DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
Applicant’s arguments with respect to claim(s) 1-20 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
The examiner thanks applicant for the interview conducted on March 27, 2026. The conversation was illuminating and facilitated in more effective searches. I apologize for the lack of formal interview summary because of my poor understanding of the new USPTO policy on interviews.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1-5, 7-12 and 15-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Tussy et al., US 20230073410 A1 (hereafter referred to as Tussy) in view of Reeves et al., US 20220248233 A1 (hereafter referred to as Reeves) in view of Tomlinson et al., US 20150172286 A1 (hereafter referred to as Tomlinson) in view of Chien et al., US 20230142898 A1 (hereafter referred to Chien) further in view of Sharma, US 12118522.
A. Claim 1, Tussy teaches a device (“server 120”), comprising:
a processing system including a processor(p. 42); and a memory that stores executable instructions that, when executed by the processing system, facilitate performance of operations (p. 42, “The server 120 and mobile device 112 are configured with a processor and memory and are configured to execute machine readable code or machine instructions stored in the memory.”), the operations comprising:
collecting a set of user information indicative of a user identity (Tussy, p. 76, “The user then provides typical login information to authenticate the user, such as a username and password for a financial account in step 512.” And p. 77, “When the authentication server 120 is separate from the account server 120B, the account server 120B may generate a unique identifier related to the account information and send the unique identifier to the authentication server 120.”), a user device (Tussy, p. 77, “Next, in step 516, the mobile device 112 may send device information to the authentication server 120. The device information may include among other information a device identifier that uniquely identifies the mobile device of the user.”) and a usage pattern of the user device (Tussy, p. 85, “The enrollment movement of the mobile device 112 (which is data that defined the movement of the mobile device during image capture) may be sent to the authentication server 120.”), wherein the set of user information is collected to activate wireless services with the user device (Tussy, p. 39, “In this environment, a user 108 may have a mobile device 112 which may be used to access one or more of the user's accounts via authentication systems.” And p. 112, “Thus, the authentication system may be used to activate or authenticate a new device … ” [to the wireless service].), wherein the user device comprises a primary user device and the primary user device is associated with a primary user (Tussy, p. 112, “… with the authentication used to verify the user of the new device.”);
authenticating the primary user device resulting in an authentication based on the collected set of user information in response to an activation request of an authentication service session from the primary user device (Tussy, p. 91, “compare the login credentials”; “compares the identification of the device obtained during the login process to that stored during enrollment.” “the authentication movement may be compared with the enrollment movement”);
upon the authentication of the primary user device (Tussy, p. 112, “… a user may own a first device, such as a mobile phone, and is authenticated on the first device via the authentication system.” ), receiving an object generated by the primary user device (Tussy, After user initiating a transaction the server will seek authentication information by sending a “push notification”, see p. 237. And p. 239, “Next, as before, the user may hold the mobile device and obtain a plurality of authentication images as the user moves the mobile device to different positions relative to the user's head.” “The mobile device may then send the device information, the authentication images, and the authentication movement to the authentication server.”),
receiving, from the primary user device, biometric data of the primary user (Tussy, p. 239, “In other embodiments, the mobile device may process the images to obtain biometric data and send the biometric data to the server.”);
matching the received object with an ownership of the primary user device based on the collected set of user information and the biometric data (Tussy, p. 109, “the enrollment information may be stored on an authentication server (or on “the cloud”) and thus is not associated only with the user's original device. This allows the user to use any number of suitable devices to authenticate with the authentication server.” And p. 115, “,… the images from a device may be sent through a wired or wireless network where the facial recognition algorithms running on a separate server can process the images, create biometric data and compare that data against previously stored data that assigned to that device.” Associating the collected authentication information with the );
upon a confirmation of the matching between the received object and the ownership of the primary user device (Tussy, p. 240, “The authentication server may then authenticate the identity of the user and confirm that the user wishes to authorize the transaction on his or her account…”), storing the received object as a file in a storage (Tussy, p. 142, “…[B]uilds a database of known authentication data in connection with non-objected to transactions by the user. “ The received “authentication data” from Tussy are stored as received “known authentication data” to “non-objected to transactions.”).
Tussy does not specifically teach activate wireless communication services. However, in the same field of endeavor, Reeves teaches activate wireless communication services (Reeves, p. 42, “With the temporary subscription, the user account server 154 may re-register the SIM card 108 of the UE 102 to allow full access or limited access to certain functionality, such as voice calls, text messages, and data communications.”). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Tussy to substitute activating wireless communication services from Reeves for activate wireless services from Tussy to expand to transactions that enable data access.
