Prosecution Insights
Last updated: July 17, 2026
Application No. 18/625,752

SYSTEMS AND METHODS FOR ESTABLISHING, USING, AND RECOVERING UNIVERSAL DIGITAL IDENTIFIERS

Final Rejection §101§102§103§DP
Filed
Apr 03, 2024
Priority
Apr 15, 2020 — continuation of 11/394,766 +1 more
Examiner
AHSAN, UMAIR
Art Unit
2647
Tech Center
2600 — Communications
Assignee
Wells Fargo Bank, N.A.
OA Round
4 (Final)
69%
Grant Probability
Favorable
5-6
OA Rounds
4m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 69% — above average
69%
Career Allowance Rate
284 granted / 410 resolved
+7.3% vs TC avg
Strong +32% interview lift
Without
With
+31.9%
Interview Lift
resolved cases with interview
Typical timeline
2y 8m
Avg Prosecution
23 currently pending
Career history
450
Total Applications
across all art units

Statute-Specific Performance

§101
0.6%
-39.4% vs TC avg
§103
82.7%
+42.7% vs TC avg
§102
2.8%
-37.2% vs TC avg
§112
2.8%
-37.2% vs TC avg
Black line = Tech Center average estimate • Based on career data from 410 resolved cases

Office Action

§101 §102 §103 §DP
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Amendment Office action in response to amendment entered 3/02/2026. Claims 1-20 remain pending. Claims 1, 8, 16 and 19 are amended. Response to Arguments Applicant's arguments filed 3/2/2026 regarding the 35 USC 101 rejection of claims 1-20 have been fully considered but they are not persuasive. Applicant submits that the 101 rejection and Step 2A Prong One analysis rests on an unreasonable interpretation of the claimed steps. Applicant asserts that the Office Action incorrectly equates "suspending the universal ID" with "Bob writes the word 'lost' in his notebook because writing “lost” next to an entry “does not suspend anything.” Further asserting that other mental & pen/paper steps as outlined by rejection such as crossing out an entry in a notebook do not “replace an identifier that is operative across a plurality of entities.” The thrust of applicant’s argument appears to that identifies, universal IDs etc. as appear in the claim “would remain functional at every entity that previously recognized it.” And similarly that “No act of writing or erasing in a notebook propagates a change to external entities.” Examiner respectfully disagrees. Applicant appears to be relying on assumptions regarding the universal ID and other identifiers as far as how they are treated by “external entities” when the claim does not include anything about such entities. In response to applicant's argument that the mental process explained by the rejection does not certain features of the invention, it is noted that the features upon which applicant relies (i.e., how an ID is treated by an external entity) are not recited in the rejected claim(s). Although the claims are interpreted in light of the specification, limitations from the specification are not read into the claims. See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993). Thus the claims recite a mental process which is not integrated into a practical application. Applicant's arguments filed 3/2/2026 have been fully considered but they are not persuasive. Applicant submits that Avetisov as cited does not disclose the amended limitation regarding the replacement device. Examiner respectfully disagrees. Avetisov does teach those limitations as follows: Avetisov teaches completing an ID-recovery process for the universal ID, the ID-recovery process comprising: generating a replacement universal ID for a replacement device of the user ((¶238 “Should a user lose access to a private key, ownership of a Net ID 271 may be reestablished through the authentication server 155, such as through generation of a new certificate in response to a request including a new private key of the user and that information may be stored to the directed acyclic graph 205 in a new transaction record.” ¶240 ¶241; ¶276 “or an option to establish new or updated credentials”) using a replacement device identifier of the replacement device ((¶127 “UID Record 151 may include a plurality of constituent device records for devices associated with that user” and ¶127-130; and ¶129 “ A Device B record for a client device like client device 135 may contain an identifier or other identifying information for the device”), the replacement device being different from the device controlled by the user (¶129“. . . there may be multiple device records corresponding to different client devices used by the user over time. Client devices need not be registered, and records for client devices may be created over time as a user uses different client devices to access secure assets..”). Claims 1-20 are thus rejected as appears herein. