Prosecution Insights
Browse Companies Examiners Firms Draft Your Response
Office ActionsHuawei Technologies Co., Ltd. › 18687627
Last updated: April 19, 2026
Application No. 18/687,627

Identity Authentication Method and Vehicle

Final Rejection §101§103
Filed
Feb 28, 2024
Examiner
FIORILLO, JAMES N
Art Unit
2444
Tech Center
2400 — Computer Networks
Assignee
Huawei Technologies Co., Ltd.
OA Round
2 (Final)
86%
Grant Probability
Favorable
3-4
OA Rounds
2y 12m
To Grant
99%
With Interview

Interview Optional

+36.9% interview lift. This examiner has a relatively high allow rate; a written response may suffice.
Based on 444 resolved cases, 2023–2026

Examiner Intelligence

FIORILLO, JAMES N View full profile →
Grants 86% — above average
86%
Career Allow Rate
382 granted / 444 resolved
+28.0% vs TC avg
Strong +37% interview lift
Without
With
+36.9%
Interview Lift
resolved cases with interview
Typical timeline
2y 12m
Avg Prosecution
30 currently pending
Career history
474
Total Applications
across all art units

Statute-Specific Performance

§101
9.2%
-30.8% vs TC avg
§103
55.5%
+15.5% vs TC avg
§102
8.6%
-31.4% vs TC avg
§112
7.9%
-32.1% vs TC avg
Black line = Tech Center average estimate • Based on career data from 444 resolved cases

