SYSTEMS AND METHODS FOR MONITORING THE SECURITY OF A COMPUTER SESSION

DETAILED ACTION This office action has been issued in response to communications received on 12/31/2025. New claim 33 was added. Claims 16-28, 30, and 32 were cancelled. Claims 1-15, 29, 31 and 33 are presented for examination. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Arguments filed 12/31/2025 Applicant’s clarification that claim 28 was cancelled is sufficient to overcome the objection to that claim. Accordingly, the objection to claim 28 is withdrawn. Applicant’s Remarks regarding the rejection of claims 1-15, 29, 31 and 33 under 35 USC 103 have been considered, but were found non-persuasive. Applicant argues on pages 6-7 of the Remarks that Zager fails to teach the claim limitation “at a dedicated browser executing on a computer system comprising a camera and one or more processors and memory, wherein the dedicated browser is restricted to accessing a predefined set of one or more webpages” because “Zager discloses an interceptor that operates on a standard web browser and intercepts calls by the user” and “Zager does not teach or suggest that the interceptor is a web browser or that the disclosed web browser itself is restricted to accessing a predefined set of one or more webpages”, however the Examiner respectfully disagrees. The issue is not whether the Interceptor is a browser, but whether the client web browser of Zager is “restricted to accessing a predefined set of one or more web pages”. The Examiner notes that the claims do not specify HOW the browser is restricted (i.e. is the browser restricted by what can be typed into it or by what it is allowed to access) – so any means of controlling the webpages the browser accesses meets the limitations of the claim. Zager discloses using an Interceptor to reroute a client browser to a proxy or webpages approved by the Interceptor, therefore Zager teaches a client web browser is restricted to the proxy or webpages (i.e. predefined set of webpages) approved by the Interceptor (paras. [0032], [0034]-[0035], [0038]-[0039]). Specifically, Zager teaches the Interceptor intercepts a call from a web browser to access a specific domain or URL, where accessing the URL matches a class of calls such as accessing protected memory, and causes the call to be rerouted to a proxy (para. [0034]) acting as a security service that is part of a Cloud Access Security Broker (CASB) (para. [0032]). As part of the CASB, the proxy is responsible for “intercepting user instructions to remote systems (for example websites) and controlling user access to the remote systems” (paras. [0031]-[0032]). The Interceptor may also be implemented as a browser extension (para. [0035]). The client devices also include built-in biometric devices such as cameras (para. [0038]). Therefore, Zager clearly discloses that actions of a web browser to access webpages are restricted to webpages approved by the Interceptor running on a user device comprising a built-in camera. As such, Zager teaches the limitations of the claims as cited. Applicant is free to amend the claims to further specify how the web browser is restricted. Applicant further argues on page 8 of the Remarks that Zager does not teach any of newly added dependent claim 33 because Zager does not teach or suggest “whether the specified user is physically adjacent to the computer system before, while, and after accessing the respective webpage”, however the Examiner respectfully disagrees. The Examiner notes that the claim does not require continuous monitoring – only monitoring before and after accessing the webpage. Zager is directed to ensuring that “subsequent actions taken by the initiating user” after the user has authenticated for the intended purpose of logging into the system do not constitute a security attack (para. [0008]). Therefore, Zager teaches the Interceptor can be configured to redirect user calls to access a webpage thru a proxy and dynamically-invoke presence detection using a camera to authenticate the user as physically proximate to the user computer as a preliminary login step to permitting access of the webpage (paras. [0030]-[0032], [0034]), and the Interceptor can also be employed during “subsequent visits” (para. [0043]) or configured to wait for a specific user action (i.e. such as accessing a function on the respective webpage after being granted access to the webpage) before automatically and transparently implementing user additional authentication such as presence technology using a camera to verify the user’s presence as physically proximate to the user computer (paras. [0034]-[0035]). Zager goes on to say that “an Interceptor may be made generic to a range of user actions, or any requested access to a protected function that falls within a broad category). Combinations of these techniques may also be used. As this discussion makes clear, these techniques