Prosecution Insights
Last updated: July 17, 2026
Application No. 18/654,470

SEAMLESS MULTI-FACTOR AUTHENTICATION CODE TRANSFER

Non-Final OA §103
Filed
May 03, 2024
Examiner
POLTORAK, PIOTR
Art Unit
2433
Tech Center
2400 — Computer Networks
Assignee
Dell Products L.P.
OA Round
3 (Non-Final)
75%
Grant Probability
Favorable
3-4
OA Rounds
1y 2m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 75% — above average
75%
Career Allowance Rate
451 granted / 604 resolved
+16.7% vs TC avg
Strong +31% interview lift
Without
With
+30.7%
Interview Lift
resolved cases with interview
Typical timeline
3y 5m
Avg Prosecution
14 currently pending
Career history
622
Total Applications
across all art units

Statute-Specific Performance

§101
1.5%
-38.5% vs TC avg
§103
85.1%
+45.1% vs TC avg
§102
3.6%
-36.4% vs TC avg
§112
6.5%
-33.5% vs TC avg
Black line = Tech Center average estimate • Based on career data from 604 resolved cases

Office Action

§103
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 4/13/26 has been entered. Response to Arguments/Amendments Applicant’s arguments are essentially directed towards the newly added limitations. These limitations are addressed in this office action, below (see para 14-16). Claims 1-20 are pending. The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action. Claim Rejections - 35 USC § 103 Claim(s) 1-20 is/are rejected under 35 U.S.C. 103 unpatentable over Kefford (USPUB 20030204726) in view of Ganesan (USPUB 20120124651), and Sanciangco (USPU 20190372949), and further in view of McKee (USPUB 20030084256) or, in alternative McGrath (USPUB 20040210760). Kefford teaches two factor authentication utilizing information server and authentication server (that may be the same entity) and client and mobile (see Fig. 1 and 4, para 39, etc.). Kefford teaches the client (personal computer) sending a request to the server, the request including user’s name and PIN result in sending one-time password (OTP) transmitted to an identified mobile device (e.g., text messaging SMS, email, etc.), which is entered (type or key) by the end user into client that then send the OTP to the server to perform a login to verify the user (para 35, 43-45). Given the fact that computing devices provide their functionalities by executing set of computing programs/routines that operate on data stored in memory, the discussed teaching addresses the limitation of claim 1-3, 5, 7-8, 12-14 and 16-18, with the exception of the limitations pertaining to the details of the code received by the receiver device that is transmitted to the server. Specifically, Kefford fails to teach the code been copied into the memory as a result of user selection of a copy control in an authenticator or messaging application and the memory comprises a clipboard of the receiver device; in response to user selection of a send-the-code control presented by the receiver application, and after the receiver application retrieves the copied code from the clipboard and verifies that the copied code conforms to an authentication-code format; and using an automatic field-insertion or auto-typing operation performed by the requestor application However, Ganesan suggests such solution (client application (AA), para 7, authentication server SMS/text message, a PIN to the user at the user’s SMS address. By activating execution of the SMSA by the CPU, the user can access his/her SMS account and retrieve the PIN from the SMS message sent by the authentication server. The user then enters the PIN in the space provided in the area A2, for example by cutting and pasting the PIN from the SMS message. After entering the PIN the user clicks on the arrow in the area A2 and the AA 610 sends a second API message to post the PIN, para 83.) Note pertaining Ganesan’s teaching: a skilled in the art would readily appreciate that copy and paste requires the use of memory that the examiner equate to the clipboard. The programs/routines supporting copying and pasting read on the terms used in the claim language, e.g., send-the-code control, receiver application, etc., and clearly (although not expressly cited) there would have to be some kind of place visible to the user (equated to the prompt) to paste a particular data. Also, a skilled artisan would recognize that any data has a particular format and in order to be recognized, moved/transferred and unitized by another data structure (especially since programs operate on defined data formats) would have to conformed to the expected data structure of the receiving application/program; thus, it would have to be verified before act upon, e.g., received/paste to another application/program (e.g., authentication-code format used in the claim language). Additionally, in regard to earlier addressed “prompt”, for the purpose of the expedited prosecution the examiner notes that even if, somehow, Kefford/Ganesan implemented the teaching without a visible prompt, having a visible prompt would old and well-known variant in the art of computing, as illustrated by Sanciangco (credentials filled into fields of the prompt, e.g. para 30-31. Also note MS Windows or various website login prompts frequently used in the art of computing) offering the predictable benefit of usability and customization. Similarly, although the examiner asserted that the part of the memory storing the code meets the broadest reasonable interpretation of the clipboard, even if a particular more restrictive interpretation was required, Official Notice is taken that using a “clipboard” to store data would have been old and well known in the art at the time the application was filed (e.g. MS Windows) offering the predictable benefit manipulation/operation on data). While the newly added limitation requires “wherein the receiver application, prior to transmitting the code, verifies that the code retrieved from the clipboard conforms to a predefined authentication-code format comprising a sequence of digits”, it failed functionally define the “predefined” authentication-code format and the specification offers only an example (e.g., e.g., is a sequence of 6 to 8 digits). As such, the examiner asserts that the limitation is inherent: a skilled in the art would readily recognize that any computer code must follow a “predefined” particular format in order to be recognized and acted upon. (This recognition and proper functioning equated to verification.) Furthermore, any format in computing devices would be represented by a sequence of digits (e.g., 0/1). Additionally, given the fact that the limitation does affect the invention as claimed (the invention would perform the same way regardless whether the code is verified or not verified) the examiner asserts [Official Notice is taken] that such limitation would have been at most an obvious an old and well known at the time the application was filed while offering the predictable benefit of customization and efficiency. While Kefford as modified teaches the code received by the requestor application at the requestor device, the reference is silent regarding storing the code in memory allocated to the application and is not copied into a general memory or clipboard accessible to other applications. However, such solution would have been obvious to one of ordinary skill in the art at the time the application was filed as illustrated by McKee (para 25: an application private data stored in private memory regions inaccessible to other programs) or, in alternative McGrath (para 7: application provided with its own private section of physical memory for code and data inaccessible to other applications) given the benefit of security. As per claims 4 and 15, although Kefford teaches transmitting the code by the receiver application to the requestor application, Kefford does not teach encrypting the transmitted code. However, such solution would have been obvious variant in the art at the time the application was filed (see Sanciangco’s para 26, for example) offering the benefit of increased security. As per claims 6 and 17, while Kefford teaches sending the code in the receiver application Kefford does not discusses sending being a result of receiving input from the user. However, receiving the input from as related to any particular computing operation, including data transfer (triggered by a user’s input) would [Official Notice is taken] have been obvious old and well known in the art of computing providing the benefit of usability, customization and process control. As per claims 9-10 and 19, using the direct connection between communicating devices within range would have been well known solution in the art at the time the application as evidenced by both, Kefford (para 44) as well as Sanciagco (e.g. para 20 and 45), and a skilled in the art would readily appreciate that in order for the Bluetooth (or other wireless) devices to communicate, they would first have to connect and/or “pair” (e.g. see Fig. 1 of Sanciagco’s teaching. Note that in the broadest reasonable interpretation pairing could be equated to connecting). As per the term “automatically”, computing devices are based on automation but even if the more restrictive interpretation was required, a skilled in the art would readily appreciate that there are essentially only two connection/pairing options: manual and automatic; each being variant of each other while selecting any of these options would offer the predictable benefit of customization. Lastly, as per claims 11 and 20, although no express recitation of the obscuring the code at any point during the process of the multiple-factor authentication operation taught by Kefford is cited, Official Notice is taken that obscuring codes (especially sensitive code such taught by Kefford) would have been old and well known in the art at of computer security at the time the application was filed while offering the predictable benefit of increased security. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to Peter Poltorak whose telephone number is (571) 272-3840. The examiner can normally be reached Monday through Thursday from 9:00 a.m. to 5:00 p.m. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on (571) 272-6798. The fax phone number for the organization where this application or proceeding is assigned is (571) 273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). /PIOTR POLTORAK/ Primary Examiner, Art Unit 2433
Read full office action