Tussy-Reeves does not specifically teach wherein the received object contains audio visual representation of the primary user and includes audio visual authorization for a secondary user by the primary user. However, in the same field of endeavor, Tomlinson teaches wherein the received object contains audio visual representation of the primary user and includes audio visual authorization for a secondary user by the primary user (p. 44, “the media file 16 contains the public encryption key 17 of a user and the biometric information file 19 is a video recording made by the same user. These two data files are stored in the database 9 on the server 5 for each registered user 11.” And p. 47, “the originator of the digital file, or a trusted person produces a video recording showing his or her face with their lips clearly visible, and enunciates the values of said contents or features. In the present exemplary embodiment, the biometric information file 19 can include a video recording of Bob enunciating a defined portion of his public key, such as the first ten characters.”). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Tussy-Reeves to incorporate audio visual representations from Tomlinson for received objects from Tussy-Reeves to improve security for providing data access and thereby preventing weakened security when secured data is shared.
Tussy-Reeves-Tomlinson does not specifically teach generating and transmitting an access mechanism to a stored file to the primary user device. However, in the same field of endeavor, Chien teaches an access mechanism for managing access to content and thereby provide a secure access to the others that are sharing the content (p. 61, “In other words, any data, records, fields, and/or intermediate results discussed in the method can be stored, displayed and/or outputted to another device as required for a particular application.” And p. 52, “step 330 may include obtaining information as to how to obtain the content, e.g., a uniform resource locator (URL), or the like, which may be used to access the content.” Details of the access configuration returned to another device.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Tussy-Reeves-Tomlinson by incorporating an access mechanism from Chien to expand data access to other users while maintaining security. The motivation would be to further protect data access to prevent unauthorized access by configuring access rules to data and thereby provide a secure access to the others that are sharing the content.
Tussy-Reeves-Tomlinson-Chien does not specifically teach wherein the received object contains audio visual representation of the primary user as form of proof to verify identity of the primary user and includes audio visual authorization for a group of one or more secondary users by the primary user as form of binding permission, wherein the audio visual authorization identifies the group of one or more secondary users and specifies at least one permitted task or transaction for the one or more secondary users and extent and content of information to be shared with the group of one or more secondary users. However, in the same field of endeavor, Sharma teaches wherein the received object contains audio visual representation of the primary user as form of proof to verify identity of the primary user and includes audio visual authorization for a group of one or more secondary users by the primary user as form of binding permission, wherein the audio visual authorization identifies the group of one or more secondary users and specifies at least one permitted task or transaction for the one or more secondary users and extent and content of information to be shared with the group of one or more secondary users (column 24, lines 59-67 and column 25, lines 1-12; “such as when an interaction related to a transactional document or an associated transaction should or must be persistent, the interactive media content may be recorded, along with any suitable recordation of the user, viewer, or payor and their interactions with the application before, during, or after presentation of the interactive media content. As such, for transactions, such as presentation of insurance terms and verbal agreement to said terms, verbal authorization to process a financial transaction, or the like, an audio, video, or audio-video recording of the presentation of the interactive media content, the payor, and any interaction can be recorded and stored. This can be especially important in terms of legal and governmental requirements for proof of such authorizations, agreements, acknowledgements, and the like. Proof of authorization, or the like, can include, but is not limited to, video of the payor verbally agreeing to the transaction. In some embodiments, the payor may read from a script prompted by the interactive media content application confirming the terms and amounts, or other key information, of the financial transaction to be authorized.”). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Tussy-Reeves-Tomlinson-Chien by incorporating interactive video presentation of transactions agreement from Sharma to provide customization for the payor to include further questions related to transactions and other type of transactional information. The motivation would have been to not require using conventional techniques of contact between the payor and payee.
B. Claim 2, Tussy-Reeves-Tomlinson-Chien-Sharma teaches the device of claim 1, wherein the operations further comprise receiving, from the primary user device, a permission to use the set of user information for the authentication service session (Chien, p. 20, “applying at least one biometric data access rule of a biometric data access permission set to a request of a first user to access content in response to identifying that the content includes biometric data of a second user may operate.”).
C. Claim 3, Tussy-Reeves-Tomlinson-Chien-Sharma teaches the device of claim 1, wherein the operations further comprise, upon the authentication of the primary user device, enabling the primary user to upload an additional form of proof related to the generated object (Tussy, p. 234, “although described herein as financial account authentication, the authentication using path parameters and image data may be implemented in any environment requiring verification of the user's identity before allowing access, such as … computer access, web site or data access ...”).