can be implemented in a number of different ways, typically by software, for example, in connection with access to protected resources (e.g., a computer's memory), functions performed within a particular software application, in connection with a predetermined operating system call, in connection with a particular interchange or command between machines (e.g., an on-line banking command to transfer funds), or in connection with access to a remote resource.” (para. [0035]). Therefore, Zager broadly teaches that the Interceptor can be configured to require the user to perform presence authentication both as a preliminary step before granting access to a user-requested webpage (i.e. as a preliminary step before access to webpage is granted) as well as in response to any specified user action taken with respect to the webpage after it has been accessed (i.e. requiring presence authentication to be performed in response to a user action). This goes towards Zager’s stated purpose of “improving network and system security, ideally using techniques that verify, even subsequent to a legitimate system or session logon, that specific actions are individually initiated or approve[d] of by the authorized user” (para. [0015]). Consequently, Zager teaches the limitations for which it is cited. The remaining arguments fail to comply with 37 C.F.R. 1.111(b) because they amount to a general allegation that the claims define a patentable invention without specifically pointing out how the language of the claims patentably distinguishes them from the references. Consequently, the rejection of the claims under 35 U.S.C. 103 is sustained. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention. In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. Claims 1-2, 4-12, 29 and 31 are rejected under 35 U.S.C. 103 as being unpatentable over Zager (US 2018/0295137). Regarding claim 1, Zager discloses the limitations of claim 1 substantially as follows: A method, comprising: at a dedicated browser executing on a computer system comprising a camera and one or more processors and memory, wherein the dedicated browser is restricted to accessing a predefined set of one or more webpages (Paras. [0032], [0034]-[0035], [0038]-[0039]: Interceptor reroutes a client web browser, comprising a client device with a processor, memory and camera, to a proxy or webpages approved by the Interceptor (i.e. a predefined set of webpages)): accessing a respective webpage of the predefined set of one or more webpages through a respective proxy server of a set of one or more proxy servers (Paras. [0029]-[0034]: Interceptor redirects the web browser to a predefined web page via a proxy); while accessing the respective webpage through the set of one or more proxy servers, monitoring whether a specified user is physically adjacent to the computer system using the camera and biometric information for the specified user (Paras. [0028], [0032], [0034], [0039], [0069]: After interception and redirection to proxy, dynamically-invoked presence detection uses a camera and other biometric information to authenticate and verify the user’s presence as physically proximate to the user computer); and in accordance with a determination that the specified user is not physically adjacent to the computer system, taking a remedial action (Paras. [0063], [0065], [0076]: Upon verification failure, the user is offered the opportunity to retry authenticating (i.e. remedial action)). Zager does not explicitly teach rerouting to a set of predefined webpages, it would have been obvious to one of ordinary skill in the art that Zager teaches such functionality because Zager teaches the Interceptor reroutes a client’s web browser through proxy URLs so that attempts to access and interact with a requested service would be carried out through the security services of the proxy (para. [0032]). It would be obvious to one ordinary skill in the art that the webpages constituting the proxy URLs would be predefined so that the system would know where to redirect the client’s web browser when a request for the service is received. Regarding claim 2, Zager teaches the limitations of claim 1. Zager teaches the limitations of claim 2 as follows: The method of claim 1, wherein the remedial action includes terminating access to the respective webpage (Paras. [0065]: The process is terminated after verification failure). Regarding claim 4, Zager teaches the limitations of claim 1. Zager teaches the limitations of claim 4 as follows: The method of claim 1, further comprising: receiving, from an enterprise server: a list specifying the predefined set of one or more webpages to which the dedicated browser is configured to access (Paras. [0029], [0031]-[0032], [0034]: A specified set of webpages, e.g. proxy.service.com, is predefined for the client device); and identifiers of the set of one or more proxy servers through which the