Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Notice for all Patent Application as subject to AIA
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
DETAILED ACTION
Claims 1-19 are presented for examination.
Claim Objections
Claims 1 and 12 are objected to because of the following informalities: Claims 1 and 12 miss-used capital letters for the limitations and the method of the steps, please re-write claims 1 and 12 in US Patent practice. Appropriate corrections are required.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claims 1-19 are rejected under AIA 35 U.S.C. 103 as being un-patentable over Goodsitt et al (U.S. Patent Application Publication No. 2021/0365538 A1) in view of N Ilincic et al (U.S. Patent Application Publication No. 2021/02566111 A1).
As to claim 1, Goodsitt et al disclose a system (see abstract, figure 1, par. 0017) comprising: a server running an authentication process storing and validating login credentials of a user account in an authentication database, wherein the login credentials include a password (figure 1, par. 0045, figure 2, pars. 0045 & 0067-0068, a secure server having a memory and an authentication process for validating user device and public terminal); and a terminal device with a camera running at least one of a sign-up process or a sign-in process, or a combination thereof (figure 1, pars. 0028 & 0031, a public terminal having an input devices including camera); and a mobile device with a camera running a password manager app (figure 1, pars. 0035 & 0039-0040, a user device having an input devices including camera and also having an authentication application to manage password) to perform the steps of: generating a first code for display on a terminal device, wherein the first code represents a user account on a server (figure 2, pars. 0048-0051 & 0055-0056, generating a code based on the user credentials and the code displaying on the public terminal); scanning the first code by a mobile device (figure 2, pars. 0057-0058, the user devise scanning the code from the public terminal); generating a password for the user account on the mobile device; storing the password on the mobile device; retrieving the password on the mobile device (figure 2, 0059-0066, the user device using a password previously stored and provided by the secure server).
However, Goodsitt et al do not teach that generating a second code for display on the mobile device, wherein the second code encodes the password; scanning the second code to receive the password by the terminal device; and using the password in a sign-up process or a sign-in process running on the terminal device.
Ilincic et al disclose a system comprising: a server including database having credentials; a terminal device with a camera running a sign-in process; a mobile device with a camera running a password manager app (figure 1, pars. 0017, 0020-0021, 0027-0032) to perform the steps of: generating a second code for display on the mobile device, wherein the second code encodes the password; scanning the second code to receive the password by the terminal device; and using the password in a sign-up process or a sign-in process running on the terminal device (figure 1, pars. 0031-0035, figure 2, par. 0039, figure 3, pars. 0042 & 0044-0046, reference teach that generating a code, which encodes the password; scanning the code to receive the password; and using the password to sign-in).
It would have been obvious to one of ordinary skill in the art before the effective filling data of the claimed invention to incorporate the teaching of Ilincic et al as stated above with the system of Goodsitt et al for generating a code, which encodes the password; scanning the code to receive the password; and using the password to sign-in because it would have accelerated speed of pairing between the two devices and reduced the amount of overhead to share password between the two devices to improved authentication process and also improved overall a user device security.
As to claim 2, Goodsitt et al teach that said server is running on a server device different from said terminal device, and the sign-up process and the sign-in process on said terminal device are communicating with the authentication process on said server via network connections (figure 3, pars. 0073-0074, using remote process to receive a code).
As to claims 3-4, Goodsitt et al teach that said server and said terminal device are the same apparatus, and the sign-up process and the sign-in process are communicating with the authentication process via inter-process communication and the authentication process is in the same process are communicating via internal communications within the process (figure 3, pars. 0073-0074, using local process to generate a code).
As to claim 5, Ilincic et al teach that said sign-up process is a sign-up webpage in a web browser, and said sign-in process is a sign-in webpage in a web browser (figure 1, pars. 0024-0026, device including web browser to access or sign webpage).
As to claim 6, Goodsitt et al teach that said sign-up process and said sign-in process utilize a separate process for generating and displaying said first code, and scanning said second code to receive and use the password (figures 6s, pars. 0097-0101; and also see Ilincic et al figure 3, pars. 0041-0042).
As to claim 7, Goodsitt et al teach that said first code and said second code are QR codes (pars. 0054-0055, figure 6B, par. 0100; and also see Ilincic et al figure 3, pars. 0041-0046).
As to claim 8-9, Goodsitt et al teach that said first code encodes a root domain name of the server and first code encodes an Internet Protocol address of the server (pars. 0052 & 0054).
As to claim 10, Goodsitt et al teach that said first code encodes a unique identifier of the user account on the server (par. 0052 and claim 27).
As to claim 11, Ilincic et al teach that said password manager app is a component of an operating system of the mobile device (figure 1, pars. 0017 & 0027, figure 3, par. 0041).
As to claims 12-13, they are also rejected for the same reasons set forth to rejecting claims 1 and 7 above, since claims 12-13 do not teach or define any new limitations than above rejected claims 1 and 7.
As to claim 14-15, Goodsitt et al teach that said first code encodes a hash value of the data and also a a hash value of a portion of the data (pars. 0048-0054).
As to claim 16, Goodsitt et al teach that said first code encodes a unique identifier of the data. (par. 0052 and claim 27).
As to claim 17, Goodsitt et al teach that said data encryption process and said data decryption process are in the same process (par. 0057; and also see Ilincic et al pars. 0038 & 0048).
As to claim 18, Ilincic et al teach that said password manager app is a component of an operating system of the mobile device (figure 1, pars. 0017 & 0027, figure 3, par. 0041).
As to claim 19, they are also rejected for the same reasons set forth to rejecting claim 1 above, since claim 19 is merely method of operations for the apparatus defined in the claim 1, also claim 19 does not teach or define any new limitations than above rejected claim 1.
Additional References
The examiner as of general interest cites the following references.
a. King-Britton, U.S. Patent No. 9,948,648 B1.
b. Keya, U.S. Patent No. 9,692,752 B2.
c. Norefors et al, U.S. Patent No. 8,108,903 B2.
Content Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Bharat Barot whose telephone number is (571)272-3979. The examiner can normally be reached on 7:00AM-3:30PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kamal B Divecha can be reached on (571)272-5863. The fax phone number for the organization where this application or proceeding is assigned is (571)273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/BHARAT BAROT/Primary Examiner, Art Unit 2453October 07, 2025