D. Claim 4, Tussy-Tomlinson-Chien-Sharma teaches the device of claim 1, wherein the receiving the object generated by the primary user device further comprises:
receiving a video stream including video data and audio data of the primary user during the authentication service session (Tomlinson, p. 47, “the originator of the digital file, or a trusted person produces a video recording showing his or her face with their lips clearly visible, and enunciates the values of said contents or features. In the present exemplary embodiment, the biometric information file 19 can include a video recording of Bob enunciating a defined portion of his public key, such as the first ten characters.”).
E. Claim 5, Tussy-Reeves-Tomlinson-Chien-Sharma teaches the device of claim 1, wherein the generating the access mechanism further comprise:
generating a link or a QR code to enable the primary user device to access the stored file (Chien, p. 61, “In other words, any data, records, fields, and/or intermediate results discussed in the method can be stored, displayed and/or outputted to another device as required for a particular application.” And p. 52, “step 330 may include obtaining information as to how to obtain the content, e.g., a uniform resource locator (URL), or the like, which may be used to access the content.” And Tussy, p. 243, “… the application would create a unique identifying transaction number. … The unique identifying transaction number may also be sent from the user to the second user via NFC, Bluetooth, a QR code…”); and
transmitting the link to a secondary user device to allow the secondary user device to access the stored file, wherein the secondary user device is associated with the secondary user (Tussy, p. 243, “the user would designate an amount to be paid into an application, and the application would create a unique identifying transaction number. This number may then be shown to the second user, so the second user can type the identifying transaction number on an application on a separate device. The unique identifying transaction number may also be sent from the user to the second user via NFC, Bluetooth, a QR code, or other suitable methods.”).
F. Claim 7, Tussy-Reeves-Tomlinson-Chien-Sharma teaches the device of claim 1, wherein the operations further comprise:
receiving a biometric proof from the primary user device when an authentication check is needed (Tussy, p. 218, “the system may store a predetermined number of prior log in attempts, … or store images from login attempts for a predetermined time period ...” See also p. 224, “Determining how much variance is allowed over time in the motion path, the biometric information, or both may be set by the entity requiring authentication to meet that entity's security requirements. Time or number of scans after the initial enrollment can be used to modify the adaptive threshold.” Authentication check based on variation from security standards.); and
terminating the authentication service session upon failure of the authentication check (Tussy, p. 151, “If a match occurs, this establishes or increases the likelihood that a live person is being imaged by the device. If the pattern is not a match, or does not meet a match threshold level, then the authentication process may fail (access denied) or the account access … may be limited.”).
G. Claim 8, Tussy teaches a non-transitory machine-readable medium, comprising executable instructions that, when executed by a processing system of a user device including a processor, facilitate performance of operations (Tussy, p. 42, “The server 120 and mobile device 112 are configured with a processor and memory and are configured to execute machine readable code or machine instructions stored in the memory.”), the operations comprising:
transmitting a request to generate an authorization object (Tussy, p. 237, initiating a first transaction including a transaction for data access.);
receiving a first confirmation that authenticates a user device of a primary user from a service provider system based on at least a set of user information, wherein the set of user information indicative of a user identity, a user device and a usage pattern of the user device is stored in the service provider system (Tussy, p. 85, “The enrollment movement of the mobile device 112 (which is data that defined the movement of the mobile device during image capture) may be sent to the authentication server 120.”) to activate wireless services with the user device (Tussy, p. 39, “ … a user 108 may have a mobile device 112 which may be used to access one or more of the user's accounts via authentication systems.” And p. 112, “Thus, the authentication system may be used to activate or authenticate a new device … ”);
upon receiving the first confirmation (Tussy, p. 85, “The enrollment movement of the mobile device 112 (which is data that defined the movement of the mobile device during image capture) may be sent to the authentication server 120.”), wherein the set of user information is collected to activate wireless services with the primary user device (Tussy, p. 39, “In this environment, a user 108 may have a mobile device 112 which may be used to access one or more of the user's accounts via authentication systems.” And p. 112, “Thus, the authentication system may be used to activate or authenticate a new device … ”), generating the authorization object that meets a predetermined standard and contains audio visual representation of the primary user (Tussy, After user initiating a transaction the server will seek authentication information by sending a “push notification”, see p. 237. And p. 239, “Next, as before, the user may hold the mobile device and obtain a plurality of authentication images as the user moves the mobile device to different positions relative to the user's head.” “The mobile device may then send the device information, the authentication images, and the authentication movement to the authentication server.”);
receiving a second confirmation that authenticates the authorization object by using a matching between the authorization object and the primary user (Tussy, p. 240, “The authentication server may then authenticate the identity of the user and confirm that the user wishes to authorize the transaction on his or her account if the device information, authentication images and/or biometrics, and authentication movement correspond with the enrollment device information, the enrollment images and/or biometrics, and the enrollment movement.”);
upon receiving the second confirmation (Tussy, requesting a transaction including data access, p. 234, “any environment requiring verification of the user's identity before allowing access, such as auto access, room access, computer access, web site or data access…” And p. 237, “the Gateway may send an authorization request to the authentication server, and the authentication server then sends a notification, such as a push notification, to the user's mobile device to request that the user authenticate the transaction.”), uploading the authorization object to a storage of a trusted server (Tussy, p. 239, “The mobile device may then send the device information, the authentication images, and the authentication movement to the authentication server. In other embodiments, the mobile device may process the images to obtain biometric data and send the biometric data to the server …”).
