Prosecution Insights
Last updated: April 17, 2026
Application No. 18/696,537

METHOD FOR THE PERFORMANCE OF AN AUTHENTICATION PROCESS BY AN INDIVIDUAL SYSTEM USER

Non-Final OA §101§103§112
Filed
Mar 28, 2024
Examiner
TURCHEN, JAMES R
Art Unit
2439
Tech Center
2400 — Computer Networks
Assignee
unknown
OA Round
1 (Non-Final)
82%
Grant Probability
Favorable
1-2
OA Rounds
3y 1m
To Grant
99%
With Interview

Examiner Intelligence

Grants 82% — above average
82%
Career Allow Rate
523 granted / 637 resolved
+24.1% vs TC avg
Strong +34% interview lift
Without
With
+33.7%
Interview Lift
resolved cases with interview
Typical timeline
3y 1m
Avg Prosecution
24 currently pending
Career history
661
Total Applications
across all art units

Statute-Specific Performance

§101
10.0%
-30.0% vs TC avg
§103
48.2%
+8.2% vs TC avg
§102
25.1%
-14.9% vs TC avg
§112
10.2%
-29.8% vs TC avg
Black line = Tech Center average estimate • Based on career data from 637 resolved cases

Office Action

§101 §103 §112
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Examiner Note As per the interview held on 1/23/2026, the examiner confirmed that the claim set filed 3/31/2025 is not the intended claim set and that the amended claim set filed on 03/28/2024 is the proper claim set. Claim Objections Claim 1 is objected to because of the following informalities: Claim 1 recites a transitional phrase “wherein” in the preamble. The examiner suggests using the term “comprising:” or “consisting:” to more clearly distinguish the transitional phrase from the preamble. Appropriate correction is required. Claim 1 is objected to because of the following informalities: In the method claim, it is recommended for the steps to begin with an active verb. For example, step (a) can recite “implementing security fragments” instead of “the implementation of security fragments” and similar for the other steps (b) through (f). Appropriate correction is required. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 13-14 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because a computer program product does not constitute a process, machine, manufacture, or composition of matter. A computer program product or computer program, alone and when not stored in a non-transitory computer readable medium, a memory, or other physical embodiment, is considered to comprise code which is merely an abstract idea. As such claims 13-14 cannot are not directed to eligible subject matter. Examiner note: claim 14 states that “the computer program runs on a technical data processing machines …”, however, this is insufficient as code is written to be run on a machine is different from code that is stored on and executing on a machine. Claims 15 is rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. The claimed “electronic lock and/or locking systems” can be a software object. An electronic lock or locking system can be a software lock on a device that prevents users from getting into the device as is known in the art by a person of ordinary skill. Thus, applying the broadest reasonable interpretation in light of the specification and taking into account the meaning of the words in their ordinary usage as they would be understood by one of ordinary skill in the art, the claimed system can be software per se. Therefore, the claimed subject matter as a whole fails to fall within the definition of a process, a machine, manufacture, or composition of matter. Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. Claims 1-12 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. The preamble recites “A method for performing an authentication process by an individual system user, using technical security systems which comprise hardware and software and are intended to generate, manage and execute an authentication algorithm, formed from security fragments, of individual algorithm-based multifactor authentication, on a technical authentication system requiring authentication, wherein”. It is unclear whether the steps proceeding the term “wherein” are further defining the technical authentication system or the method. For purposes of examination, the examiner will treat the term “wherein” as if it were the method being further defined. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention. Claim(s) 1-15 is/are rejected under 35 U.S.C. 103 as being unpatentable over Chao et al. (US 2013/0055372) hereafter Chao in view of Brand (US 9,686,245) hereafter Brand. 1. Chao discloses a method for performing an authentication process by an individual system user , using technical security systems which comprise hardware and software and are intended to generate, manage and execute an authentication algorithm , formed from security fragments, of individual algorithm-based authentication, on a technical authentication system requiring authentication (figs 3, 5 and 6 and corresponding text, 570 and 610, steps 1-3 are security fragments of individual algorithm-based authentication), characterized by (a) the implementation of security fragments using the technical security system by an administrator and/or a system user individualizing the authentication process at least in the form of patterns and/or sets of rules and/or algorithm templates for generating an algorithm for performing the authentication process within a technical authentication system requiring the authentication (para 67; see also figs 3, 5, 6 and corresponding text), (b) the management of the implemented security fragments by the administrator and/or the individual system user within the technical security system (para 67-68 [managing as defined in the specification, Table 7: managing (creating, editing, modifying, saving, and deleting)]; see also figs 3, 5, and 6 and corresponding text), (c) the generation of the authentication algorithm from implemented security fragments by the individual system user and the linking of this authentication algorithm to an authentication code determined by the individual system user , wherein the authentication algorithm with authentication code is assigned to a defined technical authentication system by the individual system user (para 68; see also figs 3, 5, 6 and corresponding text), (d) performance of the authentication process by legitimizing the individual system user on a technical authentication system that is selected by the system user and requires authentication (para 77-78; see also figs 3, 5, 6 and corresponding text), and automatically generating temporary authentication data based on the authentication algorithm stored in the technical security system for this technical authentication system with reference to the authentication code and transmitting said data to the individual system user (para 78-79; see also figs 3, 5, 6 and corresponding text), wherein data are exchanged between the technical security system managing the authentication algorithm with authentication code and the technical authentication system requiring authentication by way of synchronization processes for exchanging non-public data (para 78-80; see also figs 3, 5, 6 and corresponding text), (e) use of the authentication algorithm in conjunction with the authentication code by the individual system user for the purpose of converting the