DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-12 were cancelled in the response filed on 12/10/25. New claims 13-24 were added and were examined. Applicant’s arguments directed at the new claims were considered but are moot in view of new rejections made below in response to the new claims.
Claim Objections
Claim 17 is objected to because of the following informalities:
In line 10 of claim 17, ‘. It is then” should probably be “, which is then”.
In line 11 of claim 17, the period at the end of the line should probably be a comma.
Appropriate correction is required.
Art rejection will be applied as best understood.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 13, 15-21, and 24 is/are rejected under 35 U.S.C. 103 as being unpatentable over Ebrahimi et al (US 2019/0149537) in view of “RSA SecurID 800 Authenticator”, hereinafter “RSA”.
Claim 13:
Ebrahimi discloses:
- a first device for generating codes via a code generation method and presenting the
generated codes through images (paragraphs 7 and 65-67; Fig 4A, Web Server; The Web Server generates and sends a login page),
- an image-reading device provided with communication and transmission means to a
different device (paragraphs 65-67; Fig 4A, First Device),
- a second device (paragraphs 65-67; Fig 4A, Second Device) for validating codes presented with images and capable of applying the same code generation method as the first device, wherein the second device generates additional codes to be compared with codes received from the first device and verifies that the compared codes are identical (paragraphs 65-67, 69-70, and 99-101; and Fig 4A-4D; The QR code based on the envelop ID and is validated by Second Device),
Characterized in that:
- said first device and said second device each generate their respective codes based on unique identifying information relating to an entity and elements that change over time (paragraphs 65-67, 69, and 99-101; and Fig 4A; The QR code is based on the envelope ID and is therefore dynamic, changing over time);
- said image-reading device forwards the images generated by the first device to the second device (paragraph 66s and 70, element 420; and Fig 4A-4D; First device displays the QR code that was generated by the web server); and
- said second device certifies the correctness of said codes received from the image reading device by comparing said received codes with the additional codes generated by the second device using methods identical to those used by said first device (paragraphs 66, 71; and Fig 4A-4D; Second user device does validation).
Ebrahimi does not disclose, but RSA discloses/makes obvious wherein the second device is configured to generate the additional codes when offline and without the need for an internet connection (p1-2; The RSA SecurID token as discussed in the reference and seen on p1 generates tokens that changes every 60 seconds without any internet connection/when offline).
Before the effective filing date of applicant’s claimed invention, it would have been obvious to one of ordinary skill in the art to modify Ebrahimi’s invention using RSA’s teachings so that the second device is configured to generate the additional codes when offline and without the need for an internet connection. The rationale for why it is obvious is that doing so is nothing more than simple substitution of one known element (i.e. type of code generator) for another (i.e. different type of code generator) to achieve predictable results, see KSR Int'l Co. v. Teleflex, Inc., 550 U.S. 398 (2007).
Claim 15:
Ebrahimi further discloses that said images generated by the first
device are dynamic and contain one or more of the following information
(paragraphs 65-67, 69, and 99-101; and Fig 4A; The QR code is based on the envelope ID and is therefore dynamic, changing over time):
- static authentication data of the user, the provider, and the request, - data derived from a unique code registered on the device, which characterizes the user's device, - non-programmable, time-varying data, used in combination with other data to generate codes to be presented and read via images (paragraphs 99-101; The QR code is based on the envelope ID and is therefore dynamic, changing over time).
Claim 16:
Ebrahimi further discloses that said non-programmable, time-varying
data, automatically emitted by said code generation device, is absolute time (paragraphs 00-101).
Claim 17:
Ebrahimi further discloses that said dynamic images are multidimensional and generated using the function P-QRCode(Tx) = F(FixQRcode, IMEI, Tx) and in that said validation device authenticates the sequence of images received and confirms the user's identity using the function FixQRCode = F'(P-QRCode(TX), IMEI, Tx) where - FixQRCode includes the static authentication data of the user, the provider, and the request, - P-QRCode(Tx) is the code dynamically generated at time Tx, It is then represented via a QR Code - IMEI is the unique device identification code for generating codes and presenting them via images or a secret software key stored on the device to identify it, and - Tx is a variable that takes into account information independent of the information entered by the user (paragraph 99).
Claim 18:
Ebrahimi further discloses that said first device comprises a mobile telephone communication device issuing an image onto a screen (paragraph 46).
Claim 19:
Ebrahimi further discloses that said image-reading device is placed
inside said mobile communication device (paragraph 46).
Claim 20:
Ebrahimi further discloses that said second device outputs an
authentication signal upon successful authentication of the user (paragraph 66; and Fig 4A, item 435).
Claim 21:
Ebrahimi further discloses that said authentication signal activates one
of an identity confirmation warning control, an electromechanical or electromagnetic device, or other control device (paragraph 66; and Fig 4A, item 435).
Claim 24:
Ebrahimi further discloses that said first device and said image-reading device, each stores respective univocal data at the moment of first communication in order to allow identification of the other device under any condition of the telecommunication network (paragraphs 99-101).
Allowable Subject Matter
Claims 14 and 22-23 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
The following is a statement of reasons for the indication of allowable subject matter: Claims 14 and 22 recite further limitations not taught by the prior art. Claim 23 dependent on claim 22.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to PONNOREAY PICH whose telephone number is (571)272-7962. The examiner can normally be reached M-F 9am-5pm EST, 10am-6pm during Daylight Savings Time.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached at 571-272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/PONNOREAY PICH/Primary Examiner, Art Unit 2495