Tussy does not specifically teach activating wireless communication services. However, in the same field of endeavor, Reeves teaches wireless communication services (Reeves, p. 42, “With the temporary subscription, the user account server 154 may re-register the SIM card 108 of the UE 102 to allow full access or limited access to certain functionality, such as voice calls, text messages, and data communications.”). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Tussy to substitute activating wireless communication services from Reeves for activate wireless services from Tussy to expand to transactions that enable data access.
Tussy-Reeves does not specifically teach wherein the received object contains audio visual representation of the primary user and includes audio visual authorization for a secondary user by the primary user. However, in the same field of endeavor, Tomlinson teaches wherein the received object contains audio visual representation of the primary user and includes audio visual authorization for a secondary user by the primary user (p. 44, “the media file 16 contains the public encryption key 17 of a user and the biometric information file 19 is a video recording made by the same user. These two data files are stored in the database 9 on the server 5 for each registered user 11.” And p. 47, “the originator of the digital file, or a trusted person produces a video recording showing his or her face with their lips clearly visible, and enunciates the values of said contents or features. In the present exemplary embodiment, the biometric information file 19 can include a video recording of Bob enunciating a defined portion of his public key, such as the first ten characters.”). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Tussy-Reeves to incorporate audio visual representations from Tomlinson for received objects from Tussy-Reeves to improve security for providing data access and thereby preventing weakened security when secured data is shared.
Tussy-Reeves-Tomlinson does not specifically teach executing an access mechanism to access a stored authorization object on the trusted server. However, in the same field of endeavor, Chien teaches executing an access mechanism to access a stored authorization object on the trusted server (Chien, p. 12, “To enable the user to establish rights to control access to the user’s own biometric data, the user may use his or her smart phone or another computing device to capture other biometric data/features to be used as biometric identification data. For instance, the user may record a fingerprint image, and audio/voice recording…”). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Tussy-Reeves-Tomlinson by incorporating an access mechanism from Chien to expand data access to other users while maintaining security. The motivation would be to further protect data access to prevent unauthorized access by configuring access rules to data and thereby provide a secure access to the others that are sharing the content.
Tussy-Reeves-Tomlinson-Chien does not specifically teach wherein the received object contains audio visual representation of the primary user as form of proof to verify identity of the primary user and includes audio visual authorization for a group of one or more secondary users by the primary user as form of binding permission, wherein the audio visual authorization identifies the group of one or more secondary users and specifies at least one permitted task or transaction for the one or more secondary users and extent and content of information to be shared with the group of one or more secondary users. However, in the same field of endeavor, Sharma teaches wherein the received object contains audio visual representation of the primary user as form of proof to verify identity of the primary user and includes audio visual authorization for a group of one or more secondary users by the primary user as form of binding permission, wherein the audio visual authorization identifies the group of one or more secondary users and specifies at least one permitted task or transaction for the one or more secondary users and extent and content of information to be shared with the group of one or more secondary users (column 24, lines 59-67 and column 25, lines 1-12; “such as when an interaction related to a transactional document or an associated transaction should or must be persistent, the interactive media content may be recorded, along with any suitable recordation of the user, viewer, or payor and their interactions with the application before, during, or after presentation of the interactive media content. As such, for transactions, such as presentation of insurance terms and verbal agreement to said terms, verbal authorization to process a financial transaction, or the like, an audio, video, or audio-video recording of the presentation of the interactive media content, the payor, and any interaction can be recorded and stored. This can be especially important in terms of legal and governmental requirements for proof of such authorizations, agreements, acknowledgements, and the like. Proof of authorization, or the like, can include, but is not limited to, video of the payor verbally agreeing to the transaction. In some embodiments, the payor may read from a script prompted by the interactive media content application confirming the terms and amounts, or other key information, of the financial transaction to be authorized.”). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Tussy-Reeves-Tomlinson-Chien by incorporating interactive video presentation of transactions agreement from Sharma to provide customization for the payor to include further questions related to transactions and other type of transactional information. The motivation would have been to not require using conventional techniques of contact between the payor and payee.
