USER AUTHENTICATION FOR A RESOURCE USING CONTEXT BASED ENCRYPTION OF AUTHENTICATION TOKENS

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Arguments Applicant’s arguments with respect to claim(s) are rejected under 35 USC 103(a) have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument. Applicant argued in the remark that Chinta fails to teach or suggest that "the decrypting is failed if there is a mismatch between the first contextual data and the second contextual data" as recited by amended independent claims 1 and 20. Teotia, Teramoto, Wu, and McMurty fail to cure the deficiencies of Chinta. Examiner respectfully disagrees. Bao et al US 2017/0351852, 0085 the checking module 1108 receives a value transfer request sent by the mobile terminal, the value transfer request carrying the value transfer token, and the value transfer token carried in the value transfer request is a value transfer token obtained after the value transfer token is encrypted by the mobile terminal using the digital fingerprint. The checking module 1108 includes a decryption unit, configured to decrypt the encrypted value transfer token by invoking the digital fingerprint, if decryption succeeds, the value transfer token being valid; if decryption fails, the value transfer token being invalid. Pizano et al US 2007/0245152 discloses 0045 The biometric authentication server 26 unpacks the bundle received from the client 10 using the first token, as depicted in block 64. Unpacking the bundle is accomplished essentially by reversing the steps illustrated in FIG.3. For example, the bundle is decrypted a first time and a second time to reveal the user name, and the encrypted biometric data and password. The user name is separated from the encrypted biometric data and password, and the encrypted biometric data and password are decrypted and separated. In contrast to the bundling process illustrated in FIG. 3, when the biometric authentication server 26 unpacks the bundle, it performs the decryption using the second token as a decryption key. Therefore, if the first token, i.e. first contextual data, does not correspond to the second token, i.e. second contextual data, the decryption will fail. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1 - 20 are rejected under 35 U.S.C. 103 as being unpatentable over Teotia et al US 2023/0421558 in view of Chinta US 2024/0163276 in view of Teramoto et al US 2022/0038282 in view of Wu et al US 2008/0243996’ and McMurtry et al US 8,654,472 and Pizano et al US 2007/0245152. As per claim 1, Teotia discloses A non-transitory computer-readable medium including instructions that, when executed by at least one processor, cause the at least one processor to perform operations for enabling recurrent use of authentication tokens, wherein the authentication tokens in their original form are not exposed in a clear text format, the operations comprising: identifying, by a computing device, a request by a user to access a resource (fig.4, 0073/0074, a first request for service as resource 0007 a first request for a service, the user including at least one from among a person and an application; transmitting, by the at least one processor to an identity provider, ); receiving, from an identity provider service, a token for authentication of the user ( fig.5, the authentication token is received from the Identity provider); encrypting the token based on a secret inputted by the user with first contextual data associated with at least one of: the user, the resource, or a source of the first request ( 0007a request for an identity authentication token that relates to the user ); a second request by the user to access the resource (fig.4, S406, receive a second service request with the token); a second contextual data being associated with at least one of: the user, the resource, or a source of the second request (0007a request for an identity authentication token that relates to the user ); and based on validating the token with the identity provider service (0076] At step S408, the proxy service software authentication and authorization module 302 verifies that the user is authorized to submit the service request and then generates a user authorization based on the verification. In an exemplary embodiment, the verification is based on the identity authentication token. Referring to FIG. 5, this operation is shown as a verification of the client authorization performed by the proxy server ), determining whether the user is permitted to access the resource ([0079] At step S414, the proxy service software authentication and authorization module 302 transmits data that is responsive to the service request to the user.The received response, i.e. permitted, includes data that is usable for providing the requested service, and as a result, the user effectively receives the requested service). Teotia fails to disclose identifying, identifying, during a first time, by a computing device associated with a software application, a first request by a user to access a resource; encrypting the token; identifying, by the computing device, and during a second time later than the first time; receiving the secret inputted by the user; decrypting the encrypted token based on the user input; identifying, during a fist time, by a computing device associated with a software application, a first request; identifying a second time later than the first time, a second request by the user to access resource. However, Chinta