dedicated browser is configured to access the predefined set of one or more webpages (Paras. [0029], [0031]-[0032], [0034]: The browser is configured to access the proxy through the predefined proxy.service.com address). Regarding claim 5, Zager teaches the limitations of claims 1 and 4. Zager teaches the limitations of claim 5 as follows: The method of claim 4, further comprising, receiving, from the enterprise server, a temporary authentication credential that allows the dedicated browser to access webpages from the predefined set of one or more webpages through the set of one or more proxy servers (Paras. [0032], [0034], [0039]: receiving one-time passwords from the authentication server (i.e. enterprise) which allow the user’s browser to log into webpage using the dedicated browser of the proxy temporarily as an authorized device to enable access to the proxy). Regarding claim 6, Zager teaches the limitations of claims 1 and 4. Zager teaches the limitations of claim 6 as follows: The method of claim 4, wherein the remedial action includes reporting a first status of the specified user to the enterprise server indicating that the specified user is not physically adjacent to the computer system (Paras. [0039], [0049], [0063], [0065], [0069]: After failing to authenticate using camera footage of user (i.e. indicating user is not physical adjacent), authentication server receives a verification failure message and updates database with verification result of authentication attempt (i.e. reporting status of user)). Regarding claim 7, Zager teaches the limitations of claims 1 and 4. Zager teaches the limitations of claim 7 as follows: The method of claim 4, further including: receiving, from the enterprise server, information from a user profile of the specified user, wherein the information from the user profile includes the biometric information for the specified user (Paras. [0028], [0039], [0043] and [0049]: User profile information comprising biometric information stored in remote Authorization Server 140 is used to authenticate users). Regarding claim 8, Zager teaches the limitations of claims 1, 4 and 7. Zager teaches the limitations of claim 8 as follows: The method of claim 7, wherein the information from the user profile includes the identifiers of the set of one or more proxy servers through which the dedicated browser is configured to access the predefined set of one or more webpages (Paras. [0031]-[0032], [0039], [0043], [0049]: database storing user information includes identifiers for permitted entities and authentication-process ID’s (i.e. where the security service of the proxy is an authentication process)). Regarding claim 9, Zager teaches the limitations of claims 1, 4 and 7. Zager teaches the limitations of claim 9 as follows: The method of claim 7, wherein the information from the user profile includes the list specifying the predefined set of one or more webpages to which the dedicated browser is configured to access (Paras. [0031]-[0032], [0039], [0043], [0049]: authentication-process ID’s and identifiers for permitted entities of a user are stored in user database corresponding to proxy URL of the security service used for performing authentication processing of user request via web browser access). Regarding claim 10, Zager teaches the limitations of claims 1 and 4. Zager teaches the limitations of claim 10 as follows: The method of claim 4, wherein the list specifying the predefined set of one or more webpages is designated by a third-party administrator associated with a third-party administrator server, distinct from the enterprise server (Paras. [0031]-[0032], [0039], [0041], [0043], [0049]: A specified set of webpages, e.g. proxy.service.com, is predefined for the client device by a third party providing the authentication services). Regarding claim 11, Zager teaches the limitations of claims 1, 4 and 10. Zager teaches the limitations of claim 11 as follows: The method of claim 10, further including, providing, by the dedicated browser, to the third-party administrator server, information identifying the specified user that is accessing the respective webpage through the respective proxy server (Paras. [0031]-[0032], [0039], [0041], [0043]-[0044], [0049]: providing the third party authentication information from the client); wherein the third-party administrator server is enabled to: request a log-in status of the specified user from the enterprise server using the information identifying the specified user (Paras. [0041], [0044], [0049], [0046]: The third party providing the authentication services receives user request and information and can use user id to obtain verification result (i.e. log-in status of user) of user from database); and, based on the log-in status of the specified user from the enterprise server, terminate access to the respective webpage at the respective proxy server (Paras. [0041], [0044], [0046], [0065]: third party providing authentication services can revoke user privileges, terminating access based on revoking of privileges or verification data in user accounts table (i.e. verification/log-in status as failed)). Regarding claim 12, Zager teaches the limitations of claims 1 and 4. Zager teaches the limitations of claim 12 as follows: The method of claim 4, further including, providing, by the dedicated browser, to the respective proxy server, information identifying the specified user that is accessing the respective webpage through the respective proxy server (Paras. [0031]-[0032], [0041], [0044], [0046]: Proxy authentication service receives authentication information from the user attempting to login); wherein the respective proxy server is enabled to: request a log-in status of the specified user from the enterprise server using the information identifying the specified user (Paras. [0031]-[0032], [0041], [0044], [0049], [0046]: proxy authentication service receives user request and information and can use user id to obtain verification result (i.e. log-in status of user) of user from database); and, based on the log-in status of the specified user from the enterprise server, terminate access to the respective webpage at the respective proxy server (Paras. [0031]-[0032], [0041], [0044], [0046], [0049], [0065]: proxy providing authentication services can revoke user privileges, terminating access based on revoking of privileges or verification data in user accounts table (i.e. verification/log-in status as failed)). Regarding claim 29, Zager teaches the limitations substantially as follows: A computer system, comprising: a camera; one or more processors; and memory, wherein the memory stores one or more programs including a dedicated browser that is restricted to accessing a predefined set of one or more webpages (Paras. [0032], [0034]-[0035], [0038]-[0039]: Interceptor reroutes a client web browser, comprising a client device with a processor, memory and camera, to a proxy or webpages approved by the Interceptor (i.e. a predefined set of webpages)), the dedicated browser including instructions for: accessing a respective webpage of the predefined set of one or more webpages through a respective proxy server of a set of one or more proxy servers (Paras. [0029]-[0034]: Interceptor redirects the web browser to a predefined web page via a proxy); while accessing the respective webpage through the set of one or more proxy servers, monitoring whether a specified user is physically adjacent to the computer system using the camera and biometric information for the specified user (Paras. [0028], [0032], [0034], [0039], [0069]: After interception and redirection to proxy, dynamically-invoked presence detection uses a camera and other biometric information to authenticate and verify the user’s presence as physically proximate to the user computer); and in accordance with a determination that the specified user is not physically adjacent to the computer system, taking a remedial action (Paras. [0063], [0065], [0076]: Upon verification failure, the user is offered the opportunity to retry authenticating (i.e. remedial action)). Zager does not explicitly teach rerouting to a set of predefined webpages, it would have been obvious to one of ordinary skill in the art that Zager teaches such functionality because Zager teaches the Interceptor reroutes a client’s web browser through proxy URLs so that attempts to access and interact with a requested service would be carried out through the security services of the proxy (para. [0032]). It would be obvious to one ordinary skill in the art that the webpages constituting the proxy URLs would be predefined so that the system would know where to redirect the client’s web browser when a request for the service is received. Regarding claim 31, Zager teaches the limitations substantially as follows: A non-transitory computer-readable storage medium storing one or more programs for execution by a computer system with a camera, the one or more programs including a dedicated browser that is restricted to accessing a predefined set of one or more webpages (Paras. [0032], [0034]-[0035], [0038]-[0039]: Interceptor reroutes a client web browser, comprising a client device with a processor, memory and camera, to a proxy or webpages approved by the Interceptor (i.e. a predefined set of webpages)), the dedicated browser including instructions for: accessing a respective webpage of the predefined set of one or more webpages through a respective proxy server of a set of one or more proxy servers (Paras. [0029]-[0034]: Interceptor redirects the web browser to a predefined web page via a proxy); while accessing the respective webpage through the set of one or more proxy servers, monitoring whether a specified user is physically adjacent to the computer system using the camera and biometric information for