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because the claimed invention is directed to an abstract idea without significantly more. The claim(s) recite(s) mathematical calculations and/or a mental process, as enumerated abstract ideas listed in the 2019 Revised Patent Subject Matter Eligibility Guidance. This judicial exception is not integrated into a practical application as analyzed below. The claim(s) do not include additional elements that are sufficient to amount to significantly more than the judicial exception as analyzed below. Further: If a claim, under its broadest reasonable interpretation, covers performance in the mind but for the recitation of generic computer components, then it is still in the mental processes category unless the claim cannot practically be performed in the mind. See Intellectual Ventures I LLC v. Symantec Corp., 838 F.3d 1307, 1318 (Fed. Cir. 2016) (‘‘[W]ith the exception of generic computer implemented steps, there is nothing in the claims themselves that foreclose them from being performed by a human, mentally or with pen and paper.’’); Mortg. Grader, Inc. v. First Choice Loan Servs. Inc., 811 F.3d. 1314, 1324 (Fed. Cir. 2016) (holding that computer-implemented method for ‘‘anonymous loan shopping’’ was an abstract idea because it could be ‘‘performed by humans without a computer’’); Versata Dev. Grp. v. SAP Am., Inc., 793 F.3d 1306, 1335 (Fed. Cir. 2015) (‘‘Courts have examined claims that required the use of a computer and still found that the underlying, patent-ineligible invention could be performed via pen and paper or in a person’s mind.’’); CyberSource Corp. v. Retail Decisions, Inc., 654 F.3d 1366, 1375, 1372 (Fed. Cir. 2011) (holding that the incidental use of ‘‘computer’’ or ‘‘computer readable medium’’ does not make a claim otherwise directed to process that ‘‘can be performed in the human mind, or by a human using a pen and paper’’ patent eligible); id. at 1376 (distinguishing Research Corp. Techs. v. Microsoft Corp., 627 F.3d 859 (Fed. Cir. 2010), and SiRF Tech., Inc. v. Int’l Trade Comm’n, 601 F.3d 1319 (Fed. Cir. 2010), as directed to inventions that ‘‘could not, as a practical matter, be performed entirely in a human’s mind’’). Page 52 of Federal Register / Vol. 84, No. 4 / Monday, January 7, 2019 (emphasis added). CLAIMs 1-20 ANALYSIS STEP 1: YES. The claims meet the statutory categories. Claims 1-5 fall within a statutory category of process. Claims 16-18 fall within a statutory category of machine. Claims 19-20 fall within a statutory category of manufacture. STEP 2A: PRONG ONE YES. The claims are directed to a judicial exception. Claims 1-20 recite a judicial exception being directed to an abstract idea. As a representative example, take Claim 1: 1. A computer-implemented method comprising: generating a universal ID based on a user identifier of a user and a device identifier of a device controlled by the user; detecting an ID-suspension event in connection with the universal ID that is associated with both the user and the device of the user, the universal ID being universal with respect to a plurality of entities; in response to detecting the ID-suspension event, suspending the universal ID; and after suspending the universal ID, completing an ID-recovery process for the universal ID, the ID-recovery process comprising: generating a replacement universal ID for a replacement device of the user; and replacing the universal ID with the replacement universal ID. In plain language, the claim steps above in the broadest reasonable interpretation (BRI) comprise generating an ID based on a user ID and a device ID, the ID being universal for a plurality of entities; detecting a suspension event and in response suspending the ID and then complete a recovery process for the ID by generating a replacement ID and replacing the ID with the replacement ID. These steps are merely a mental process that can be performed by a human with a pen and paper or spreadsheet on a general-purpose computer. See steps mapped below to ordinary human activity. INDEPENDENT CLAIMS 1, 16 AND 19 1. A computer-implemented method comprising: generating a universal ID based on a user identifier of a user and a device identifier of a device controlled by the user (Bob writes down his computer login user id and password with the word “laptop”); detecting an ID-suspension event in connection with the universal ID that is associated with both the user and the device of the user (Bob’s notices his laptop was stolen), the universal ID being universal with respect to a plurality of entities (Bob has also used the same login user ID for other services and/or devices); in response to detecting the ID-suspension event, suspending the universal ID (Bob writes the word “lost” in his notebook); and after suspending the universal ID, completing an ID-recovery process for the universal ID (see below), the ID-recovery process comprising: generating a replacement universal ID for a replacement device of the user (Bob gets a new computer and writes down his new user ID and password in his notebook); and replacing the universal ID with the replacement universal ID (Bob crosses out or erases the old ID and writes the new one instead). Claims 16 and 19 contain the same process steps as claim 1, performed using a general-purpose