discloses encrypting the token (0005 encrypting a digital token using an identification code, i.e. secret, for a computing device to form an encrypted digital token) ; identifying, by the computing device, and during a second time later than the first time (0017 the limited duration of time may define an expiry time of the digital token, ); receiving the secret inputted by the user ( 0005 transmitting, inputting, the identification code, i.e. secret, to the computing device; and iv) expunging the digital token and the identification code and 0019 the refresh token may be used to obtain a new access token, i.e. token of second request, to replace a previously created access token, i.e. token of the first request, when the previously created access token becomes invalid or expires, i.e. second time later than the first time.); decrypting the encrypted token based on the user input ( 0005 token management operations may comprise decrypting the encrypted digital token using the identification code to recover the digital token.) Teotia and Chinta are both considered to be analogous to the claimed invention because they are in the same field of usable token. Therefore, it would have been obvious to someone of ordinary skill in the art before the effective filing date of the claimed invention to have modified Chinta to incorporate the teachings of Teotia and provide encrypting and decrypting token with the same secret. Doing so would using the symmetric encryption, thereby providing faster encryption and decryption process. The combination fails to disclose identifying, identifying, during a first time, by a computing device associated with a software application, a first request by a user to access a resource; secret inputted by the user to encrypt the token, and decrypt the token with the user input; identifying, during a fist time, by a computing device associated with a software application, a first request; identifying a second time later than the first time, a second request by the user to access resource. However, Teramoto et al US 2022/0038282 discloses secret inputted by the user to encrypt the token, and decrypt the token with the user input ( 0006 user input comprising at least a portion of a key used to encrypt the token. The second portion of the computing device may receive, from the server, the token. If the token is encrypted, the token may be decrypted using, e.g., the key). Teotia and Chinta and Teramoto are considered to be analogous to the claimed invention because they are in the same field of usable token. Therefore, it would have been obvious to someone of ordinary skill in the art before the effective filing date of the claimed invention to have modified Chinta to incorporate the teachings of Teotia, including the teaching of Teramoto and provide encrypting and decrypting token with the same secret. Doing so would using the symmetric encryption, thereby providing faster encryption and decryption process. The combination fails to disclose identifying, identifying, during a first time, by a computing device associated with a software application, a first request by a user to access a resource; identifying a second time later than the first time, a second request by the user to access resource. However, Wu discloses identifying, during a fist time, by a computing device associated with a software application, a first request ( Par 0036 discloses a client application of the client computers 1-4 identifies the client computer request or token passing for streaming content from the steaming server 8. Wherein it can be seen as the first request at the first point in time has been identified by the client computers 1-4 for streaming content from the streaming server 8. The second request for data at the second point in time will be identified by the client computers 1-4 for streaming content from the streaming server 8. ); identifying a second time later than the first time, a second request by the user to access resource (Wu et al US 2008/0243996’ 0007 discloses the method comprising identifying an instance of substantially simultaneous requests for data being made to a server from two client devices on a same network. in response to a first request for the data being received from a first one of the two client devices at a first point in time, serving the first client device with the requested data from the server such that the data is stored in the shared cache on the first network, and directing that a second one of the two client devices make a second request for the data at a second point in time, wherein the second point in time is later than the first point in time so that the requested data is available in the stored cache). Teotia and Chinta and Teramoto and Wu are considered to be analogous to the claimed invention because they are in the same field of usable token. Therefore, it would have been obvious to someone of ordinary skill in the art before the effective filing date of the claimed invention to have modified Chinta to incorporate the teachings of Teotia, including the teaching of Teramoto, including teaching of Wu and provide encrypting and decrypting token with the same secret. The combination fails to disclose identifying, identifying, during a first time, by a computing device associated with a software application, a first request by a user to access a resource. However, McMurtry et al discloses identifying, identifying, during a first time, by a computing device