 141; user creates profile that is stored in a database. para. 15, 27, 38; system provides access to profiles that include user-defined data such as name, phone number or contact information) generating an authenticated identity object based on receiving an indication of an authenticated identity of the first user account; wherein the authenticated identity object is maintained in a storage accessible to the server device; (paras. 69-70, 74, 78-80, 82; user logs in and server verifies the user’s identity. Figs. 1-3, paras. 69-70, 74; authentication server stores user name and password that provide access to an account that has user ID, device ID and tokens.) generating, based on the authentication request, a dynamic token associated with the authenticated identity object; (paras. 69-70, 80, 82; server generates tokens and provides them to the user’s device. paras. 15, 63, 69-70; tokens may be single use, finite use, or may expire over time.) providing the dynamic token to the first client device; (para. 69-70, 80, 82; server generates tokens and provides them to client device.) receiving the dynamic token from a second client device, the dynamic token having been received by the second user from the user of the first client device; (Fig. 1, para. 63, 70, 83; User A transmits token to User B. Fig. 4, para. 71; User B sends User A’s token that it has received to the authentication server.) determining that the user of the first client device is the first user based on verifying that the dynamic token received from the second client device is associated with the authenticated identity object maintained at the server device; (Verifying association will be taught later. paras. 71-73; server determines if token is valid by keeping a record of tokens as they are generated and looking up the received token on the list.) and providing, to the second client device, an indication that the user of the first client device is the first user. (para. 63, 71, 134; system returns User A’s profile to User B.) But Coffing does not explicitly teach authenticating an association. Hatti, however, does teach receiving an authentication request from a first client device to authenticate an association of a user of the first client device with the second user; (paras. 46-47; verifier receives identity instance and extracts association record. Association record relates an organization ID to a user ID and includes association details. Para. 152; employment records. To the extent the reference does not explicitly disclose an user to user association, Examiner takes official notice of agents of an organization and it would have been obvious to one of ordinary skill prior to the effective filing date to register the relationship in order to allow for verification of that relationship.) It would have been obvious to one of ordinary skill prior to the effective filing date to combine the method of Coffing with the authentication of an association in order to verify a person’s status of association with an organization. (Hatti, para. 1) With respect to Claim 18, modified Coffing teaches the method of claim 17, and Coffing also teaches wherein the authenticated identity object is accessible to only the first user and the second user. (paras. 20, 24, 75; profile data may be shared granularly. Para. 15; profile contains private data. Therefore the identity object is only visible to the first user because the first user is the owner and the second user because the second user has a token that allows access.) With respect to Claim 19, Coffing teaches a method of authenticating an individual, comprising: receiving, at a server device, a request from a first client device to authenticate an identity of a first user of the first client device with respect to a second user of a second client device; (Authenticating an association will be taught later. para. 6, 95, 99, 109, 141; user creates profile that is stored in a database. para. 15, 27, 38; system provides access to profiles that include user-defined data such as name, phone number or contact information. Fig. 1, para. 63, 70, 83; User A transmits token to User B. Fig. 4, para. 71; User B sends User A’s token that it has received to the authentication server.) identifying an authenticated identity object associated with an authenticated identity of the first user with respect to the second user, wherein the authenticated identity object is maintained in a storage accessible to the server device; (Figs. 1-3, paras. 69-70, 74; authentication server stores user name and password that provide access to an account that has user ID, device ID and tokens.) generating, based on the request, a dynamic token associated with the authenticated identity object, (paras. 69-70, 80, 82; server generates tokens and provides them to the user’s device. paras. 15, 63, 69-70; tokens may be single use, finite use, or may expire over time.) providing the dynamic token to the first client device; (para. 69-70, 80, 82; server generates tokens and provides them to client device.) receiving the dynamic token from a second client device based on user input by a second user to the second client device, the dynamic token having been received by the second user from the first user; (Fig. 1, para. 63, 70, 83; User A transmits token to User B. Fig. 4, para. 71; User B sends User A’s token that it has received to the authentication server. para. 71; Request for another party’s profile, which suggests an input. Profile delivery may be due to subsequent input where input is prompted.) authenticating the identity of the first user with respect to the second user based on verifying that the dynamic token received from the second client device is associated with the authenticated identity object maintained at the server device; (Verifying association will be taught later. paras. 71-73; server determines if token is valid by keeping a record of tokens as they are generated and looking up the received token on the list.) and providing, to the second client device, an indication of the identity of the first user. (para. 63, 71, 134; system returns User A’s profile to User B.) But Coffing does not explicitly teach authenticating an association. Hatti, however, does teach authenticate an identity of a first user of the first client device with respect to a second user of a second client device; authenticating the identity of the first user with respect to the second user (paras. 46-47; verifier receives identity instance and extracts association record. Association record relates an organization ID to a user ID and includes association details. Para. 152; employment records. To the extent the reference does not explicitly disclose an user to user association, Examiner takes official notice of agents of an organization and it would have been obvious to one of ordinary skill prior to the effective filing date to register the relationship in order to allow for verification of that relationship.) It would have been obvious to one of ordinary skill prior to the effective filing date to combine the method of Coffing with the authentication of an association in order to verify a person’s status of association with an organization. (Hatti, para. 1) With respect to Claim 20, modified Coffing teaches the method of claim 19, and Coffing also teaches further comprising: receiving a second request from the second client device to authenticate the identity of the first user; (This claim is essentially the reverse of Claim 19, and therefore the same citations apply because the system verifies User B in the same way it verifies User A. para. 6, 95, 99, 109, 141; user creates profile that is stored in a database. para. 15, 27, 38; system provides access to profiles that include user-defined data such as name, phone number or contact information.) generating, based on the second request, a second dynamic token associated with the authenticated identity object; (paras. 69-70, 80, 82; server generates tokens and provides them to the user’s device. paras. 15, 63, 69-70; tokens may be single use, finite use, or may expire over time.) providing the second dynamic token to the second client device; (para. 69-70, 80, 82; server generates tokens and provides them to client device.) receiving the dynamic token from the first client device based on user input of the first user to the first client device, the second dynamic token having been received by the first user from the second user; (Fig. 1, para. 63, 70, 83; User A transmits token to User B. Fig. 4, para. 71; User B sends User A’s token that it has received to the authentication server.) authenticating the identity of the second user with respect to the first user based on verifying that the second dynamic token received from the first device is associated with the authenticated identity object maintained at the server device; (Verifying association will be taught later. paras. 71-73; server determines if token is valid by keeping a record of tokens as they are generated and looking up the received token on the list.) and providing, to the first client device, an indication of the identity of the second user. (para. 63, 71, 134; system returns User A’s profile to User B.) and Hatti also teaches authenticating the identity of the second user with respect to the first user (paras. 46-47; verifier receives identity instance and extracts association record. Association record relates an organization ID to a user ID and includes association details. Para. 152; employment records. To the extent the reference does not explicitly disclose an user to user association, Examiner takes official notice of agents of an organization and it would have been obvious to one of ordinary skill prior to the effective filing date to register the relationship in order to allow for verification of that relationship.) The same motivation to combine as the independent claim applies here. Claim 13 is rejected under 35 U.S.C. 103(a) as being unpatentable over Coffing (US Pub. 2009/0117883) in view of Hatti (US Pub. 2020/0295948), and further in view of Kwon (US Pub. 2022/0166769). With respect to Claim 13, modified Coffing teaches the method of claim 1, but does not teach end-to-end encryption. Kwon, however, does teach wherein providing the dynamic token to the first client device includes transmitting the dynamic token to the first client device through an end-to-end encrypted communication to the first client device, and receiving the dynamic token from the second client device includes receiving the dynamic token through an end-to-end encrypted communication from the second client device. (para. 57; communication of a token over a channel that is end-to-end encrypted.) It would have been obvious to one of ordinary skill prior to the effective filing date to combine the method of modified Coffing with the end-to-end encryption in order to increase the security of the transfer of the token. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to NICHOLAS P CELANI whose telephone number is (571)272-1205. The examiner can normally be reached on M-F 9-5. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Vivek Srivastava can be reached on 571-272-7304. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /NICHOLAS P CELANI/Examiner, Art Unit 2449
Read full office action

