DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
1. Claims 1 – 20 are currently pending in this application.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1-9, 11-18, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Ahn et al. (Pre-Grant Publication No. US 2018/0349585 A1), hereinafter Ahn, in view of BERTIN (Pre-Grant Publication No. US 2013/0070924 A1), hereinafter Bertin.
2. With respect to claim 1, Ahn taught a device, comprising: a biosensor configured to collect biometric data from a user (0004); and an authentication system configured to: perform a user authentication based on the collected biometric data (0004); after performance of the user authentication: receive a request to confirm an authentication of the user (0041); and based on the user authentication and the received sensor data, confirm that the user has been authenticated (0042).
However, Ahn did not explicitly state to receive sensor data indicating that the user remains collocated with the device. On the other hand, Bertin did teach to receive sensor data indicating that the user remains collocated with the device (0069). Both of the systems of Ahn and Bertin are directed towards biometric authentication and therefore, it would have been obvious to a person having ordinary skill in the art, at the time of the effective filing of the invention, to modify the teachings of Ahn, to utilize continuous re-authentication that did not require user input, as taught by Bertin, in order to provide a more “user-friendly” system based on technology that was contemporary to the time of the invention.
3. With respect to claim 15, Ahn taught a non-transitory computer readable medium having program instructions stored therein that are executable by a device to perform operations (0013, the memory) comprising: performing a biometric authentication of a user in response to a first authentication request (0041); based on the biometric authentication and the received sensor data, continuing to indicate that the user has been authenticated in response to a second authentication request (0042).
However, Ahn did not explicitly state receiving sensor data indicating that the user remains collocated with the device after performance of the biometric authentication. On the other hand, Bertin did teach receiving sensor data indicating that the user remains collocated with the device after performance of the biometric authentication (0069). Both of the systems of Ahn and Bertin are directed towards biometric authentication and therefore, it would have been obvious to a person having ordinary skill in the art, at the time of the effective filing of the invention, to modify the teachings of Ahn, to utilize continuous re-authentication that did not require user input, as taught by Bertin, in order to provide a more “user-friendly” system based on technology that was contemporary to the time of the invention.
4. With respect to claim 20, Ahn taught a method comprising: determining, by an authentication system of a device, to indicate, for an initial time period, that a user has been authenticated based on a successful biometric authentication of the user (0004, where the threshold time period implicitly teaches that the initial time is determined).
However, Ahn did not explicitly state receiving, by the authentication system, sensor data indicating the user continuously maintains possession of the device; and based on the sensor data, determining, by the authentication system, to extend the time period in which the authentication system indicates that the user has been authenticated. On the other hand, Bertin did teach receiving, by the authentication system, sensor data indicating the user continuously maintains possession of the device (0069); and based on the sensor data, determining, by the authentication system, to extend the time period in which the authentication system indicates that the user has been authenticated (0069, where the continuous connection teaches the extended time under broadest reasonable interpretation). Both of the systems of Ahn and Bertin are directed towards biometric authentication and therefore, it would have been obvious to a person having ordinary skill in the art, at the time of the effective filing of the invention, to modify the teachings of Ahn, to utilize continuous re-authentication that did not require user input, as taught by Bertin, in order to provide a more “user-friendly” system based on technology that was contemporary to the time of the invention.
5. As for claim 2, it is rejected on the same basis as claim 1. In addition, Ahn taught wherein the authentication system is configured to: based on the user authentication, determine to indicate, for an initial indication period, that the user has been authenticated (0034); receive periodic captured samples of the sensor data (Bertin: 0069); and based on the periodically captured samples, determine to extend the indication period without performing another biometric user authentication (Bertin: 0069, where the continuous connection teaches the extended time under broadest reasonable interpretation).
5. As for claim 3, it is rejected on the same basis as claim 1. In addition, Ahn taught wherein the authentication system is configured to: receive additional sensor data indicating that the user is no longer collocated with the device (Bertin: 0069); and in response to a subsequent authentication request, require the user to perform another biometric authentication using the biosensor (0042, the subsequent authentication).
5. As for claim 4, it is rejected on the same basis as claim 1. In addition, Bertin taught wherein the device is a wearable device (0069, the glasses); and wherein the authentication system is configured to: analyze the sensor data to confirm that the sensor data indicates that the user continues to wear the device after performance of the user authentication (0069, the continuous authentication).
5. As for claim 5, it is rejected on the same basis as claim 1. In addition, Ahn taught wherein the received sensor data includes data provided by the biosensor (0018).
5. As for claim 6, it is rejected on the same basis as claim 1. In addition, Bertin taught wherein the biosensor includes a camera configured to: capture images of an eye of the user; and wherein the authentication system is configured to: perform the user authentication by comparing an iris in a sequence of the captured images to an iris of an authorized user (0013); and after performance of the user authentication, analyze a captured image of the sensor data to determine that an eye of the user remains in a field of a view of the camera (0025).
5. As for claim 7, it is rejected on the same basis as claim 6. In addition, Bertin taught wherein the camera is configured to: provide ones of the captured images to the authentication system (0025); and provide ones of the captured images to a gaze tracking system of the device (0068).
5. As for claim 8, it is rejected on the same basis as claim 1. In addition, Ahn taught wherein the sensor data includes sensor data provided from one or more sensors distinct from the biosensor (0018, where multiple sensors, for recording different types of data, can be seen).