associated with a software application, a first request by a user to access a resource (col 5, lines 34-35 evaluate the request and claim 7, receiving a first request to access the protected resource from a communication network with a computing device from a client identifying the protected resource of a Web service evaluating the first request upon receiving the first request, and the first request being associated with a first authentication level, a type and one or more properties of the protected resource). Teotia and Chinta and Teramoto and Wu and McMurtry are considered to be analogous to the claimed invention because they are in the same field of usable token. Therefore, it would have been obvious to someone of ordinary skill in the art before the effective filing date of the claimed invention to have modified Chinta to incorporate the teachings of Teotia, including the teaching of Teramoto, including teaching of Wu, including the teaching of McMurtry and provide encrypting and decrypting token with the same secret. The combination fails to disclose identifying, identifying, during a first time, by a computing device associated with a software application, a first request by a user to access a resource. The combination fails to disclose the decrypting is failed if there is a mismatch between the first contextual data and the second contextual data" However, Pizano et al US 2007/0245152 discloses the decrypting is failed if there is a mismatch between the first contextual data and the second contextual data 0045 The biometric authentication server 26 unpacks the bundle received from the client 10 using the first token, as depicted in block 64. Unpacking the bundle is accomplished essentially by reversing the steps illustrated in FIG.3. For example, the bundle is decrypted a first time and a second time to reveal the user name, and the encrypted biometric data and password. The user name is separated from the encrypted biometric data and password, and the encrypted biometric data and password are decrypted and separated. In contrast to the bundling process illustrated in FIG. 3, when the biometric authentication server 26 unpacks the bundle, it performs the decryption using the second token as a decryption key. Therefore, if the first token, i.e. first contextual data, does not correspond to the second token, i.e. second contextual data, the decryption will fail. Teotia and Chinta and Teramoto and Wu and McMurtry and Pizano are considered to be analogous to the claimed invention because they are in the same field of usable token. Therefore, it would have been obvious to someone of ordinary skill in the art before the effective filing date of the claimed invention to have modified Chinta to incorporate the teachings of Teotia, including the teaching of Teramoto, including teaching of Wu, including the teaching of McMurtry, including the teaching of Pizano and provide encrypting and decrypting token with the same secret. The combination fails to disclose identifying, identifying, during a first time, by a computing device associated with a software application, a first request by a user to access a resource. As per claim 2. Teotia and Chinta and Teramoto and Wu and McMurtry and Pizano discloses The non-transitory computer-readable medium of claim 1, Teotia discloses wherein the second request uses a native remote protocol, and the computing device is configured to cause a display of a user interface to the user (par 0011 generating the request for the identity authentication token by mapping information included in the first request to an identity provider protocol via an application programming interface (API) that is used by the identity provider). As per claim 3. Teotia and Chinta and Teramoto and Wu and McMurtry and Pizano discloses the non-transitory computer-readable medium of claim 1, Teotia discloses wherein the receiving the token for authentication of the user is based on authenticating the user by the identity provider service based on an authentication credential associated with the user in relation to the first request ( par 0011, generating the request for the identity authentication token by mapping information included in the first request to an identity provider protocol via an application programming interface (API) that is used by the identity provider. [0012] The generating of the request for the identity authentication token may include using a technique that is based on at least one from among a Natural Language Processing (NLP) concept and a Natural Language Understanding (NLU) concept for generating the request for the identity authentication token). As per claim 4. Teotia and Chinta and Teramoto and Wu and McMurtry and Pizano discloses The non-transitory computer-readable medium of claim 1, Teramoto discloses wherein the first contextual data and the second contextual data comprise at least one of an IP address, username, local time zone, operating system version, or a host name (0045] Some embodiments include a first server 206a that receives requests from a client machine 240, forwards the request to a second server 206b (not shown), and responds to the request generated by the client machine 240 with a response from the second server 206b (not shown.) First server 206a may acquire an enumeration of applications available to the client machine 240 as well as address information associated with an application server 206 hosting an application identified within the