Prosecution Timeline

Mar 01, 2024
Application Filed
Dec 05, 2025
Non-Final Rejection — §103, §112
Mar 13, 2026
Interview Requested
Mar 23, 2026
Examiner Interview Summary
Mar 23, 2026
Applicant Interview (Telephonic)

Precedent Cases

Applications granted by this same examiner with similar technology

18/494,850
Patent 12592949
METHODS AND SYSTEMS FOR CATEGORIZING CYBER INCIDENT LOGS FEATURING DYNAMIC RELATIONSHIPS TO PRE-EXISTING CYBER INCIDENT REPORTS IN REAL-TIME
2y 5m to grant Granted Mar 31, 2026
15/995,376
Patent 12580823
ON-PREMISE MACHINE LEARNING MODEL SELECTION IN A NETWORK ASSURANCE SERVICE
2y 5m to grant Granted Mar 17, 2026
16/564,403
Patent 12574424
Systems and methods for video-conference network system suitable for scalable, automatable, inter-social domain, private tele-consultation service
2y 5m to grant Granted Mar 10, 2026
18/075,792
Patent 12574208
DATA ENCRYPTION AND DECRYPTION USING SCREENS AND LFSR-GENERATED LOGIC BLOCKS
2y 5m to grant Granted Mar 10, 2026
18/620,736
Patent 12547471
TECHNIQUES FOR MANAGING EDGE DEVICE PROVISIONING
2y 5m to grant Granted Feb 10, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

1-2
Expected OA Rounds
46%
Grant Probability
88%
With Interview (+42.2%)
3y 2m
Median Time to Grant
Low
PTA Risk
Based on 454 resolved cases by this examiner. Grant probability derived from career allow rate.

Ready to respond to this office action?

IP Author drafts your complete OA response — amendments, arguments, and claim strategy — in minutes, not days.

Start Drafting Your Response →

Data sourced from USPTO Patent File Wrapper (daily) and Office Action Archive (weekly). Analysis generated by IP Author.

Data: USPTO Patent File Wrapper (daily) • Office Action Archive (weekly) • 89M+ prosecution events

© 2026 IP Author — Browse Office ActionsExaminersCompaniesFirms

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month