the specified user (Paras. [0028], [0032], [0034], [0039], [0069]: After interception and redirection to proxy, dynamically-invoked presence detection uses a camera and other biometric information to authenticate and verify the user’s presence as physically proximate to the user computer); and in accordance with a determination that the specified user is not physically adjacent to the computer system, taking a remedial action (Paras. [0063], [0065], [0076]: Upon verification failure, the user is offered the opportunity to retry authenticating (i.e. remedial action)). Zager does not explicitly teach rerouting to a set of predefined webpages, it would have been obvious to one of ordinary skill in the art that Zager teaches such functionality because Zager teaches the Interceptor reroutes a client’s web browser through proxy URLs so that attempts to access and interact with a requested service would be carried out through the security services of the proxy (para. [0032]). It would be obvious to one ordinary skill in the art that the webpages constituting the proxy URLs would be predefined so that the system would know where to redirect the client’s web browser when a request for the service is received. Claims 13-15 are rejected under 35 U.S.C. 103 as being unpatentable over Zager (US 2018/0295137), as applied to claim 1, further in view of Falcy (US20190073202). Regarding claim 13, Zager teaches the limitations of claim 1. Zager teaches the limitations of claim 13 as follows: The method of claim 1, further comprising: prior to accessing the respective webpage, receiving a link to download the dedicated browser (Paras. [0034]: The Interceptor is downloaded to the client (i.e. interceptor link acts as an identifier for the client) for execution by the specified user), Zager does not explicitly teach the remaining limitations of claim 13 as follows: wherein the link includes an identifier of the specified user. However, in the same field of endeavor, Falcy discloses the limitations of 13 as follows: using the link, on only a single computing system (Falcy, paras. [0069], [0095]-[0097], [0105]: link for downloading software package is encrypted using unique identifier of intelligent electronic device (IED) so that the package may be used by the corresponding IED). Zager and Falcy are combinable because both are from the same field of endeavor of authenticating a user. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to integrate Falcy’s method of encrypting software packages delivered to a user device to be installed based on a unique identifier of the device with the system of Zager in order to increase the security of the system by enabling tracking of specific instances of the installed software to better identify when the installed software needs to be updated or terminated. Regarding claim 14, Zager and Falcy teach the limitations of claims 1 and 13. Zager and Falcy teach the limitations of claim 14 as follows: The method of claim 13, wherein the dedicated browser is configured to be installed (Zager, Paras. [0034]: The Interceptor may be installed conditionally on the client system), using the link, on only a single computing system (Falcy, paras. [0069], [0095]-[0097], [0105]: link for downloading software package is encrypted using unique identifier of intelligent electronic device (IED) so that the package may be used by the corresponding IED). The same motivation to combine utilized in claim 13 is equally applicable in the instant claim. Regarding claim 15, Zager and Falcy teach the limitations of claims 1 and 13. Zager and Falcy teach the limitations of claim 15 as follows: The method of claim 13, wherein the dedicated browser is configured to be used (Zager, Paras. [0031]-[0032], [0034]: The Interceptor may include an authentication call as a preliminary step to only authenticate a specified user), once installed using the link, only by the specified user (Falcy, paras. [0069], [0095]-[0097], [0105]: link for downloading software package is encrypted using unique identifier of intelligent electronic device (IED) so that the package may be used by the user with the corresponding IED). The same motivation to combine utilized in claim 13 is equally applicable in the instant claim. Claim 3 is rejected under 35 U.S.C. 103 as being unpatentable over Zager (US 2018/0295137), as applied to claim 1, further in view of Han (US 2019/0220647). Regarding claim 3, Zager teaches the limitations of claim 1. Zager teaches the limitations of claim 3 as follows: The method of claim 1, wherein: the remedial action includes indicating a length of time before access to the respective webpage is terminated (Zager, Paras. [0027]: The user is given an allotted time for authentication before access to website to login is terminated); and the method further includes: at completion of the countdown timer, terminating access to the respective webpage (Zager, Paras. [0027]: After the allotted time Is completed, the authentication is terminated). Zager does not explicitly disclose the remaining limitations of claim 3 as follows: displaying a countdown timer However, in the same field of endeavor, Han discloses the remaining limitations of claim 3 as follows: displaying a countdown timer (Han, paras. [0334], Fig. 8A: displaying credential authorization timer count downs the time left to re-enter fingerprints for authentication of a user for terminating access)) Zager and Han are combinable because both are from the same field of endeavor of authenticating a user. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to integrate Han’s method of displaying an authorization timer counting down the time until authentication can no longer be reattempted with the system of Zager in order to restrict the number of attempts to authenticate and enable a user to be aware of how long they have to reauthenticate after failing to authenticate an initial time. Claim 33 is rejected under 35 U.S.C. 103 as being unpatentable over Zager (US 2018/0295137), as applied to claim 1, further in view of Shahidzadeh (US 11,329,998 ). Regarding claim 33, Zager teaches the limitations of claim 1. Zager teaches the limitations of claim 33 as follows: The method of claim 1, further comprising: monitoring whether the specified user is physically adjacent to the computer system using the camera and second biometric information for the specified user before accessing the respective webpage through the set of one or more proxy servers (Paras. [0028], [0030]-[0032], [0034], [0039], [0069]: After interception and redirection to proxy, dynamically-invoked presence detection uses a camera and other biometric information to authenticate and verify the user’s presence as physically proximate to the user computer as a preliminary step before permitting access to the requested webpage); and monitoring whether the specified user is physically adjacent to the computer system using the camera and third biometric information for the specified user (Paras. [0028], [0034]-[0035], [0039], [0043], [0069]: Interceptor can be employed during “subsequent visits” to a website or after waiting for a specific user action (i.e. accessing a respective webpage) before automatically and transparently implementing user additional authentication such as presence technology using a camera and other biometric information to authenticate and verify the user’s presence as physically proximate to the user computer). Zager does not explicitly teach the remaining limitations of claim 33 as follows: monitoring using the camera and third biometric information for the specified user after accessing the respective webpage through the set of one or more proxy servers However, in the same field of endeavor, Shahidzadeh discloses the limitations of 33 as follows: monitoring using the camera and third biometric information for the specified user after accessing the respective webpage through the set of one or more proxy servers (col. 3, ll. 39-42, col. 4. l. 66 – col. 5, l. 7, col. 14, ll. 29-38, col. 15, ll. 40-50 & 60-65, col. 17, ll. 25-56, col. 21, ll. 63-67, col. 22, ll. 32-45: continuously (i.e. both before and after) accessing contextual and behavioral factors of one user entity, including user entity location and biometrics, using camera systems of the risk engine to determine user physical proximity and user presence after the user accesses a login and transaction request on a webpage thru proxy of risk engines). Zager and Shahidzadeh are combinable because both are from the same field of endeavor of authenticating a user using biometric and location information. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to integrate Shahidzadeh’s method of continuously collecting biometric and location spatial information of a user device with regards to the user environment and other devices with the system of Zager in order to increase the security of the system by enabling the system to more quickly identify when the user is engaging in unauthorized behavior by monitoring user behavior continuously rather than once or periodically. Prior art not relied upon but applied/considered includes: 1) Smith (2016/0127351) teaches determining whether the user is located in proximity of the client computing device by receiving information sensed by one or more sensors indicative of the proximity of the user to the client computing device (paras. [0031], [0063]). Conclusion For the above reasons, claims 1-15, 29, 31 and 33 are rejected. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHARON S LYNCH whose telephone number is (571)272-4583. The examiner can normally be reached on 10AM-6PM. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi T Arani can be reached on 571-272-3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /SHARON S LYNCH/Primary Examiner, Art Unit 2438