enumeration of applications. First server 206a can then present a response to the client's request using a web interface, and communicate directly with the client 240 to provide the client 240 with access to an identified application. One or more clients 240 and/or one or more servers 206 may transmit data over network 230, e.g., network 101). As per claim 5. Teotia and Chinta and Teramoto and Wu and McMurtry and Pizano discloses the non-transitory computer-readable medium of claim 1,Teramoto discloses wherein the operations further include denying the user access to the resource ([0027] The components may include data server 103, web server 105, and client computers 107, 109. Data server 103 provides overall access, control and administration of databases and control software for performing one or more illustrative aspects describe herein. Data server 103 may be connected to web server 105 through which users interact with and obtain data as requested ). As per claim 6. Teotia and Chinta and Teramoto and Wu and McMurtry and Pizano discloses the non-transitory computer-readable medium of claim 5, Chinta discloses wherein denying the user access to the resource is based on a failure of the decrypting of the encrypted token, or a difference between the encrypted token and the decrypted token, the failure being based on a mismatch between the first contextual data and the second contextual data, or a mismatch between the secret inputted by the user for the first request and the secret inputted by the user for the second request (0003 the computer-implemented method may comprise: i) encrypting a digital token using an identification code for a computing device (for example, a symmetric encryption key that also serves to identify a designated mobile device) to form an encrypted digital token; assigning the encrypted digital token to the computing device; iii) transmitting the identification code to the computing device; and iv) expunging (for example, permanently deleting from volatile and/or non-volatile memory) the digital token and the identification code. In certain embodiments, for example, the computer-implemented method may further comprise generating the identification code using symmetric cryptography. In certain embodiments, for example, the identification code is transmitted to the computing device via a web browser of the computing device. In certain embodiments, for example, the identification code may be a private corresponding to a public key (for example, a public key-private key pair generated by asymmetric cryptography). In certain embodiments, for example, the computer-implemented method may further comprise storing the encrypted digital token in a database. In certain embodiments, for example, the computer-implemented method may further comprise storing the encrypted digital token remotely from the computing device. In certain embodiments, for example, the computing device may be a customer's computing device (for example, a customer's smartphone or personal computer) ). As per claim 7. Teotia and Chinta and Teramoto and Wu and McMurtry and Pizano discloses The non-transitory computer-readable medium of claim 1, Chinta discloses wherein the operations further comprise: requesting the user to load the secret after the second request is received; and identifying the second contextual data(0014 generally, on the discovery that each customer of a client entity can substantially mitigate the risk that the client entity's digital token store will be compromised by storing a token encryption key (for decrypting an encrypted digital token) as a non-public device identification code in secured memory of the customer's computing device. Token management operations based on this discovery allow the client entity expunge the token encryption key and an unencrypted digital token from its volatile and non-volatile memory, retaining only the customers' encrypted digital tokens (for example, in a database)). As per claim 8. Teotia and Chinta and Teramoto and Wu and McMurtry and Pizano disclsoes The non-transitory computer-readable medium of claim 1, Teotia discloses wherein the resource is on-premises (0004 a proxy service is a server application that may act as an intermediary between a client that is requesting a resource and a server that is proving the requested resource. Instead of connecting directly to a server that is able to fulfill such a request, such as a request for a file or a web page, the client may be redirected to a proxy service, which evaluates the request and performs the required transactions ). As per claim 9. Teotia and Chinta and Teramoto and Wu and McMurtry and Pizano The non-transitory computer-readable medium of claim 1, Teramoto discloses wherein the secret comprises one of a personal identification number (PIN), password, or passphrase ( [0088] Another security feature of this solution is the encryption of the data vaults 616 (containers) on the mobile device 602. The vaults 616 may be encrypted so that all on-device data including files, databases, and configurations are protected. For on-line vaults, the keys may be stored on the server (gateway server 606), and for off-line vaults, a local copy of the keys may be protected by a user password or biometric validation. If or when data is stored locally on the mobile device 602 in the secure container 616, it may be preferred that a minimum of AES 256 encryption algorithm be utilized.). As per claim 10. Teotia and Chinta and Teramoto and Wu and McMurtry and Pizano disclose The non-transitory computer-readable medium of claim 1, Teramoto discloses wherein the operations further comprise: based on encrypting the token, enabling the downloading of the encrypted token to a storage location of the computing device (0108] In step 801, the public portion of the computing device 702 may generate a token. The token may be associated with authentication of the computing device 703. For example, a user of the computing device may provide authentication credentials to an application executing in the public portion 703 of the computing device 702, and the application may generate a token based on the authentication credentials.