computer. The steps are human activity and mental-processes for the same reasons. DEPENDENT CLAIMS 2-15, 17, 18, AND 20 Claims mapped to human activity / mental process: Bob writes “lost” or any other indicator in his password notebook to indicate suspended ID or account. Bob. writes more IDs and accounts for his new laptop. He “transmits” the account information to the laptop by typing on it. His new laptop is stolen too. He replaces it with a third and writes down his account info. See claim 3. He downloads an app on his device and signs on with his same login information. He uses a payment application on his computer to pay his bills. See claims 3-5. Bob diligently writes his account information with this device names so he doesn’t forget it. Bob uses his same user and password for all his bank accounts. Bob logs on to his bank website. Or he just calls his bank and tells them his pin on the phone. See claim 1. See claim 1 stealing is fraudulent activity. Bob calls his bank and tells them his user information. See claim 3. Bob makes a copy of his user account information to a different page in his notebook using a different pen. STEP 2A Prong Two: NO. Evaluating additional elements recited in the claim individually and in combination, the claim as a whole does not integrate the exception into a practical application. The additional elements in in claim 1 are “computer-implemented” and account for insignificant extra solution activity. Claim 16 further recites “processing circuitry; andat least one non-transitory computer readable storage medium including instructions,which when executed by processing circuitry, causes the processing circuitry to perform operations” and Claim 19 does not do more than recite “one non-transitory computer readable storage medium including instructions, which when executed by processing circuitry, causes the processing circuitry.” The limitations merely define the intended environment and a general purpose computer. The limitations remain insignificant extra-solution activity even upon reconsideration. Even when considered in combination, the additional elements represent mere instructions to apply an exception and insignificant extra-solution activity, which cannot provide an inventive concept. STEP 2B: NO. Evaluating additional elements recited, the claim as a whole does not recite additional elements that amount to significantly more than the judicial exception. The analysis above in parts and re-evaluated again for the claims as a whole, the additional elements are mere description of generic computer medium and processing circuitry and a method at a high level of generality that can be performed by a human and thus a mental process. It is simply writing down user ids and passwords that many people do routinely and it is well-understood, routine, conventional activity. See MPEP 2106.05(d), subsection II. The limitations remain insignificant extra-solution activity even upon reconsideration. Even when considered in combination, the additional elements represent mere instructions to apply an exception and insignificant extra-solution activity, which cannot provide an inventive concept. Claim Rejections - 35 USC § 102 The following is a quotation of the appropriate ¶¶ of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention. Claim(s) 1-11, and 16-20 are rejected under 35 U.S.C. 102((a)(1)) as anticipated by 35 U.S.C. 103 as obvious over US 20210044976 A1 Avetisov; George et al. As per claims 1, 16 and 19, Avetisov discloses A computer-implemented method and A system comprising: processing circuitry; and at least one non-transitory computer readable storage medium including instructions, which when executed by processing circuitry to perform operations (E.g., Figs. 2, UID repository 165; See also ¶¶ 42, 52-54, 94, 96, 117, 125-127, 132 256), comprising: generating (¶42; ¶126 “UID Records 151 may be created by the authorization server 155”; ¶243) a universal ID (¶115: UID 151; ¶237, ¶243 “the registration process may include the generation of a Net ID 271 (e.g., a user identity record) corresponding to the user”) based on a user identifier of a user (¶126 “include one or more user identifiers that user uses with a relying party, such as a username, email address, employee ID, etc.”; ¶244 “ identifying information may include … a User ID and a User ID Key of the Net ID 271”) and a device identifier of a device controlled by the user (¶127 “UID Record 151 may include a plurality of constituent device records for devices associated with that user that may be used for authentication or accessing a secure asset”); detecting an ID-suspension event in connection with the universal ID that is associated with both the user and the device of the user (¶ 256, “.. a user proving ownership of the Net ID may request revocation of access to the Net ID by Device2 and User2..”; ¶276 “..a request for removal of a user account or an option to establish new or updated credentials…a transaction Tx establish a new modified Net