H. Claim 9, Tussy-Reeves-Tomlinson-Chien-Sharma teaches the non-transitory machine-readable medium of claim 8, wherein the operations further comprise transmitting the access mechanism to a secondary user device to facilitate access to the stored authorization object by the secondary user device, wherein the secondary user device is associated with a secondary user (Chien, p. 61, “In other words, any data, records, fields, and/or intermediate results discussed in the method can be stored, displayed and/or outputted to another device as required for a particular application.” And p. 52, “step 330 may include obtaining information as to how to obtain the content, e.g., a uniform resource locator (URL), or the like, which may be used to access the content.” Details of the access configuration returned to second device as a recipient of the authorization.).
I. Claim 10, Tussy-Reeves-Tomlinson-Chien-Sharma teaches the non-transitory machine-readable medium of claim 8, wherein the generating the authorization object further comprises generating a video stream including the audio visual representation of the primary user and audio visual authorization for a secondary user by the primary user (Tomlinson, p. 47, “the originator of the digital file, or a trusted person produces a video recording showing his or her face with their lips clearly visible, and enunciates the values of said contents or features. In the present exemplary embodiment, the biometric information file 19 can include a video recording of Bob enunciating a defined portion of his public key, such as the first ten characters.”).
J. Claim 11, Tussy-Reeves-Tomlinson-Chien-Sharma teaches the non-transitory machine-readable medium of claim 8, wherein the operations further comprises attaching a digital fingerprint and metadata relating to the user device to the generated authorization object (Tussy, p. 104, “… the device information must match the enrollment device information.” And p. 218, “the system may store a predetermined number of prior log in attempts, … or store images from login attempts for a predetermined time period ...” See also p. 240, “if the device information, authentication images and/or biometrics, and authentication movement correspond with the enrollment device information, the enrollment images and/or biometrics, and the enrollment movement.”).
K. Claim 12, Tussy-Reeves-Tomlinson-Chien-Sharma teaches the non-transitory machine-readable medium of claim 11, wherein the operations further comprises providing the service provider system with a face ID, a touch ID (Tussy, p. 211, “… a user selects an account to open, begins enrollment imaging, or begins authentication imaging by touching the touchscreen of the user device. The authentication system may thus detect whether the touch by a user during authentication corresponds with previously stored enrollment information”), a password or a combination thereof to facilitate the matching between the authorization object and the primary user.