Office Action

§101 §103
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This office correspondence is in response to “Amendment and Response under 37 C.F.R. 1.111 filed on November 19, 2025 in response to a non-final office action dated September 10, 2025. Claims 19 – 38 are pending. Claims 19 and 33 are amended. Claims 19 – 39 are rejected. Response to Arguments Applicant’s arguments filed on 11/19/2025 have been fully considered: In regard to claims 19 – 38 which were rejected under 35 U.S.C. 103 at least one argument is persuasive to the rejection of claims from the last office action and said rejections are withdrawn, but applicant’s amendment necessitated a new search and consideration resulting in a new grounds of rejections for claims 19 – 38 under 35 U.S.C. 103. The examiner here now responds to each argument. Underlined text indicates claim language that was amended since the last office action. In regard to claims 19 – 38, the applicant argues that the prior art combination of Kohlenberg, Oh, and Tai fails to teach, anticipate or suggest: “ extracting driving features from the first driving data, wherein the driving features are based on a driving scenario; performing, based on a comparison of the extracted driving features to a reference driving policy, a second authentication;” (as recited in claim 19 and substantially replicated in claim 33) The applicant states: “ . . . independent claim 19 requires extracting driving features from the first driving data, where the driving features are based on a driving scenario, and performing, based on a comparison of the extracted driving features to a reference driving policy, a second authentication. Independent claim 33 has been amended and includes similar limitations. The amendments are supported by the disclosure, e.g. FIG. 5 and paragraphs 0184-0187, 0193, 0219. In contrast to the claim requirements, the cited art fails to explicit teach extracting driving features from the first driving data within scenario-specific context. Kohlenberg is directed to theft detection and collects user-specific historical data. The Office Action (at page 7) acknowledges that Kohlenberg fails to teach or suggest enabling vehicle control functions when first authentication succeeds. Oh is directed to user authentication and the Office Action (at page 8) acknowledges that Oh fails to teach or suggest authentication based on driving data. The office action cites Tao for allegedly teaching second authentication . . . the teaching of Tao is limited to first and second authentication based on the verification of an electronic device. Tao fails to teach or suggest second authentication based the use of driving features from collected first driving data. Moreover, Tao provides no teaching or motivation to perform second authentication by using extracted driving features that are compared with a reference driving policy. As such, the combination of Kohlenberg in view of Oh in further view of Tao fails to disclose extracting driving features from the first driving data, where the driving features are based on a driving scenario, and performing, based on a comparison of the extracted driving features to a reference driving policy, a second authentication. Accordingly, it is respectfully submitted that the proffered combination does not render obvious claims 19 – 38 and the rejections must be withdrawn . . .” (Applicant’s remarks pages 9 – 11) In response to applicant’s argument: The applicant amended independent claims 19 and 33 to add requirements that extract driving features from the first driving data, wherein the driving features are based on a driving scenario, and further performing a comparison of the extracted driving features to a reference driving policy, for a second authentication. The applicant’s argument is persuasive that the cited prior art does not expclitly teach such features, and as such overcomes the 35 U.S.C. 103 rejection as being unpatentable over Kohlenberg, Oh, and Tai. However the applicant’s amendments triggered a new search and consideration which discovered a new grounds of rejection under 35 U.S.C. 103 and said claims are therein rejected as being unpatentable over Kohlenberg et al. (U.S. 2015/0091713 A1; herein referred to as Kohlenberg) in view of Oh et al. (U.S. 2022/0144214 A1; herein referred to as Oh) in further view of Biemer et al. (U.S. 2016/0239926 A1; herein referred to as Biemer) in further view of Tao et al. (U.S. 2020/0133261 A1; herein referred to as Tao). The new prior art Biemer is analogous art for implementing risk based automobile insurance policies using operating data from a vehicle and extracting driver behavior and environmental conditions for which the vehicle is being operated. When combined with the prior art of Kohlenberg, Oh, and Tai, Biemer teaches the amended claims as shown: “extracting driving features (e.g. driving behaviors) from the first driving data (see ¶ [0006] “ . . . During operation of the vehicle, sensor data may be received. The sensor data may provide information associated with driving behaviors of the user, environmental conditions in which the vehicle is being operated, and the like. . . .”) , where the driving features are based on a driving scenario (see ¶ [0033] “ . . . sensor data-focused factors, such as time elapsed, driving habits of the user, environmental conditions in which the user operates the vehicle, vehicle parameters (such as year, make, model, features, specifications, etc.), condition or performance of the vehicle (e.g., based on sensor data), and the like, as well as traditional policy factors, such as driving experience, driving record, credit variables, policy coverage, deductible, policy limits, familiarity of the driver with the vehicle or surroundings, and the like. . . .”); performing, based on a comparison (determining a consumption rate) of the extracted driving features (e.g. driving behaviors) to a reference driving policy (e.g. policy factors) (see¶ [0058] “ . . . “ . . . the consumption rate is determined based on traditional policy factors (either in combination with sensor data-focused factors or alone) the traditional policy factors, such as driving record, credit information, driving experience, vehicle features and/or specifications, coverages, deductibles, policy limits, etc. may be obtained from, for example, policy module 208. In some examples, the risk unit consumption rate may be determined or calculated for a particular trip. Additionally or alternatively, the consumption rate may be calculated or determined in real-time or near real-time, such that the rate may change as the user's driving behavior changes, as the type of road changes, as the environmental conditions change, or the like. Thus, for example, if a user is driving at speed higher than the speed limit and it is raining, the consumption rate may be higher than if the user is driving at the speed limit and/or there is no precipitation. This is merely one example of how consumption rate may change based on received sensor data and should not be viewed as limiting the disclosure to only this example. Rather, various other changes in received sensor data may be used to modify or alter the risk unit consumption rate for the user. . . “)” It would be obvious for a practitioner of the art to use the teachings of Biemer and apply them to a second authentication, as taught by Tao, to perform the functions represented by the claim. The applicant is referenced to the claim rejections described below. The examiner recommends that the applicant review the specification for disclosure that if integrated into the independent claims would distinguish the amended claims from the cited prior art. The applicant is invited to contact the examiner for an interview to discuss how to move the prosecution forward. Authorization for Internet Communications The examiner encourages Applicant to submit an authorization to communicate with the examiner via the Internet by making the following statement (from MPEP 502.03): “Recognizing that Internet communications are not secure, I hereby authorize the USPTO to communicate with the undersigned and practitioners in accordance with 37 CFR 1.33 and 37 CFR 1.34 concerning any subject matter of this application by video conferencing, instant messaging, or electronic mail. I understand that a copy of these communications will be made of record in the application file.” Please note that the above statement can only be submitted via Central Fax (not Examiner's Fax), Regular postal mail, or EFS Web using PTO/SB/439. Priority This application is a National Stage entry of PCT application No. PCT/CN2022/112483 filed on 8/15/2022 with a 371 ( c) (1) date of 2/28/2024. The instant application claims foreign application priority to Chinese Patent Application No. 202111013038.9, filed on August 31, 2021. Receipt is acknowledged of certified copy of papers required by 37 CFR 1.55. As such the applicant is entitled to a priority date of 8/312021. 