temporary authentication data into a temporary input code for input and authentication of the individual system user on the technical authentication system (para 80-82; see also figs 3, 5, 6 and corresponding text), and (f) performance of an authentication check of the temporary input code input by the individual system user by the technical security system , with the inclusion of the generated temporary authentication data , and use of the authentication code generated by the individual system user and the authentication algorithm for generating a temporary result of the authentication check for triggering defined steps of the system process on the basis of this temporary result of the authentication check (para 80-82; see also figs 3, 5, 6; 7A-7B and corresponding text). Chao does not explicitly disclose multifactor authentication. However, in an analogous art, Brand discloses secure authentication including multifactor authentication (col 7, lines 24-34, fingerprint, password, and private key are something the user is, knows, and possesses respectively). It would have been obvious to a person of ordinary skill in the art before the effective filing date to modify the implementation of Chao with the implementation of Brand in order to reduce the likelihood of compromise (col 1, lines 42-49). 2. Chao and Brand disclose the method for performing an authentication process as claimed in claim 1, wherein established known cryptographic security mechanisms are integrated into the method in order to implement the security fragments and/or to automatically generate and/or execute the security fragments (Brand, col 4, line 64-col 5, line 8). 3. Chao and Brand disclose the method for performing an authentication process as claimed in claim 1, wherein the complexity of the authentication process with user interaction is scalable and can be determined by the individual system user when implementing the security fragments for the authentication process (Chao, para 22). 4. Chao and Brand disclose the method for performing an authentication process as claimed in claim 1, wherein a plurality of security techniques are processed in a single step in a parallel manner by means of a single input by the individual system user (Chao, para 75-76, seed string in CAPTCHA form is a plurality of security techniques (something you know, prove you are human)). 5. Chao and Brand disclose the method for performing an authentication process as claimed in claim 1, wherein the physical input of the temporary input code takes place in an input field and is requested and input in a manner distributed over the entire input field during use (Chao, figs 6-7A,B and corresponding text). 6. Chao and Brand disclose the method for performing an authentication process as claimed in claim 1, wherein existing authentication codes can be integrated into the authentication process and can thus be retained (Chao, fig 6 and corresponding text). 7. Chao and Brand disclose the method for performing an authentication process as claimed in claim 1, wherein an individual system user can already recognize, during the input prompt of a requesting authentication system , by comparing the security fragments implemented by the individual system user for the input prompt , whether the requesting authentication system has the legitimacy to create the input prompt (Chao, figs 6, 7A,B and corresponding text). 8. Chao and Brand disclose the method for performing an authentication process as claimed in claim 1, wherein the security fragments for the individual algorithm-based multifactor authentications , depending on how the individual algorithm-based multifactor authentication is implemented by the administration , are generated, managed and/or executed inside and/or outside the system (Chao, para 67; figs 3, 5, 6, 7 and corresponding text). 9. Chao and Brand disclose the method for performing an authentication process as claimed in claim 1, wherein the individual system user generates algorithm templates by means of technical elements and/or aids and implements the applicable authentication algorithm in the authentication process in a manner adapted to his or her cognitive abilities, wherein the patterns and sets of rules can be individually combined with algorithm templates and these algorithm templates form the basis for generating the algorithms of the authentication process (Chao, figs 3, 5, 6 and corresponding text). 10. Chao and Brand disclose the method for performing an authentication process as claimed in claim 1, wherein the individual system user defines and/or selects user data , algorithms , patterns , sets of rules , assignment levels , viewing levels , calculation rules , phrases , algorithm templates and assignment patterns for the purpose of generating the algorithms (Chao, fig 5 and 6 and corresponding text). 11. Chao and Brand disclose the method for performing an authentication process as claimed in claim 1, wherein the patterns consist of viewing levels and assignment levels , wherein these assignment levels include assignment patterns and the sets of rules consist of phrases and/or calculation rules (Chao, figs 5 and 6 and corresponding text). 12. Chao and Brand disclose the method for performing an authentication process as claimed in claim 1, wherein an authentication algorithm consists of at least one user-defined generation procedure and at least one user-defined verification procedure (Chao, figs 5 and 6 and corresponding text). 13. Chao and Brand disclose a program product for performing an authentication process according to the method as claimed claim 1 for completely or partially managing and generating user data , algorithms , patterns , sets of rules , assignment levels , viewing levels , calculation rules , phrases , algorithm templates and assignment patterns , with instructions executable by a technical security system and a technical authentication system and the synchronization of the authentication algorithm between the technical security system and the authentication system (Chao, figs 5 and 6 and corresponding text). 14. Chao and Brand disclose a computer program for performing an authentication process according to the method as claimed in claim 1, wherein the computer program runs on technical data processing machines as a technical security and authentication system (Chao, figs 5-7 and corresponding text). 15. Chao and Brand disclose a technical construction for performing an authentication process according to the method as claimed in claim 1, wherein the technical construction comprises mechanical and/or electronic locks and/or locking systems and the technical security and authentication systems , for applying the individual algorithm-based multifactor authentication with access to the mechanical and/or electronic locks and/or locking systems (Chao, para 7, figs 5-7 and corresponding text). Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to JAMES R TURCHEN whose telephone number is (571)270-1378. The examiner can normally be reached Monday-Friday: 7-3. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached at 571-270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /JAMES R TURCHEN/Primary Examiner, Art Unit 2439
Read full office action