ID (not shown) record that revokes given user account information from that most recently modified Net ID record…”; See also ¶ 352 “..revocation of the certificate for the authentication application may revoke privileges of the mobile device (e.g., if lost, stolen, or otherwise)…”; ¶ 132 “..Tracking client devices .. for security purposes..”; ¶ 209 teaching detecting the presence of tampering in authentication steps) the universal ID being universal with respect to a plurality of entities (¶ 125 "a UID Record 151 for a particular user may be . . . used across multiple relying parties."); in response to detecting the ID-suspension event, suspending the universal ID (See ¶ 256, 276, 352, 132 as cited supra); and ¶238 after suspending the universal ID (See ¶¶ 256, 276, 352, 132 teachings of removal or revocation as cited supra), completing an ID-recovery process for the universal ID, the ID-recovery process comprising: generating a replacement universal ID for a replacement device of the user ((¶238 “Should a user lose access to a private key, ownership of a Net ID 271 may be reestablished through the authentication server 155, such as through generation of a new certificate in response to a request including a new private key of the user and that information may be stored to the directed acyclic graph 205 in a new transaction record.” ¶240 ¶241; ¶276 “or an option to establish new or updated credentials”) using a replacement device identifier of the replacement device ((¶127 “UID Record 151 may include a plurality of constituent device records for devices associated with that user” and ¶127-130; and ¶129 “ A Device B record for a client device like client device 135 may contain an identifier or other identifying information for the device”), the replacement device being different from the device controlled by the user (¶129“. . . there may be multiple device records corresponding to different client devices used by the user over time. Client devices need not be registered, and records for client devices may be created over time as a user uses different client devices to access secure assets..”); and replacing the universal ID with the replacement universal ID (¶239 “the prior User ID/Net ID may remain operable, but only through the new Net ID (e.g., because the user no longer has access to the private key for Net ID 271), subject to the user proving verified of ownership of the new Net ID (e.g., stored in a later transaction record).”). As per claim 2, Avertisov discloses the computer-implemented method of claim 1, wherein the universal ID and the replacement universal ID includes a suspended state and an unsuspended state ((¶256 “a Net ID′″ (e.g., modified Net ID)” teaching is equivalent of suspended state and implies that the standard unrevoked transaction record is equivalent of an “unsuspended state”); ¶276 same;); wherein suspending the universal ID includes placing the universal ID in the suspended state (¶256 “ a transaction Tx 401D may establish a Net ID′″ (e.g., modified Net ID) record that revokes the User2 Credentials and Device2 Credentials from the most recently modified Net ID record.”; ¶276 same; ); wherein generating the replacement universal ID includes generating the replacement universal ID in the unsuspended state (generating as taught ¶42; ¶126 “UID Records 151 may be created by the authorization server 155”; ¶243). As per claim 3, Avetisov disclosed The computer-implemented method of claim 1, further comprising: establishing a second universal ID associated with the user and a second device of the user (¶247 “additional authorized users or devices may be added to a Net ID 271.”; ¶253 “the user having established the Net ID record may authorize another device, Device2, to use the Net ID, such as within a wallet on Device2”), the second universal ID being universal with respect to the plurality of entities (¶250 “creation of new transaction records to include reference to existing Net IDs 271 is discussed.”) ; transmitting the second universal ID to the second device of the user (¶253 “the user may establish credential values and a private key for signing data on Device2, like within a TEE of a second mobile device of the user (e.g., a tablet, personal computer, etc.), which are retained in confidence for providing a zero-knowledge proof of access to the Net ID record through transaction 401C that established a Net ID″ record including the Device2 Credentials and a reference (e.g., a cryptographic hash pointer) to transaction 401A. “); Avetisov teaches the remaining claim limitations for the second universal ID in the same manner as the suspension and recovery process for the first universal ID taught in claim 1, supra. after transmitting the second universal ID to the second device of the user, detecting a second ID-suspension event in connection with the second universal ID; in response to detecting the second ID-suspension event, suspending the second universal ID; and after suspending the second universal