Prosecution Timeline

Show 1 earlier event
Sep 05, 2025
Non-Final Rejection mailed — §103
Dec 04, 2025
Response Filed
Dec 04, 2025
Examiner Interview Summary
Dec 04, 2025
Applicant Interview (Telephonic)
Jan 13, 2026
Final Rejection mailed — §103
Apr 13, 2026
Request for Continued Examination
Apr 24, 2026
Response after Non-Final Action
Jun 11, 2026
Non-Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12676853
USER IDENTIFICATION WITH INPUT PROFILE RECORD
4y 9m to grant Granted Jul 07, 2026
Patent 12670267
CIPHERTEXT HYBRID OPERATION METHOD AND DEVICE
1y 9m to grant Granted Jun 30, 2026
Patent 12652283
AUTHENTICATION SYSTEM, AUTHENTICATION METHOD, AND PROGRAM
3y 4m to grant Granted Jun 09, 2026
Patent 12627656
SECURE AUTHORIZATION FOR ACCESS TO PRIVATE DATA IN VIRTUAL REALITY
3y 3m to grant Granted May 12, 2026
Patent 12621284
SYSTEMS AND METHODS FOR USER AUTHENTICATION USING SUBJECT IDENTIFIER AND/OR SUBJECT IDENTIFIER DOCUMENTS
2y 1m to grant Granted May 05, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

3-4
Expected OA Rounds
75%
Grant Probability
99%
With Interview (+30.7%)
3y 5m (~1y 2m remaining)
Median Time to Grant
High
PTA Risk
Based on 604 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month