Prosecution Timeline

Mar 28, 2024
Application Filed
Jan 14, 2026
Non-Final Rejection — §101, §103, §112 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12602494
METHOD FOR SWITCHING EXECUTION ENVIRONMENT AND RELATED DEVICE THEREOF
2y 5m to grant Granted Apr 14, 2026
Patent 12598163
SYSTEMS, METHODS, AND MEDIA FOR A CLOUD BASED SOCIAL MEDIA NETWORK
2y 5m to grant Granted Apr 07, 2026
Patent 12592931
NETWORKING TECHNIQUES FOR ENABLING COMMUNICATION BETWEEN MULTIPLE CLOUD ENVIRONMENTS
2y 5m to grant Granted Mar 31, 2026
Patent 12585740
ON-CHAIN PUSH-MODE MULTI-FACTOR AUTHENTICATION METHOD AND SYSTEM FOR BLOCKCHAIN SERVICES
2y 5m to grant Granted Mar 24, 2026
Patent 12579289
MULTIMEDIA SHARING METHOD AND APPARATUS, AND DEVICE AND MEDIUM
2y 5m to grant Granted Mar 17, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

1-2
Expected OA Rounds
82%
Grant Probability
99%
With Interview (+33.7%)
3y 1m
Median Time to Grant
Low
PTA Risk
Based on 637 resolved cases by this examiner. Grant probability derived from career allow rate.

Sign in for Full Analysis

Enter your email to receive a magic link. No password needed.

Free tier: 3 strategy analyses per month