5. As for claim 9, it is rejected on the same basis as claim 8. In addition, Bertin taught a proximity sensor configured to: provide, to the authentication system, sensor data indicative of a proximity of the user to the device (0091); and wherein the authentication system is configured to: analyze the provided sensor data to determine whether the user remains proximal to the device (0093).
5. As for claim 11, it is rejected on the same basis as claim 1. In addition, Bertin taught a camera configured to: provide sensor data including capture images of the user; and wherein the authentication system is configured to: analyze the provided sensor data to determine that a portion of the user remains in a field of view of the camera (0068).
5. As for claim 12, it is rejected on the same basis as claim 1. In addition, Ahn taught wherein the authentication system is configured to: analyze the sensor data including verifying a signature generated from the sensor data by a sensor providing the sensor data, wherein confirming that the user has been authenticated is further based on a successful verification of the signature (0038).
5. As for claim 13, it is rejected on the same basis as claim 1. In addition, Ahn taught wherein the authentication system is configured: perform an initial authentication that is not based on biometric data; receive an indication that a user has requested a particular action; and based on a stored policy, require the user to perform the user authentication based on the collected biometric data before granting performance of the particular action (0041-0042).
5. As for claim 14, it is rejected on the same basis as claim 13. In addition, Ahn taught wherein the particular action is accessing a credential securely stored in the device (0066, where maintaining personal information data to be private and secure, implicitly teaches the secure credential).
5. As for claim 16, it is rejected on the same basis as claim 15. In addition, Bertin taught wherein the operations further comprise: continually analyzing the sensor data to determine whether the user remains collocated with the device; and in response to determining that the user no longer remains collocated with the device, discontinuing indicating that the user has been authenticated (0093, where the device turns off).
5. As for claim 17, it is rejected on the same basis as claim 16. In addition, Bertin taught wherein the analyzing includes: analyzing the sensor data to determine whether the user continues to wear the device (0069).
5. As for claim 18, it is rejected on the same basis as claim 15. In addition, Bertin taught wherein performing the biometric authentication includes: analyzing a plurality of image frames captured by a camera positioned in front of the user's eye to compare an iris of the user with an iris of an authorized user (0013 & 0025); and wherein continuing to indicate that the user has been authenticated includes: analyzing a periodically received image frame from the camera and included in the sensor data to confirm that the user's eye remains in a field of view of the camera (0093).
Claim(s) 10 & 19 are rejected under 35 U.S.C. 103 as being unpatentable over Ahn, in view of Bertin, and in further view of Khuri-Yakub et al. (Pre-Grant Publication No. US 2024/0346120 A1), hereinafter Khuri.
5. As for claim 10, it is rejected on the same basis as claim 9. However, Ahn did not explicitly state a skin contact sensor configured to: provide, to the authentication system, sensor data indicative of whether the user's skin is contacting the device; and wherein the authentication system is configured to: analyze the provided sensor data to determine whether the user's skin remains in contact with the device. On the other hand, Khuri did teach a skin contact sensor configured to: provide, to the authentication system, sensor data indicative of whether the user's skin is contacting the device; and wherein the authentication system is configured to: analyze the provided sensor data to determine whether the user's skin remains in contact with the device (0240 & 0246). Both of the systems of Ahn and Khuri are directed towards managing user authentications and therefore, it would have been obvious to a person having ordinary skill in the art, at the time of the effective filing of the invention to modify the teachings of Ahn, to utilize continuous user touch and mechanical input, as taught by Khuri, in order to provide a more robust means of determining authentication by ensuring the user’s presence and identify.
5. As for claim 19, it is rejected on the same basis as claim 15. However, Ahn did not explicitly state wherein the operations further comprise: based a requested action in the second authentication request, reviewing a policy to determine whether an expressed intent is required to grant the action in addition to the user remaining collocated with the device; in response to determining that the policy requires an expressed intent, requesting that the user provide a mechanical input to the device; and indicating that the user has been authenticated based on the biometric authentication, the received sensor data, and the mechanical input. On the other hand, Khuri did teach wherein the operations further comprise: based a requested action in the second authentication request, reviewing a policy to determine whether an expressed intent is required to grant the action in addition to the user remaining collocated with the device (0240); in response to determining that the policy requires an expressed intent, requesting that the user provide a mechanical input to the device; and indicating that the user has been authenticated based on the biometric authentication, the received sensor data, and the mechanical input (0240 & 0246, where the policy is given in order for the system to function under broadest reasonable interpretation). Both of the systems of Ahn and Khuri are directed towards managing user authentications and therefore, it would have been obvious to a person having ordinary skill in the art, at the time of the effective filing of the invention to modify the teachings of Ahn, to utilize continuous user touch and mechanical input, as taught by Khuri, in order to provide a more robust means of determining authentication by ensuring the user’s presence and identify.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
(a) Missig et al. (Pre-Grant Publication No. US 2018/0335936 A1), 0260, 3000.
(b) Dickinson (Pre-Grant Publication No. US 2017/0323130 A1), 0044-0045.
(c) Pedersen (Pre-Grant Publication No. US 2016/0140379 A1), 0014, 0152.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOSEPH L GREENE whose telephone number is (571)270-3730. The examiner can normally be reached Monday - Thursday, 10:00am - 4:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Nicholas R. Taylor can be reached at 571 272-3889. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/JOSEPH L GREENE/Primary Examiner, Art Unit 2443