L. Claim 15, Tussy teaches a method, comprising:
collecting, by a processing system including a processor, a set of user information indicative of a primary user identity (Tussy, p. 76, “The user then provides typical login information to authenticate the user, such as a username and password for a financial account in step 512.” And p. 77, “When the authentication server 120 is separate from the account server 120B, the account server 120B may generate a unique identifier related to the account information and send the unique identifier to the authentication server 120.”), a primary user device (Tussy, p. , “Next, in step 516, the mobile device 112 may send device information to the authentication server 120. The device information may include among other information a device identifier that uniquely identifies the mobile device of the user.”) and a usage pattern of the primary user device (Tussy, p. 85, “The enrollment movement of the mobile device 112 (which is data that defined the movement of the mobile device during image capture) may be sent to the authentication server 120.”), wherein the set of user information is collected to activate wireless services with the primary user device (Tussy, p. 39, “In this environment, a user 108 may have a mobile device 112 which may be used to access one or more of the user's accounts via authentication systems.” And p. 112, “Thus, the authentication system may be used to activate or authenticate a new device … ”), wherein the primary user device is associated with a primary user (Tussy p. 112, “… with the authentication used to verify the user of the new device.”);
authenticating, by the processing system, the primary user device based on the collected set of user information in response to an activation request of an authentication service session from the primary user device (Tussy, p. 91, “compare the login credentials”; “compares the identification of the device obtained during the login process to that stored during enrollment.” “the authentication movement may be compared with the enrollment movement”);
upon the authentication of the primary user device (Tussy, p. 112, “… a user may own a first device, such as a mobile phone, and is authenticated on the first device via the authentication system.” Tussy teaches operating based on an authenticated user device.), receiving, by the processing system, an object generated by the primary user device (Tussy, After user initiating a transaction the server will seek authentication information by sending a “push notification”, see p. 237. And p. 239, “Next, as before, the user may hold the mobile device and obtain a plurality of authentication images as the user moves the mobile device to different positions relative to the user's head.” “The mobile device may then send the device information, the authentication images, and the authentication movement to the authentication server.”);
receiving, by the processing system, biometric data that authenticate the primary user (Tussy, p. 239, “In other embodiments, the mobile device may process the images to obtain biometric data and send the biometric data to the server.”);
matching, by the processing system, the received object with an ownership of the primary user device based on the collected set of user information and the biometric data (Tussy, p. 240, “The authentication server may then authenticate the identity of the user and confirm that the user wishes to authorize the transaction on his or her account if the device information, authentication images and/or biometrics, and authentication movement correspond with the enrollment device information, the enrollment images and/or biometrics, and the enrollment movement.”);
upon a confirmation of the matching, storing, by the processing system (Tussy, p. 240, “The authentication server may then authenticate the identity of the user and confirm that the user wishes to authorize the transaction on his or her account…”), the received object as a file in a storage (Tussy, p. 142, “…[B]uilds a database of known authentication data in connection with non-objected to transactions by the user. “ The transactions are stored with received “known authentication data” which is the received object.).
Tussy does not specifically teach activating wireless communication services. However, in the same field of endeavor, Reeves teaches activate wireless communication services (Reeves, p. 42, “With the temporary subscription, the user account server 154 may re-register the SIM card 108 of the UE 102 to allow full access or limited access to certain functionality, such as voice calls, text messages, and data communications.”). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Tussy to substitute activating wireless communication services from Reeves for activate wireless services from Tussy to expand to transactions that enable data access.
Tussy-Reeves does not specifically teach the received object contains audio visual representation of a primary user and includes audio visual authorization for a secondary user by the primary user. However, in the same field of endeavor, Tomlinson teaches wherein the received object contains audio visual representation of a primary user and includes audio visual authorization for a secondary user by the primary user (p. 47, “In the present embodiment, as illustrated in FIG. 3, the originator of the digital file, or a trusted person produces a video recording showing his or her face with their lips clearly visible, and enunciates the values of said contents or features. In the present exemplary embodiment, the biometric information file 19 can include a video recording of Bob enunciating a defined portion of his public key, such as the first ten characters. On replay of the video recording, from the images and the audio, the viewer is firstly able to identify the person who is claiming to be the originator and/or owner of the associated media file, and secondly able to discern the said contents or features, namely parts or features of the media file. These identified details may be corroborated with the received media file itself.”). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Tussy-Reeves to incorporate audio visual representations from Tomlinson for received object from Tussy-Reeves to improve security for content and files shared with another user.
Tussy-Reeves-Tomlinson does not specifically teach generating and transmitting, by the processing system, an access mechanism to a stored file to the primary user. However, in the same field of endeavor, Chien teaches generating and transmitting, by the processing system, an access mechanism to a stored file to the primary user (p. 61, “In other words, any data, records, fields, and/or intermediate results discussed in the method can be stored, displayed and/or outputted to another device as required for a particular application.” And p. 52, “step 330 may include obtaining information as to how to obtain the content, e.g., a uniform resource locator (URL), or the like, which may be used to access the content.” Details of the access configuration returned to another device.). It would have been obvious to one of ordinary skill before the effective filing date of the claimed invention to modify Tussy-Reeves-Tomlinson to incorporate a file access mechanism from Chien to protect information retrieved from data access and thereby prevent weakened security when sharing data.