[0109] A token may be any data which may be associated with a user of the computing device 702. The token may be generated based on authentication activity by the user. For example, a token may be generated based on a user authenticating with a username and a password and via the public portion 703 of the computing device 702. A token may correspond to execution of one or more applications in the public portion 703 of the computing device 702. For example, the token may indicate an operational status of an application and/or may contain data used by the application during execution). As per claim 11. Teotia and Chinta and Teramoto and Wu and McMurtry and Pizano disclose The non-transitory computer-readable medium of claim 1, Teramoto discloses wherein the operations further comprise: after encrypting the token, decommissioning the secret and the first contextual data , wherein the resource and the computing device does not persistently store the secret ([0111] In step 803, the server 701 may generate a key. The key may be generated based on the token received in step 802. Generating the key may comprise generating a cryptographically safe random secret key and/or a symmetric cypher key. Generating the key may comprise encrypting the token based on the key). As per claim 12. Teotia and Chinta and Teramoto and Wu and McMurtry and Pizano discloses The non-transitory computer-readable medium of claim 1, Teramoto discloses wherein the token is configured to expire after a predetermined time period ([0114] In step 804, the server 701 may send the token to the storage device 705. The storage device 705 may be configured to store the token 804. The storage device 705 may store the token 804 such that the token is deleted after a predetermined period of time has elapsed. For example, the storage device 705 may delete received tokens after they have been stored for five minutes. ). As per claim 13. Teotia and Chinta and Teramoto and Wu and McMurtry and Pizano discloses The non-transitory computer-readable medium of claim 12, Teramoto discloses wherein a time interval from the first time to the second time is less than the time period ([0114] In step 804, the server 701 may send the token to the storage device 705. The storage device 705 may be configured to store the token 804. The storage device 705 may store the token 804 such that the token is deleted after a predetermined period of time has elapsed. For example, the storage device 705 may delete received tokens after they have been stored for five minutes. ). As per claim 14. Teotia and Chinta and Teramoto and Wu and McMurtry and Pizano discloses The non-transitory computer-readable medium of claim 12, Teramoto discloses wherein the operations further comprise: identifying, by the computing device and during a third time later than the second time, a third request by the user to access the resource; and based on determining that the token has expired before the third time: sending, by the resource and to the identity provider service, a request to authenticate the user; and displaying, by the resource, an indication of the authentication to a user interface ( [0027] The components may include data server 103, web server 105, and client computers 107, 109. Data server 103 provides overall access, control and administration of databases and control software for performing one or more illustrative aspects describe herein. Data server 103 may be connected to web server 105 through which users interact with and obtain data as requested. Alternatively, data server 103 may act as a web server itself and be directly connected to the Internet. Data server 103 may be connected to web server 105 through the local area network 133, the wide area network 101 (e.g., the Internet), via direct or indirect connection, or via some other network. Users may interact with the data server 103 using remote computers 107, 109, e.g., using a web browser to connect to the data server 103 via one or more externally exposed web sites hosted by web server 105. Client computers 107, 109 may be used in concert with data server 103 to access data stored therein, or may be used for other purposes. For example, from client device 107 a user may access web server 105 using an Internet browser, as is known in the art, or by executing a software application that communicates with web server 105 and/or data server 103 over a computer network (such as the Internet).). As per claim 15. Teotia and Chinta and Teramoto and Wu and McMurtry and Pizano discloses The non-transitory computer-readable medium of claim 1, Teramoto discloses wherein the operations further comprise: supplementing the token with information including at least one of: an identification of the resource, a username of the user, or a digital signature ( [0103] In some cases, managed applications 610 may be allowed to access a certificate and private key via an API (for example, OpenSSL). Trusted managed applications 610 of an enterprise may be allowed to perform specific Public Key operations with an application's client certificate and private key. Various use cases may be identified and treated accordingly, such as if or when an application behaves like a browser and no certificate access is required, if or when an application reads a certificate for “who am I,” if or when an application uses the certificate to build a secure session token, and if or when an application uses private keys for digital signing of important data (e.g. transaction log) or for temporary data encryption.