35 USC § 101 Analysis – Judicial Exception 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 19 – 38 are directed to statutory subject matter and are not rejected under 35 USC 101 because of a judicial exception. The claimed subject matter is integrated into a practical application under prong 2 of the Step 2A analysis as documented in MPEP 2016.04(d). The claims are directed to non-abstract improvements in computer related technology. A claim is non-statutory when it is directed to a judicial exception (e.g. either one of mathematical concepts, mental processes, or certain methods of organizing human activity) without significantly more. The claimed invention is not directed to a judicial exception. Instead, the claimed invention is directed to a technological improvement for authenticating a user in a vehicle mounted scenario based on a driving feature using a method including steps of performing authentication on a user identity in a first authentication manner; enabling permission to use a first function of the vehicle when the authentication performed on the user identity in the first authentication manner succeeds; collecting first driving data of a user, and performing the authentication on the user identity based on the first driving data, where the first authentication manner is a manner in which the authentication is not performed on the user identity based on the first driving data; disabling the permission to use the first function when the authentication performed on the user identity based on the first driving data fails; and keeping the permission to use the first function enabled when the authentication performed on the user identity based on the first driving data succeeds. The ordered steps address problems known in the art for authenticating a user in the driving process because of unstable factors such as the vehicle entering or exiting a tunnel and a weather change which affect facial authentication, while incorporating driver factors in the authentication process enables stable authentication performance. Therein the claimed invention is not an abstract idea under 35 USC 101. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 19 – 38 is rejected under 35 U.S.C. 103 as being un-patentable over Kohlenberg et al. (U.S. 2015/0091713 A1; herein referred to as Kohlenberg) in view of Oh et al. (U.S. 2022/0144214 A1; herein referred to as Oh) in further view of Biemer et al. (U.S. 2016/0239926 A1; herein referred to as Biemer) in further view of Tao et al. (U.S. 2020/0133261 A1; herein referred to as Tao). In regard to claim 19, Kohlenberg teaches A method, applied to a vehicle (see ¶ [0001] “ . . . a system and method for vehicle theft detection. . . “), wherein the method comprises: performing first authentication of a user in a first authentication manner (see Fig. 4, ¶ [0041] “ . . . At block 402, a driver of the vehicle is identified with an onboard system . . .”, wherein the first authentication manner comprises at least one of vehicle key authentication (see ¶ [0009] “ . . . Access prevention may be provided by way of locks, security keys (e.g., a key fob with radio frequency identification (RFID)), or the like. . . “see ¶ [0027] “ . . . to identify the driver, the driver identification module 200 is adapted to: detect a key fob; obtain an identification value from the key fob; and correlate the identification value with the driver. For example, an onboard system may store several driver profiles and use a screen-based system to display driver profiles to the driver. During an initialization routine (e.g., learning period), the driver may initially associate a key fob with the driver's profile. The key fob may be uniquely identified by a global unique identifier (GUID), which may be transmitted from the key fob to the vehicle, such as by way of a radio-frequency identification (RFID) mechanism. As such, when a person approaches or enters a vehicle with a particular key fob, the vehicle system may correlate that key fob with a particular driver profile (e.g., driver identity). . . .”; see ¶ [0042] “ . . . identifying the driver comprises: detecting a key fob; obtaining an identification value from the key fob; and correlating the identification value with the driver. . . .”)) , password authentication (see ¶ [0033] “ . . . various types of access controls may be used, such as a username and password, . . .”) , biological feature authentication (see¶ [0012] “ . . . The new driver is assigned an identity in the onboard system and associated with a key fob or biometric data of the new driver. . . .”see ¶ [0017] “ . . . ; Driver information may be obtained with a biometric sensor, for example a fingerprint scanner, a retina scanner, a camera, or a voice recognition system. Other driver-related information may be used to derive or make an educated guess as to the driver's identity. For example, one or more seat sensors may measure the driver's weight or weight distribution, using one or both of these measurements, the processing modules 104 may identify a driver with some level of confidence. . . .”see ¶ [0025] “ . . . Biometric information includes information about the person, such as physical traits or other characteristics. Examples of biometric identifiers include, but are not limited to fingerprints, facial recognition, palm print, hand geometry, iris or retina recognition, and voice recognition. The biometric information may be obtained passively or actively . . .”; see ¶ [0041] “ . . .identifying the driver comprises: detecting physical access to the vehicle; obtaining a biometric identification of a person accessing the vehicle; and using the biometric identification to determine the driver identification. . . “ ) , collecting first driving data (see ¶ [0012] “ . . . The new driver is assigned an identity in the onboard system and associated with a key fob or biometric data of the new driver. As the new driver operates the vehicle, the vehicle collects behavioral data. After the new driver has operated the vehicle for a sufficient time, or after a sufficient amount of data has been collected, a profile is considered complete for that new driver. During daily use, after the vehicle determines which driver identity is active, the secure processing engine may perform continuous or intermittent monitoring and analysis to detect anomalies in the driver's behavior. . . .”); disabling the permission to use the first function when the second authentication fails (see ¶ [0029] “ . . . the authorization module 202 is adapted to determine whether the driver is the authorized operator, the authorization module 202 is adapted to: build a contemporaneous driver profile based on contemporaneous sensor data; access a driver profile database to obtain a historical driver profile; and compare the contemporaneous driver profile with the historical driver profile to determine whether the driver profile and historical driver profile are different. The contemporaneous driver profile is a driver profile based on the driver's current or recent activity (e.g., during the current trip). By comparing the driver's driving profile with past driving characteristics (e.g., stored in a historical driver profile), the system may determine whether the current driver is the imputed driver (e.g., the driver identified from above). For example, a contemporaneous driver profile may include indications that the current driver accelerates quickly from stops, takes turns at a high speed, or brakes hard to come to a stop. When compared to a historical driver profile of an owner/driver who is a more conservative driver that does not accelerate hard or brake hard, the authorization module 202 may determine that the current driver is an unauthorized operator. . . “see ¶ [0032] “ . . . The recovery module 204 is adapted to perform a security recovery process when the driver is not an authorized operator of the vehicle, according to various embodiments. In an embodiment, to perform the security recovery process, the recovery module 204 is adapted to disable the vehicle. For example, many vehicles are equipped with a "kill switch." The kill switch disables the vehicle's ignition or other components in a manner that the vehicle cannot be started or run. The kill switch may be activated remotely. However, in the embodiments described herein, the kill switch may be activated by the vehicle theft detection system 100. In another embodiment, to perform the security recovery process, the recovery module 204 is adapted to activate a vehicle alarm . . .”); Kohlenberg fails to explicitly teach but Oh teaches enabling permission to use a first function (e.g. control the transmission) of the vehicle when the first authentication succeeds (see ¶¶ [0127-0128] “ . . . the user authentication transmission control device 100 may receive the result of the user authentication including at least one of the face authentication, the iris authentication, and/or the fingerprint authentication through the user authentication device 110. When it is identified that the user authentication is completed within the predetermined time, the user authentication transmission control device 100 may unlock the transmission such that the user is able to control the transmission even when the key is not detected at the interior of the vehicle . . .”) ; It would have been obvious to one with ordinary skill in the art before the effective filing date of the