Tussy-Reeves-Tomlinson-Chien does not specifically teach wherein the received object contains audio visual representation of the primary user as form of proof to verify identity of the primary user and includes audio visual authorization for a group of one or more secondary users by the primary user as form of binding permission, wherein the audio visual authorization identifies the group of one or more secondary users and specifies at least one permitted task or transaction for the one or more secondary users and extent and content of information to be shared with the group of one or more secondary users. However, in the same field of endeavor, Sharma teaches wherein the received object contains audio visual representation of the primary user as form of proof to verify identity of the primary user and includes audio visual authorization for a group of one or more secondary users by the primary user as form of binding permission, wherein the audio visual authorization identifies the group of one or more secondary users and specifies at least one permitted task or transaction for the one or more secondary users and extent and content of information to be shared with the group of one or more secondary users (column 24, lines 59-67 and column 25, lines 1-12; “such as when an interaction related to a transactional document or an associated transaction should or must be persistent, the interactive media content may be recorded, along with any suitable recordation of the user, viewer, or payor and their interactions with the application before, during, or after presentation of the interactive media content. As such, for transactions, such as presentation of insurance terms and verbal agreement to said terms, verbal authorization to process a financial transaction, or the like, an audio, video, or audio-video recording of the presentation of the interactive media content, the payor, and any interaction can be recorded and stored. This can be especially important in terms of legal and governmental requirements for proof of such authorizations, agreements, acknowledgements, and the like. Proof of authorization, or the like, can include, but is not limited to, video of the payor verbally agreeing to the transaction. In some embodiments, the payor may read from a script prompted by the interactive media content application confirming the terms and amounts, or other key information, of the financial transaction to be authorized.”). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Tussy-Reeves-Tomlinson-Chien by incorporating interactive video presentation of transactions agreement from Sharma to provide customization for the payor to include further questions related to transactions and other type of transactional information. The motivation would have been to not require using conventional techniques of contact between the payor and payee.
M. Claim 16, Tussy-Tomlinson-Chien-Sharma teaches the method of claim 15, further comprising checking, by the processing system, a digital fingerprint and metadata relating to the primary user device attached to the received object (Tussy, p. 104, “… the device information must match the enrollment device information.” And p. 218, “the system may store a predetermined number of prior log in attempts, … or store images from login attempts for a predetermined time period ...” See also p. 240, “if the device information, authentication images and/or biometrics, and authentication movement correspond with the enrollment device information, the enrollment images and/or biometrics, and the enrollment movement.”).
N. Claim 17, Tussy-Tomlinson-Chien-Sharma teaches the method of claim 15, wherein the receiving the biometric data further comprises receiving a face ID, a touch ID (Tussy, p. 211, “… a user selects an account to open, begins enrollment imaging, or begins authentication imaging by touching the touchscreen of the user device. The authentication system may thus detect whether the touch by a user during authentication corresponds with previously stored enrollment information”), a password or a combination thereof to facilitate the matching between the object and the primary user.
O. Claim 18, Tussy-Tomlinson-Chien-Sharma teaches the method of claim 15, wherein the generating and transmitting the access mechanism further comprises generating and transmitting a link or a QR code to the primary user device, a secondary user device or both, wherein the secondary user device is associated with the secondary user (Chien, p. 61, “In other words, any data, records, fields, and/or intermediate results discussed in the method can be stored, displayed and/or outputted to another device as required for a particular application.” And p. 52, “step 330 may include obtaining information as to how to obtain the content, e.g., a uniform resource locator (URL), or the like, which may be used to access the content.” Details of the access configuration returned to another device.).
Q. Claim 19, Tussy-Tomlinson-Chien-Sharma teaches the method of claim 18, further comprising:
in response to an execution of the link or inputting of the QR code from a secondary user device associated with the secondary user, enabling, by the processing system, the secondary user device to access the stored file in the storage (Tussy, p. 243, “the user would designate an amount to be paid into an application, and the application would create a unique identifying transaction number. This number may then be shown to the second user, so the second user can type the identifying transaction number on an application on a separate device. The unique identifying transaction number may also be sent from the user to the second user via NFC, Bluetooth, a QR code, or other suitable methods.”).
R. Claim 20, Tussy-Reeves-Tomlinson-Chien-Sharma teaches the method of claim 15, comprising:
upon detection of anomalies, transmitting, by the processing system, an additional authentication request to the primary user device prior to a start of the authentication service session (Tussy, p. 6, “Detecting a time delay between the activating the camera and the receiving the received video feed, and comparing the time delay to an expected delay or range of expected delay. If the time delay does not match an expected delay or range of expected delay, terminating the authentication session, providing a notification that the time delay to an expected delay or range of expected delay, or both.”); and
transmitting, by the processing system, a reauthentication request to the primary user device during the authentication service session (Tussy, p. 8, “The method described above may cycle one or more time, such that the following steps are performed two or more times: activating the camera to obtain a video feed, monitoring for the requested video feed, receiving a video feed; detecting a time delay from requesting to receiving the video feed; and comparing the time delay to an expected delay or range of expected delay.” Seeking more camera feed to determine whether spoofing is attempted and thereby attempting reauthentication.).