[0104] Secure Token Transfer). As per claim 16. Teotia and Chinta and Teramoto and Wu and McMurtry and Pizano discloses The non-transitory computer-readable medium of claim 1,Teramoto discloses wherein the resource is configured to not persistently store the secret, the first contextual data, and the second contextual data (0111] In step 803, the server 701 may generate a key. The key may be generated based on the token received in step 802. Generating the key may comprise generating a cryptographically safe random secret key and/or a symmetric cypher key. Generating the key may comprise encrypting the token based on the key. ). As per claim 17. Teotia and Chinta and Teramoto and Wu and McMurtry and Pizano discloses The non-transitory computer-readable medium of claim 1, Teramoto discloses wherein encrypting the token based on the secret inputted by the user and the first contextual data comprises: encrypting the token using the secret to produce an intermediate output; and encrypting the intermediate output using the first contextual data to produce the encrypted token (0007] A server may receive, from a first application executing on a first portion of a computing device, a token. A key may be generated after receiving the token. The server may sign a second application with a key corresponding to the token. The server may receive, from the computing device, user input comprising at least a portion of the key. Signing the second application may comprise compiling the second application with the key. The token and the key may be stored, and the token and the key may be deleted after a predetermined time period. The server may cause a second portion of the computing device to execute the second application. The second portion of the computing device may be prevented, by a security policy, from interacting with the first portion of the computing device. The server may receive, from the second application, a request for the token. The request for the token may comprise at least a portion of the key. The server may send, to the second portion of the computing device, the token. ). As per claim 18. Teotia and Chinta and Teramoto and Wu and McMurtry and Pizano discloses The non-transitory computer-readable medium of claim 1, Teramoto discloses wherein the operations further comprise: associating the encrypted token with a mobile application; and requesting, via the mobile application, biometric authentication of the user when the encrypted token is used for authenticating the user ([0006] A first application executing on a first portion of a computing device may send, to a server, a token. The token may be encrypted (e.g., using a key) before it is sent to the server, such that the server might not have access to the unencrypted version of the token. A second portion of the computing device may be prevented (e.g., by a security policy) from interacting with the first portion of the computing device. ). As per claim 19. Teotia and Chinta and Teramoto and Wu and McMurtry and Pizano discloses The non-transitory computer-readable medium of claim 1, Teramoto discloses wherein the operations further comprise: adding the encrypted token to at least one of: a file associated with the resource or a storage location associated with the resource; and activating the file or retrieving the encrypted token from the storage location to request access to the resource for the user ([0072] The enterprise resources 504 may include email servers, file sharing servers, SaaS applications, Web application servers, Windows application servers, and the like. Email servers may include Exchange servers, Lotus Notes servers, and the like. File sharing servers may include ShareFile servers, and the like. SaaS applications may include Salesforce, and the like. Windows application servers may include any application server that is built to provide applications that are intended to run on a local Windows operating system, and the like. The enterprise resources 504 may be premise-based resources, cloud-based resources, and the like. The enterprise resources 504 may be accessed by the mobile device 502 directly or through the access gateway 560. The enterprise resources 504 may be accessed by the mobile device 502 via the transport network 562 ). As per claim 20, this claim is rejected based on the same rational set forth in the claim 1. Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to ABU S SHOLEMAN whose telephone number is (571)270-7314. The examiner can normally be reached EST: 9am-5pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JORGE ORTIZ CRIADO can be reached at 571-272-7624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /ABU S SHOLEMAN/Primary Examiner, Art Unit 2496