applicant’s application to incorporate a system and method for authenticating a user of a vehicle before the transmission can be unlocked, as taught by Oh, into a system and method for vehicle theft detection where a user is denied access until a user can be authenticated based on comparison of data using the prior behavioral data of an prior authenticated user, as taught by Kohlenberg. Such incorporation enables the vehicle to operate only with a successful authentication. The combination of Kohlenberg and Oh fails to explicitly teach However Biemer teaches extracting driving features (e.g. driving behaviors) from the first driving data (see ¶ [0006] “ . . . During operation of the vehicle, sensor data may be received. The sensor data may provide information associated with driving behaviors of the user, environmental conditions in which the vehicle is being operated, and the like. . . .”) , where the driving features are based on a driving scenario (see ¶ [0033] “ . . . sensor data-focused factors, such as time elapsed, driving habits of the user, environmental conditions in which the user operates the vehicle, vehicle parameters (such as year, make, model, features, specifications, etc.), condition or performance of the vehicle (e.g., based on sensor data), and the like, as well as traditional policy factors, such as driving experience, driving record, credit variables, policy coverage, deductible, policy limits, familiarity of the driver with the vehicle or surroundings, and the like. . . .”); performing, based on a comparison (determining a consumption rate) of the extracted driving features (e.g. driving behaviors) to a reference driving policy (e.g. policy factors) (see¶ [0058] “ . . . “ . . . the consumption rate is determined based on traditional policy factors (either in combination with sensor data-focused factors or alone) the traditional policy factors, such as driving record, credit information, driving experience, vehicle features and/or specifications, coverages, deductibles, policy limits, etc. may be obtained from, for example, policy module 208. In some examples, the risk unit consumption rate may be determined or calculated for a particular trip. Additionally or alternatively, the consumption rate may be calculated or determined in real-time or near real-time, such that the rate may change as the user's driving behavior changes, as the type of road changes, as the environmental conditions change, or the like. Thus, for example, if a user is driving at speed higher than the speed limit and it is raining, the consumption rate may be higher than if the user is driving at the speed limit and/or there is no precipitation. This is merely one example of how consumption rate may change based on received sensor data and should not be viewed as limiting the disclosure to only this example. Rather, various other changes in received sensor data may be used to modify or alter the risk unit consumption rate for the user. . . “) It would have been obvious to one with ordinary skill in the art before the effective filing date of the applicant’s application to incorporate a system and method for implementing risk based automobile insurance policies using operating data from a vehicle and extracting driver behavior and environmental conditions for which the vehicle is being operated, as taught by Biemer, into a system and method for vehicle theft detection where a user is denied access until a user can be authenticated based on comparison of data using the prior behavioral data of an prior authenticated user, and authentication of a user enables the transmission of the vehicle to be unlocked, as taught by the combination of Kohlenberg and Oh. Such incorporation provides additional driver and operational data for determining the authentication. The combination of Kohlenberg, Oh, and Biemer fails to explicitly teach However Tao teaches or connected device authentication (see ¶ [0068] “ . . . determining whether the portable electronic device has the access permission includes: acquiring first authentication information related to at least one of the vehicle and a user of the vehicle; verifying the at least one of the vehicle and the user by using the first authentication information; and determining, based on a successful verification of the at least one of the vehicle and the user, that the portable electronic device has the access permission . . .”); a second authentication (see ¶ [0070] “ . . . providing second authentication information related to the portable electronic device for an authentication service of at least one of the vehicle and a user of the vehicle; receiving from the authentication service a verification result of the portable electronic device obtained using the second authentication information; and determining, in response to the verification result indicating a successful verification of the portable electronic device, that the portable electronic device has the access permission. . . .”); continuing the permission to use the first function when the second authentication succeeds (see ¶ [0080] “ . . . the connection establishing module 410 includes: a second information acquiring module, configured to provide second authentication information related to the portable electronic device for an authentication service of at least one of the vehicle and a user of the vehicle; a second verifying module, configured to receive from the authentication service a verification result of the portable electronic device obtained using the second authentication information; and a second successful authentication module, configured to determine, in response to the verification result indicating a successful verification of the portable electronic device, that the portable electronic device has the access permission. . . “). It would have been obvious to one with ordinary skill in the art before the effective filing date of the applicant’s application to incorporate a system and method for controlling autonomous driving of a vehicle using a first authentication result and a second authentication result to permit control of the vehicle, as taught by Tao, into a system and method for vehicle theft detection where a user is denied access until a user can be authenticated based on comparison of data using the prior behavioral data of an prior authenticated user, and using operating data from the vehicle and extracting driver behavior and environmental conditions for which the vehicle is being operated, and authentication of a user enables the transmission of the vehicle to be unlocked, as taught by the combination of Kohlenberg and Oh. Such incorporation enables the authentications to provide full control of the vehicle. In regard to claim 20, the combination of Kohlenberg, Oh, Biemer, and Tao teaches wherein the first function comprises at least one of adjusting vehicle components (see Oh ¶ [0016] “ . . . the device may further include a key detection device disposed in the vehicle, wherein the key detection device detects a key of the vehicle, and the controller may determine whether the user has departed the vehicle based on at least one of a gear stage of the transmission, whether the vehicle is determined to be in a stopped state, whether a door of a driver's seat of the vehicle is opened or closed, and/or the result of detecting the key. . . .”) , operating driving components (see Kohlenberg ¶ [0016] “ . . . Vehicle information may include information including, but not limited to acceleration and deceleration trends, braking use, time or duration of vehicle operation, pedal pressure, seat pressure (for determining driver weight or distribution), seat position, lap belt use, side view or rear view mirror position/orientation, steering column position, lap belt extension, and the like. . . .”), or operating a vehicle-mounted computer (see Oh ¶ [0054] “ . . . the machine may be an onboard vehicle system . . . “) The motivation to combine the references are described for the rejection pf claim 19 and is incorporated herein. Additionally, Oh offers vehicle components that a user may access upon authentication. In regard to claim 21, the combination of Kohlenberg, Oh, Biemer, and Tao teaches wherein the method further comprises: receiving a first user operation when the permission to use the first function is enabled (see Tao ¶ [0036] “ . . . The authentication information of the vehicle 110 may be specific information for the vehicle 110, for example, one or more of name, password, digital certificate, digital signature, identification or the like. The portable electronic device 210 may utilize various authentication technologies to verify the vehicle 110 and/or the user. If the vehicle 110 and/or the user is verified successfully, the portable electronic device 210 may determine it has the access permission to access the driving control system 212 . . .”); and performing the first function in response to the first user operation (see Tao ¶ [0041] “ . . . , if one of the above authentications is successful, the communication connection 202 may be allowed to be established. . . .”). The motivation to combine the references are described for the rejection pf claim 19 and is incorporated