ID, completing a second ID-recovery process with respect to the second universal ID, the second ID-recovery process comprising; generating a second replacement universal ID for a second replacement device of the user; and replacing the second universal ID with the second replacement universal ID. As per claims 4 and 17, Avetisov disclosed the computer-implemented method of claim 1, further comprising transmitting the universal ID to the device of the user (¶245 “establishment of the Net ID 271 may be returned to the mobile device 101. For example, the Net ID reference information 273 may include one or more of an address, like a cryptographic hash pointer, published ID, ID key, digital certificate, representations of credentials, etc. The authentication application 220 may store the received information as identity information 230 on the mobile device 101.”), wherein detecting the ID-suspension event in connection with the universal ID occurs after transmitting the universal ID to the device of the user (¶ 256, “..a user proving ownership of the Net ID may request revocation of access to the Net ID by Device2 and User2 ….”;. As per claim 5 Avetisov disclosed the computer-implemented method of claim 4, wherein transmitting the universal ID to the device of the user comprises transmitting the universal ID to the device of the user as part of a download of an application to the device of the user (¶245 “the authentication application 220 stores the identity information 230 within a cryptocurrency wallet or other wallet accessible to other applications on the mobile device such that the user of the mobile device may use the Net ID in association with those other applications on the mobile device.”) As per claim 6 Avetisov disclosed the computer-implemented method of claim 4, wherein transmitting the universal ID to the device of the user comprises transmitting the universal ID to the device of the user for incorporation into a point-of-sale function of the device of the user (¶245 “the authentication application 220 stores the identity information 230 within a cryptocurrency wallet or other wallet accessible to other applications on the mobile device such that the user of the mobile device may use the Net ID in association with those other applications on the mobile device.”) As per claim 7, Avetisov disclosed the computer-implemented method of claim 4, wherein transmitting the universal ID to the device of the user comprises transmitting the universal ID to the device of the user for incorporation on the device of the user into an application associated with an entity in the plurality of entities (¶245 “the authentication application 220 stores the identity information 230 within a cryptocurrency wallet or other wallet accessible to other applications on the mobile device such that the user of the mobile device may use the Net ID in association with those other applications on the mobile device.”) As per claim 8 Avetisov disclosed the computer-implemented method of claim 1, wherein one or more user identifiers are associated with the user (¶126 “include one or more user identifiers that user uses with a relying party, such as a username, email address, employee ID, etc.”; ¶244; ¶258 “a user may associate one or more user accounts (e.g., UAC A 21, UAC B 31) with a Net ID 271 of the user established within a directed acyclic graph 205.”); and further comprising establishing the replacement universal ID by deriving the replacement universal ID from the one or more user identifiers and one or more device identifiers of the device of the user (¶238 “generation of a new certificate in response to a request including a new private key of the user and that information may be stored to the directed acyclic graph 205 in a new transaction record.” ¶239 “the prior User ID/Net ID may remain operable, but only through the new Net ID (e.g., because the user no longer has access to the private key for Net ID 271), subject to the user proving verified of ownership of the new Net ID”). As per claims 9, 18 and 20 Avetisov disclosed the computer-implemented method of claim 1, wherein the plurality of entities comprises at least two distinct financial-services institutions (¶ 125 "a UID Record 151 for a particular user may be created for a particular relying party or used across multiple relying parties."; ¶ 125 "One relying party may be an employer of the user, another relying party may be a financial institution used by the user, and yet another relying party may be an application developer" where same structure can be used for any number of entities regardless of the entities industry which is merely intended environment). As per claim 10 Avetisov disclosed the computer-implemented method of claim 1, wherein the plurality of entities comprises a first entity ((¶117 “the relying party server 145..”); and further comprising receiving, from the first entity, an ID-validation request seeking validation of the replacement universal ID (¶117 “the relying party server 