Claim(s) 13 is/are rejected under 35 U.S.C. 103 as being unpatentable over Tussy-Reeves-Tomlinson-Chien-Sharma as applied to claim 8 above, and further in view of “Official Notice”.
Claim 13, Tussy-Reeves-Tomlinson-Chien teaches the non-transitory machine-readable medium of claim 8, the audio visual representation of the primary user enables facial and voice matching with previously provided facial data and voice data of the primary user (Tomlinson, On replay of the video recording, from the images and the audio, the viewer is firstly able to identify the person who is claiming to be the originator and/or owner of the associated media file, and secondly able to discern the said contents or features, namely parts or features of the media file. These identified details may be corroborated with the received media file itself.). Tussy-Reeves-Tomlinson-Chien does not specifically teach wherein the predetermined standard further comprises a time duration and a size limit of the authorization object. However, in the same field of endeavor, “office notice” teaches that time duration and a size limit of an authorization object is well known in the art. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Tussy-Reeves-Tomlinson-Chien-Sharma to incorporate standard features from “official notice” to improve performance by having consistent video formatting to enable effective processing of the audiovisual features and thereby streamline usage for security.
Claim(s) 6 and 13 is/are rejected under 35 U.S.C. 103 as being unpatentable over Tussy-Reeves-Tomlinson-Chien-Sharma as applied to claims 1 and 8 above, and further in view of Perunov, US 20210344498 A1 (hereafter referred to as Perunov).
Claim 6, Tussy-Reeves-Tomlinson-Chien teaches the device of claim 1, as cited above. Tussy-Reeves-Tomlinson-Chien does not specifically teach wherein the operations further comprise: applying a blockchain hash function to the stored file to prevent tampering or a change to the stored file. However, in the same field of endeavor, Perunov teaches wherein the operations further comprise: applying a blockchain hash function to the stored file to prevent tampering or a change to the stored file (p. 22, “Chunking module 130 may separate a live video feed into video data chunks. Hashing module 132 may calculate a chunk hash for each video data chunk.” “Publishing module 135 may combine the chunk hash, the payment token, a time period identifier, a content UUID, and/or any other suitable data to be used by a smart contract for publishing to the blockchain network 160.”). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Tussy-Reeves-Tomlinson-Chien-Sharma to incorporate blockchain hash from Perunov to provide a distributed access network for accessing video shared with users as an alternative access method.
Claim 14, Tussy-Reeves-Tomlinson-Chien-Sharma teaches the non-transitory machine-readable medium of claim 8, as cited above. Tussy-Reeves-Tomlinson-Chien-Sharma does not specifically teach wherein the generating the authorization object further comprise generating the authorization object using blockchain smart contracts techniques. However, in the same field of endeavor, Perunov teaches wherein the generating the authorization object further comprise generating the authorization object using blockchain smart contracts techniques (p. 22, “Chunking module 130 may separate a live video feed into video data chunks. Hashing module 132 may calculate a chunk hash for each video data chunk.” “Publishing module 135 may combine the chunk hash, the payment token, a time period identifier, a content UUID, and/or any other suitable data to be used by a smart contract for publishing to the blockchain network 160.”). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Tussy-Reeves-Tomlinson-Chien-Sharma to incorporate blockchain smart contract from Perunov to provide a distributed access network for accessing video streams securely as an alternative access method.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Theunis, WO 219/158228 A1, teaches the invention relates to a digital service wherein a digital video recording serves as agreement or contract between two or more parties, i.e. two or more users. Particularly, the invention provides a method for composing and signing a video contract between two or more parties. For each party, the portion of video content preferably contains at least one sub-portion in which the party describes the contract, whereby preferably at least the face of the party is visible. After the recording, or, alternatively, the receipt of the portion of video content at the first device, the portion of video content is uploaded to a server by means of said mobile device of said first party. Preferably, from this point onward, the portion of video content is part of a video contract that is to be confirmed and that is stored centrally, rather than being stored on the device of one of the parties.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to PATRICE L WINDER whose telephone number is (571)272-3935. The examiner can normally be reached M-F 10am-6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, KAMAL B DIVECHA can be reached at (571)272-5863. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/Patrice L Winder/Primary Examiner, Art Unit 2453