herein. Additionally, Tao provides enabling operations of the vehicle once permission is authorized. In regard to claim 22, the combination of Kohlenberg, Oh, Biemer, and Tao teaches wherein disabling the permission to use the first function when the second authentication fails comprises: reperforming first authentication after the second authentication fails (see Kohlenberg ¶ [0059] “ . . . a driver identification module adapted to identify a driver of the vehicle; an authorization module adapted to determine whether the driver is an authorized operator of the vehicle, the determination based on sensor data collected from a sensor installed in the vehicle; and a recovery module adapted to perform a security recovery process when the driver is not an authorized operator of the vehicle. . . .”); and disabling the permission to use the first function when reperforming the first authentication fails (see Kohlenberg ¶ [0083] “ . . . performing the security recovery process comprises disabling the vehicle. . . “). In regard to claim 23, the combination of Kohlenberg, Oh, Biemer, and Tao teaches wherein reperforming the first authentication comprises: outputting first information when the second authentication fails, wherein the first information prompts the user to reperform the first authentication (see Kohlenberg ¶ [0025] “ . . . the vehicle system may request or require biometric authentication before allowing the vehicle to start or be shifted into drive. For example, the vehicle system may request that the driver identify himself by speaking a passphrase, swiping a finger over a fingerprint scanner, or looking directly at a video camera for facial or retina recognition. Using these various methods, the system may identify the driver . . .”) ; receiving a second user operation (e.g. unlock door) (see Kohlenberg ¶ [0026] “ . . . the physical access comprises unlocking a door of the vehicle. For example, some vehicles are equipped with a touch-sensitive door handle that actuates the locking mechanism. In such vehicles, a fingerprint scanner may be incorporated into the touch surface of the door handle to scan the person's finger at the time of unlocking the vehicle . . . “); and reperforming, in response to the second user operation, the first authentication (see Kohlenberg ¶ [0028] “ . . . The authorization module 202 is adapted to determine whether the driver is an authorized operator of the vehicle, the determination based on sensor data collected from a sensor installed in the vehicle, according to various embodiments. To determine whether a driver is an authorized operator, the driver's identity is compared to a list of authorized operators. The list of authorized operators may be the collection of known driver profiles. . . “) In regard to claim 24, the combination of Kohlenberg, Oh, Biemer, and Tao teaches wherein before disabling the permission to use the first function, the method further comprises disabling a permission to use a second function of the vehicle when the second authentication fails (see Tao¶ [0070] “ . . . ; receiving from the authentication service a verification result of the portable electronic device obtained using the second authentication information . . .” see Tao ¶ [0072] “ . . . determining whether the access permission of the portable electronic device to access the driving control system of the vehicle is cancelled; and in response to determining that the access permission is cancelled, stopping determining the control instruction for the driving behavior of the vehicle ) , and wherein the second function is different from the first function (see Kohlenberg ¶ [0033] “ . . . various types of access controls may be used, such as a username and password, biometric authentication, a key fob, or other mechanisms to ensure that the owner or other authorized operator is the one disabling or enabling the system. . . .”). The motivation to combine the references is described for the rejection of claim 19 and is incorporated herein. Additionally Tao provides first and second authorization coordination for accessing the vehicle. In regard to claim 25, the combination of Kohlenberg, Oh, Biemer, and Tao teaches wherein the first function comprises a function for operating a driving component of the vehicle and a navigation function (see Kohlenberg ¶ [0014] “ . . . Navigation systems may include global positioning systems, road sensing systems, beacon sensing systems, mapping systems, or traffic routing systems. Driving systems may include cruise control, braking, or attitude control systems. Environmental systems may include heating and ventilation systems, lighting systems, audio systems, or a heads up display system. . . .”) In regard to claim 26, the combination of Kohlenberg, Oh, Biemer, and Tao teaches wherein disabling the permission to use the first function when the second authentication fails (see Tao ¶ [0070], ¶ [0072] as described for the rejection of claim 24 and is incorporated herein) comprises: outputting second information when the second authentication fails, wherein the second information prompts the user to perform a third user operation (see Kohlenberg ¶ [0031] “ . . . the vehicle may have an initialization mode or learning period where the driver is monitored and various characteristics of the driver or driving habits are obtained, recorded, and processed. For example, acceleration, deceleration, average speed, and other driving characteristics are largely similar from day to day for a driver who commutes the same route daily. By recording and trending these types of values, anomalies in driving behavior may be detected, suggesting that the current driver is not the same as the driver associated with the historical driver profile. . . .”) ; and performing, in response to the third user operation, either a repeat of the first authentication or a cancellation of the first authentication (see Tao ¶ [0060] “ . . . the autonomous driving control of the portable electronic device 210 may be cancelled. For example, the portable electronic device 210 may determine whether it has the access permission to access the driving control system, if no, the portable electronic device 210 stops determining the control instruction for the driving behavior of the vehicle 110. The access permission of the portable electronic device 210, for example, may be cancelled when the portable electronic device is beyond the specified geographic area, the specified time expires, the user does not pay for enough fees for the autonomous driving control and/or a cancellation instruction is received, etc. . . .”) ; or disabling the permission to use the first function when no third user operation is received within a first period of time (see Kohlenberg ¶ [0032] “ . . . , the kill switch may be activated by the vehicle theft detection system 100. . . “) . The motivation to combine the references is described for the rejection of claim 19 and is incorporated herein. Additionally Tao can cancel operations upon a fial of the first or second authentication. In regard to claim 27, the combination of Kohlenberg, Oh, Biemer, and Tao teaches wherein the method further comprises: when the second authentication fails, disabling a second function of the vehicle and performing the first authentication in the first authentication manner (see Tao¶ [0070] “ . . . receiving from the authentication service a verification result of the portable electronic device obtained using the second authentication information . . .” see Tao ¶ [0072] “ . . . determining whether the access permission of the portable electronic device to access the driving control system of the vehicle is cancelled; and in response to determining that the access permission is cancelled, stopping determining the control instruction for the driving behavior of the vehicle ) , wherein the second function is different from the first function (see Kohlenberg ¶ [0033] “ . . . various types of access controls may be used, such as a username and password, biometric authentication, a key fob, or other mechanisms to ensure that the owner or other authorized operator is the one disabling or enabling the system. . . .”); and enabling permission to use the second function when the first authentication succeeds (see Tao ¶ [0078] “ . . . the permission determining module includes: a first information acquiring module, configured to acquire first authentication information related to at least one of the vehicle and a user of the vehicle; a first verifying module, configured to verify the at least one of the vehicle and the user by using the first authentication information; and a first successful authentication module, configured to determine, based on a successful verification of the at least one of the vehicle and the user, that the portable electronic device has the access permission. . . .”). The motivation to combine the references is described for the rejection of claim 19 and is incorporated herein. Additionally Tao provides first and second authorization coordination for accessing the vehicle. In regard to claim 28, the combination of Kohlenberg, Oh, Biemer, and Tao teaches wherein before performing the second authentication (see Tao ¶ [0070] as