145 may transmit information about access attempt to the authentication server 155 ”), responsively validating the replacement universal ID, and providing an ID-validated response to the first entity (¶117 “In turn, the relying party server 145 may receive an authentication result from the authentication server 155. The authentication result indicates whether the user of the client device 135 successfully authenticated with the authentication server 155 (e.g., via the mobile device 101”). As per claim 11 Avetisov disclosed the computer-implemented method of claim 1, wherein detecting the ID-suspension event includes receiving an indication that the device of the user is lost or stolen (¶ 276 “..a request for removal of a user account or an option to establish new or updated credentials…a transaction Tx establish a new modified Net ID (not shown) record that revokes given user account information from that most recently modified Net ID record…”; See also ¶ 352 “..revocation of the certificate for the authentication application may revoke privileges of the mobile device (e.g., if lost, stolen, or otherwise)…”). Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 12 is rejected under 35 U.S.C. 103 as being unpatentable over US 20210044976 A1 Avetisov; George et al. in view of US 20190005502 A1 Kumar; Debesh et al. As per claim 12 Avetisov disclosed the computer-implemented method of claim 1. Avetisov does not teach receiving an indication that fraudulent activity associated with the universal ID has occurred. Kumar teaches wherein detecting the ID-suspension event includes receiving an indication that fraudulent activity associated with the universal ID has occurred (Kumar Fig. 13, ¶136; ¶155 “a fraud deterrence action may be performed by the issuer server 104 or the acquirer server 130 (and/or the fraud deterrence server 117) to automatically suspend, in response to detecting the fraudulent activity, at least one of a transaction activity of the at least one account and access of the at least one account to a system in step (s11a).”) It would have been obvious to one in the ordinary skill in the art before the effective filing date of the invention to modify the teaching of Avetisov to include the teaching of Kumar in order to detecting, deterring, or preventing fraudulent activity associated with a portable financial device of a user (Kumar ¶116). Claim(s) 13 is rejected under 35 U.S.C. 103 as being unpatentable over US 20210044976 A1 Avetisov; George et al. in view of US 20190005502 A1 Kumar; Debesh et al and US 20190260734 A1 Bhargava; Rajat et al. As per claim 13 Avetisov disclosed the computer-implemented method of claim 1 including suspending the universal and replacing the universal ID, but Avetisov does not teach suspending the universal ID includes notifying each entity in the plurality of entities that the universal ID is suspended; and replacing the universal ID includes notifying each entity in the plurality of entities that the universal ID is replaced with the replacement universal ID. In the same field of endeavor, Kumar teaches wherein: suspending the universal ID includes notifying each entity in the plurality of entities that the universal ID is suspended (Kumar Fig. 13, ¶155 “¶136; ¶155 “The fraud deterrence action may be performed by the issuer server 104 or the acquirer server 130 (and/or the fraud deterrence server 117) to automatically transmit information associated with the at least one account to the database 110, 114, 116, and 140 (s11b) to flag the account as associated with fraudulent activity and/or to suspend, within the issuer server 104 or acquirer server 130 a transaction activity and/or access of the at least one account to the issuer server 104 or acquirer server 130 (or a subsystem thereof).”); and Bhargava teaches replacing the universal ID includes notifying each entity in the plurality of entities that the universal ID is replaced with the replacement universal ID (Bhargava Fig. 6; ¶78 “At block 610, the central server may detect a change between the authentication credentials received from the endpoint agent and a previous version of the authentication credentials…”. … ¶79 “At block 615, the central server may transmit the received set of authentication credentials to an IT resource which requires user authentication to grant to the user access to the IT resource….In some examples, the central server may receive a notification from the IT resource that a set of authentication credentials for the user stored by the IT resource is replaced by the transmitted set of authentication credentials”). It would have been obvious to one in the ordinary skill in the art before the effective filing date of the invention to modify the teaching of Avetisov to include the teaching of Kumar in order to detecting, deterring, or preventing fraudulent activity associated with a portable financial device of a user (Kumar ¶116). It would have been obvious to one in the ordinary skill in the art before the effective filing date of the invention to modify the combination to include the teaching of Bhargava in order to manage user authentication credentials for IT resources (Bhargava ¶4). Claim(s) 14 are rejected under 35 U.S.C. 103 as being unpatentable over US 20210044976 A1 Avetisov; George et al. in view of US 20190208421 A1 Ziraknejad; Siamak et al. As per claim 14 Avetisov disclosed the computer-implemented method of claim 1. Avetisov does not teach wherein suspending the universal ID further includes suspending at least one additional universal ID, the at least one additional universal ID being associated with at least one additional device of the user. Ziraknejad teaches wherein suspending the universal ID further includes suspending at least one additional universal ID, the at least one additional universal ID being associated with at least one additional device of the user (¶73 “the pairing and the use of the device 110 as an authentication factor can be restricted use of the credential is restricted. If the credential is revoked or if it expires, the pairing between the devices can be automatically canceled or suspended until the credential is valid and active. Actions to automatically cancel or suspend access can be performed by the resource 120 and/or the server 130 “). It would have been obvious to one in the ordinary skill in the art before the effective filing date of the invention to modify the teaching of Avetisov to include the teaching of Kumar in order to grant access to a user based on the proximity of trusted device (¶3). Claim(s) 15 are rejected under 35 U.S.C. 103 as being unpatentable over US 20210044976 A1 Avetisov; George et al. in view of US 20150046989 A1 Oberheide; Jon et al. As per claim 15 Avetisov disclosed the computer-implemented method of claim 1. Avetsov does not teach wherein the ID-recovery process for the universal ID comprises: receiving an ID-verification value from the user; and transmitting the ID-verification value to the user via a secondary communication channel. Oberheide teaches wherein the ID-recovery process for the universal ID comprises: receiving an ID-verification value from the user; and transmitting the ID-verification value to the user via a secondary communication channel (Abstract “a system and method that includes receiving a first device profile and associating the first device profile with a first application instance that is assigned as an authentication device of a first account; receiving a second device profile for a second application instance, wherein the second application instance is making a request on behalf of the first account; comparing the second device profile to the first device profile; and completing the request of the second application instance according to results of comparing the second device profile and the first device profile.”; ¶24 “system and methods of preferred embodiments may alternatively not be used for two-factor authentication, but used for any use-case of credential or account recovery.”) It would have been obvious to one in the ordinary skill in the art before the effective filing date of the invention to modify the teaching of Avetisov to include the teaching of Oberheide in order to use two factor authentication for account recovery (Oberheide ¶24). Double Patenting A rejection based on double patenting of the "same invention" type finds its support in the language of 35 U.S.C. 101 which states that "whoever invents or discovers any new and useful process ... may obtain a patent therefor ..." (Emphasis added). Thus, the term "same invention," in this context, means an invention drawn to identical subject matter. See Miller v. Eagle Mfg. Co., 151 U.S. 186 (1894); In re Ockert, 245 F.2d 467, 114 USPQ 330 (CCPA 1957); and In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970). The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp. Claims 1, 16 and 19 of instant application are rejected under the judicially created doctrine of obviousness-type double patenting as being unpatentable over independent claims 1 and 18 of U.S. Patent No. 11394766. Although the conflicting claims are not identical, they are not patentably distinct from each other because claims 1 and 18 of U.S. Patent No. 11394766 contains every element of claim 1, 16 and 19 of the instant application and thus obvious variant of the instant application. Claim(s) of the instant application therefore is/are not patently distinct from the earlier patent claim(s) and as such is/are unpatentable over obvious-type double patenting. "A later patent claim is not patentably distinct from an earlier patent claim if the later claim is obvious over, or anticipated by, the earlier claim. In re Lon,qi, 759 F.2d at 896, 225 USPQ at 651 (affirming a holding of obviousness-type double patenting because the claims at issue were obvious over claims in four prior art patents); In re Ber q, 140 F.3d at 1437, 46 USPQ2d at 1233 (Fed. Cir. 1998) (affirming a holding of obviousness-type double patenting