described for the rejection of claim 19 and is incorporated herein) receiving third driving data from a first device (see Kohlenberg ¶ [0029] “ . . . the authorization module 202 is adapted to determine whether the driver is the authorized operator, the authorization module 202 is adapted to: build a contemporaneous driver profile based on contemporaneous sensor data; access a driver profile database to obtain a historical driver profile; and compare the contemporaneous driver profile with the historical driver profile to determine whether the driver profile and historical driver profile are different . . .”); determining a driving feature template based on the third driving data (see Kohlenberg ¶ [0029] “ . . . The contemporaneous driver profile is a driver profile based on the driver's current or recent activity (e.g., during the current trip). By comparing the driver's driving profile with past driving characteristics (e.g., stored in a historical driver profile), the system may determine whether the current driver is the imputed driver (e.g., the driver identified from above). For example, a contemporaneous driver profile may include indications that the current driver accelerates quickly from stops, takes turns at a high speed, or brakes hard to come to a stop. When compared to a historical driver profile of an owner/driver who is a more conservative driver that does not accelerate hard or brake hard, the authorization module 202 may determine that the current driver is an unauthorized operator. . . .”) , and wherein the method further comprises further performing, based on the first driving data and the driving feature template, the second authentication (see Tao ¶ [0080] “ . . . the connection establishing module 410 includes: a second information acquiring module, configured to provide second authentication information related to the portable electronic device for an authentication service of at least one of the vehicle and a user of the vehicle; a second verifying module, configured to receive from the authentication service a verification result of the portable electronic device obtained using the second authentication information; and a second successful authentication module, configured to determine, in response to the verification result indicating a successful verification of the portable electronic device, that the portable electronic device has the access permission. . . .”). The motivation to combine the references is described for the rejection of claim 19 and is incorporated herein. Additionally Tao provides first and second authorization coordination for accessing the vehicle. In regard to claim 29, the combination of Kohlenberg, Oh, Biemer, and Tao teaches wherein before determining the driving feature template based on the third driving data(see Kohlenberg ¶ [0029] as described for the rejection of claim 28 and is incorporated herein) , the method further comprises collecting fourth driving data (see Kohlenberg ¶ [0030] “ . . . , to build the contemporaneous driver profile, the authorization module 202 is adapted to: record sensor data; and associate the sensor data with the driver. For example, while the operator is driving, various sensor data may be obtained, such as acceleration characteristics, and associated with the driver. Other sensor data may be obtained and stored. As such, in a further embodiment, to record sensor data, the authorization module 202 is adapted to perform at least one of: recording trends of vehicle acceleration; recording trends of vehicle deceleration; recording seat pressure sensor data; or recording an audio signature of the driver. . . “), and wherein the method further comprises further determining the driving feature template based on the third driving data and the fourth driving data (see Kohlenberg ¶ [0031] “ . . . to compile the historical driver profile, the authorization module 202 is adapted to: enter an initialization mode for a new driver; collect and store sensor data for the new driver; compile the sensor data to create the historical driver profile for the new driver; and store the historical driver profile in a data store in the vehicle. For example, the vehicle may have an initialization mode or learning period where the driver is monitored and various characteristics of the driver or driving habits are obtained, recorded, and processed. For example, acceleration, deceleration, average speed, and other driving characteristics are largely similar from day to day for a driver who commutes the same route daily. By recording and trending these types of values, anomalies in driving behavior may be detected, suggesting that the current driver is not the same as the driver associated with the historical driver profile. . . “). In regard to claim 30, the combination of Kohlenberg, Oh, Biemer, and Tao teaches wherein the method further comprises: performing the first authentication in the first authentication manner when the second authentication fails (see Tao¶ [0070] “ . . . receiving from the authentication service a verification result of the portable electronic device obtained using the second authentication information . . .” see Tao ¶ [0072] “ . . . determining whether the access permission of the portable electronic device to access the driving control system of the vehicle is cancelled; and in response to determining that the access permission is cancelled, stopping determining the control instruction for the driving behavior of the vehicle ) ; and updating the driving feature template of the user based on the first driving data when the first authentication succeeds (see Kohlenberg ¶ [0044] “ . . . determining whether the driver is the authorized operator comprises: building a contemporaneous driver profile based on contemporaneous sensor data; accessing a driver profile database to obtain a historical driver profile; and comparing the contemporaneous driver profile with the historical driver profile to determine whether the driver profile and historical driver profile are different. . . .”) The motivation to combine the references is described for the rejection of claim 19 and is incorporated herein. Additionally Tao provides first and second authorization coordination for accessing the vehicle. In regard to claim 31, the combination of Kohlenberg, Oh, Biemer, and Tao teaches wherein the method further comprises updating the driving feature template of the user based on the first driving data (see Kohlenberg ¶ [0029] “ . . . the authorization module 202 is adapted to determine whether the driver is the authorized operator, the authorization module 202 is adapted to: build a contemporaneous driver profile based on contemporaneous sensor data; access a driver profile database to obtain a historical driver profile; and compare the contemporaneous driver profile with the historical driver profile to determine whether the driver profile and historical driver profile are different . . .”)when the second authentication succeeds (see Tao ¶ [0080] “ . . . the connection establishing module 410 includes: a second information acquiring module, configured to provide second authentication information related to the portable electronic device for an authentication service of at least one of the vehicle and a user of the vehicle; a second verifying module, configured to receive from the authentication service a verification result of the portable electronic device obtained using the second authentication information; and a second successful authentication module, configured to determine, in response to the verification result indicating a successful verification of the portable electronic device, that the portable electronic device has the access permission. . . .”). The motivation to combine the references is described for the rejection of claim 19 and is incorporated herein. Additionally Tao provides first and second authorization coordination for accessing the vehicle. In regard to claim 32, the combination of Kohlenberg, Oh, Biemer, and Tao teaches wherein the method further comprises: sending first indication information to a second device (e.g. portable electronic device) when the second authentication fails (see Tao ¶ [0070] “ . . . determining whether the portable electronic device has the access permission includes: providing second authentication information related to the portable electronic device for an authentication service of at least one of the vehicle and a user of the vehicle; receiving from the authentication service a verification result of the portable electronic device obtained using the second authentication information . . .”) , wherein the first indication information indicates that the first authentication fails(see Tao ¶ [0072] “ . . . : determining whether the access permission of the portable electronic device to access the driving control system of the vehicle is cancelled; and in response to determining that the access permission is cancelled, stopping determining the control instruction for the driving behavior of the vehicle . . .”); or sending second indication information to the second device when the second authentication succeeds(see Tao ¶ [0070] “ . . . determining whether the portable electronic device has the access permission includes: providing second authentication information related to the portable electronic device for an authentication service of at least one of the vehicle and a user of the vehicle; receiving from the authentication service a verification result of the portable electronic device obtained using the second authentication information . . .”) , wherein the second indication information indicates that the first authentication succeeds(see Tao ¶ [0080] “ . . . the connection establishing module 410 includes: a second information acquiring module, configured to provide second authentication information related to the portable electronic device for an authentication service of at least one of the vehicle and a user of the vehicle; a second verifying module, configured to receive from the authentication service a verification result of the portable electronic device obtained using the second authentication information; and a second successful authentication module, configured to determine, in response to the verification result indicating a successful verification of the portable electronic device, that the portable electronic device has the access permission. . . .”). The motivation to combine the references is described for the rejection of claim 19 and is incorporated herein. Additionally Tao provides first and second authorization coordination for accessing the vehicle. In regard to claim 33, Kohlenberg teaches A device (see ¶ [0019] as described for the rejection of claim 19 and is incorporated herein) , comprising: a memory configured to store a computer program (see ¶ [0051] “ . . . Embodiments may be implemented in one or a combination of hardware, firmware, and software. Embodiments may also be implemented as instructions stored on a machine-readable storage device, which may be read and executed by at least one processor to perform the operations described herein. A machine-readable storage device may include any non-transitory mechanism for storing information in a form readable by a machine (e.g., a computer). . . “); and one or more processors coupled to the memory and configured to execute the computer program (see ¶ [0052] “ . . . Examples, as described herein, may include, or may operate on, logic or a number of components, modules, or mechanisms. Modules are tangible entities (e.g., hardware) capable of performing specified operations and may be configured or arranged in a certain manner. In an example, circuits may be arranged (e.g., internally or with respect to external entities such as other circuits) in a specified manner as a module. In an example, the whole or part of one or more computer systems (e.g., a standalone, client or server computer system) or one or more hardware processors may be configured by firmware or software (e.g., instructions, an application portion, or an application) as a module that operates to perform specified operations. . . “) to cause the device to: perform first authentication on a user identity in a first authentication manner (see Fig. 4, ¶ [0041] as described for the rejection of claim 19 and is incorporated herein) , wherein the first authentication manner comprises at least one of vehicle key authentication (see ¶ [0009] ¶ [0027] , ¶ [0042] as described for the rejection of claim 19 and is incorporated herein) password authentication (see ¶ [0033] as described for the rejection of claim 19 and is incorporated herein) , biological feature authentication (see ¶ [0012], ¶ [0017] ¶ [0025], ¶ [0041] as described for the rejection of claim 19 and is incorporated herein) , collect first driving data(see ¶ [0012] as described for the rejection of claim 19 and is incorporated herein) ; disable the permission to use the first function when the second authentication fails(see ¶ [0029], ¶ [0032] as described for the rejection of claim 19 and is incorporated herein); and . Kohlenberg fails to explicitly teach but Oh teaches enable permission to use a first function (e.g. control the transmission) of a vehicle when the first authentication succeeds(see ¶¶ [0127-0128] as described for the rejection of claim 19 and is incorporated herein) ; The motivation to combine Oh with Kohlenberg is described for the rejection of claim 19 and is incorporated herein. The combination of Kohlenberg and Oh fails to explicitly teach, However Biemer teaches extracting driving features (e.g. driving behaviors) from the first driving data (see ¶ [0006] as described for the rejection of claim 19 and is incorproated herein) , where the driving features are based on a driving scenario (see ¶ [0033] as described for the rejection of claim 19 and is incorproated herein); perform, based on a comparison (determining a consumption rate) of the extracted driving features (e.g. driving behaviors) to a reference driving policy (e.g. policy factors) (see¶ [0058] as described for the rejection of claim 19 and is incorproated herein) The motivation to combine Biemer with the combination of Kohlenberg and Oh is described for the rejection of claim 19 and is incorporated herein. The combination of Kohlenberg, Oh, and Biemer fails to explicitly teach but Tao teaches a second authentication (see ¶¶ [0069-0070] as described for the rejection of claim 19 and is incorporated herein) ; The motivation to combine Tao with the combination of Kohlenberg, Oh, and Biemer is described for the rejection of claim 19 and is incorporated herein). In regard to claim 34, the combination of Kohlenberg, Oh, Biemer, and Tao teaches wherein the first function comprises adjusting vehicle components (see Oh ¶ [0016] as described for the rejection of claim 20 and is incorporated herein), operating driving components (see Kohlenberg ¶ [0016] as described for the rejection of claim 20 and is incorporated herein), or operating a vehicle-mounted computer (see Oh ¶ [0054] as described for the rejection of claim 20 and is incorporated herein). The motivation to combine the references are described for the rejection pf claim 20 and is incorporated herein. In regard to claim 35, the combination of Kohlenberg, Oh, Biemer, and Tao teaches wherein the one or more processors are further configured to execute the computer program to cause the device to: receive a first user operation when the permission to use the first function is enabled (see Tao ¶ [0036] as described for the rejection of claim 21 and is incorporated herein) ; and perform the first function in response to the first user operation (see Tao ¶ [0041] as described for the rejection of claim 21 and is incorporated herein). The motivation to combine the references are described for the rejection of claim 21 and is incorporated herein. In regard to claim 36, the combination of Kohlenberg, Oh, Biemer, and Tao teaches wherein the one or more processors are further configured to execute the computer program to cause the device to disable the permission to use the first function when the second authentication fails by: reperforming the first authentication when the second authentication fails (see Kohlenberg ¶ [0059] as described for the rejection of claim 22 and is incorporated herein) ; and disabling the permission to use the first function when reperforming the first authentication fails (see Kohlenberg ¶ [0083] as described for the rejection of claim 22 and is incorporated herein). The motivation to combine the references are described for the rejection of claim 22 and is incorporated herein. In regard to claim 37, the combination of Kohlenberg, Oh, Biemer, and Tao teaches wherein before disabling the permission to use the first function, the one or more processors are further configured to execute the computer program to cause the device to disable a permission to use a second function of the vehicle when the second authentication fails (see Tao ¶ [0070] ¶ [0072] as described for the rejection of claim 24 and is incorporated herein) , and wherein the second function is different from the first function (see Kohlenberg ¶ [0033] as described for the rejection of claim 24 and is incorporated herein). The motivation to combine the references are described for the rejection of claim 24 and is incorporated herein. In regard to claim 38, the combination of Kohlenberg, Oh, Biemer, and Tao teaches wherein the first function comprises operating a driving component of the vehicle and a navigation function (see Kohlenberg ¶ [0014] as described for the rejection of claim 25 and is incorporated herein) , and wherein the second function differs from the first function (see Kohlenberg ¶ [0033] as described for the rejection of claim 24 and is incorporated herein). Conclusion There are prior art made of record which are not relied upon but are considered pertinent to applicant’s disclosure. They are listed on the PTO-892 accompanying this action Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to JAMES N FIORILLO whose telephone number is (571)272-9909. The examiner can normally be reached on 7:30 - 5 PM Mon - Fri.. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, John A. Follansbee can be reached on 571-272-3964. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /JAMES N FIORILLO/Examiner, Art Unit 2444
Read full office action