where a patent application claim to a genus is anticipated by a patent claim to a species within that genus)." ELI LILLY AND COMPANY v BARR LABORATORIES, INC., United States Court of Appeals for the Federal Court, ON PETITION FOR REHEARING EN BANC (DECIDED: May 30, 2001). Claim Mapping: Claim 1 of instant application and claim 1+18 of issued U.S. Patent No. 11394766 are mapped below. Instant Application – Claim 1 US 11394766 - Claims 1 and 18 A computer-implemented method comprising: generating a universal ID based on a user identifier of a user and a device identifier of a device controlled by the user; detecting an ID-suspension event in connection with the universal ID that is associated with both the user and the device of the user, the universal ID being universal with respect to a plurality of entities; in response to detecting the ID-suspension event, suspending the universal ID; and after suspending the universal ID, completing an ID-recovery process for the universal ID, the ID-recovery process comprising: generating a replacement universal ID for a replacement device of the user; and replacing the universal ID with the replacement universal ID. A computer-implemented method comprising: establishing a universal identifier (ID) associated with a user and a device of the user, the universal ID being universal with respect to a plurality of distinct entities, the universal ID having at least a suspended state and an unsuspended state, the universal ID initially being in the unsuspended state; transmitting the universal ID to the device of the user; after transmitting the universal ID to the device of the user, detecting an ID-suspension event in connection with the universal ID, and responsively suspending the universal ID, the suspending of the universal ID comprising placing the universal ID in the suspended state; and after suspending the universal ID, completing an ID-recovery process for the universal ID, and responsively unsuspending the universal ID, the unsuspending of the universal ID comprising placing the universal ID in the unsuspended state. 18. method of claim 1, wherein the ID-recovery process for the universal ID comprises: generating a replacement universal ID for a replacement device of the user; and replacing the universal ID with the replacement universal ID. Claims 2-15, 17-18 and 20 are also rejected under the judicial doctrine of obviousness-type double patenting as being unpatentable by virtue of their dependence on their respective independent and dependent claims. Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. The examiner has cited particular columns and line numbers in the references as applied to the claims above for the convenience of the applicant. Although the specified citations are representative of the teachings in the art and are applied to the specific limitations within the individual claim, other passages and figures may apply as well. It is respectfully requested from the applicant, in preparing the responses, to fully consider each of the cited references in entirety as potentially teaching all or part of the claimed invention, as well as the context of the passage disclosed by the examiner. Any inquiry concerning this communication or earlier communications from the examiner should be directed to EXAMINER UMAIR AHSAN whose telephone number is 571-272-1323. The examiner can normally be reached Monday - Friday 10-5 PM EST or by emailing UMAIR.AHSAN@USPTO.GOV. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Alison Slater can be reached on (571) 270-0375. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /UMAIR AHSAN/Primary Examiner, Art Unit 2647
Read full office action

Prosecution Timeline

Show 2 earlier events
Apr 28, 2025
Response Filed
May 29, 2025
Final Rejection mailed — §101, §102, §103
Jul 29, 2025
Notice of Allowance
Jul 29, 2025
Response after Non-Final Action
Sep 09, 2025
Response after Non-Final Action
Dec 02, 2025
Non-Final Rejection mailed — §101, §102, §103
Mar 02, 2026
Response Filed
Jun 03, 2026
Final Rejection mailed — §101, §102, §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12674861
INDOOR LOCALIZATION SOLUTION FOR WIRELESS COMMUNICATION NETWORKS
2y 8m to grant Granted Jul 07, 2026
Patent 12640824
METHOD OF DETERMINING DEVICE LOCATION AND ELECTRONIC DEVICE PERFORMING THE METHOD
3y 2m to grant Granted May 26, 2026
Patent 12634867
ASSOCIATION BETWEEN NR PRS AND LTE CRS IN DYNAMIC SPECTRUM SHARING
3y 4m to grant Granted May 19, 2026
Patent 12634831
METHOD FOR TRANSMITTING AND RECEIVING UPLINK SIGNAL IN WIRELESS COMMUNICATION SYSTEM, AND DEVICE FOR SAME
2y 11m to grant Granted May 19, 2026
Patent 12628110
BANDWIDTH AGGREGATION FOR RADIO FREQUENCY FINGERPRINT POSITIONING
3y 7m to grant Granted May 12, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

5-6
Expected OA Rounds
69%
Grant Probability
99%
With Interview (+31.9%)
2y 8m (~4m remaining)
Median Time to Grant
High
PTA Risk
Based on 410 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month