Prosecution Timeline

Feb 28, 2024
Application Filed
Sep 06, 2025
Non-Final Rejection — §101, §103
Nov 19, 2025
Response Filed
Mar 04, 2026
Final Rejection — §101, §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

18/217,150
Patent 12602457
PREVENTING ACCIDENTAL PASSWORD DISCLOSURE
2y 5m to grant Granted Apr 14, 2026
18/310,610
Patent 12585739
IMAGE FORMING DEVICE TRANSMITTING DATA FOR DISPLAYING AUTHENTICATION CHANGING WEB PAGE
2y 5m to grant Granted Mar 24, 2026
17/898,829
Patent 12572631
System and Method for Watermarking Data for Tracing Access
2y 5m to grant Granted Mar 10, 2026
18/002,984
Patent 12562921
CERTIFICATE ENROLLMENT FOR SHARED NETWORK ELEMENT
2y 5m to grant Granted Feb 24, 2026
18/197,929
Patent 12554557
PRECISION GEOMETRY CLIENT FOR THIN CLIENT APPLICATIONS
2y 5m to grant Granted Feb 17, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

3-4
Expected OA Rounds
86%
Grant Probability
99%
With Interview (+36.9%)
2y 12m
Median Time to Grant
Moderate
PTA Risk
Based on 444 resolved cases by this examiner. Grant probability derived from career allow rate.

Ready to respond to this office action?

IP Author drafts your complete OA response — amendments, arguments, and claim strategy — in minutes, not days.

Start Drafting Your Response →

Data sourced from USPTO Patent File Wrapper (daily) and Office Action Archive (weekly). Analysis generated by IP Author.

Data: USPTO Patent File Wrapper (daily) • Office Action Archive (weekly) • 89M+ prosecution events

© 2026 IP Author — Browse Office ActionsExaminersCompaniesFirms

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month