VERIFYING SUBSCRIBER INFORMATION FOR DEVICE-BASED AUTHENTICATION

§103 §DP

DETAILED ACTION This Office Action is in response to the application 18/787,588 filed on September 06th, 2024. In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. Claims 1-20 were canceled; and claims 21-40 have been added. Claims 21-40 are pending and herein considered. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Double Patenting The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13. The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer. Claims 22-40 are rejected on the ground of nonstatutory double patenting over claims 1-18 of Patented Number 12,052,258 since the claim, if allowed, would improperly extend the “right to exclude” already granted in the patent. The subject matter claimed in the instant application is fully disclosed in the patent and is covered by the patent since the patent and the application are claiming common subject matter. Claims 22-40 are rejected on the ground of nonstatutory double patenting over claims 1-19 of Patented Number 11,509,660 since the claim, if allowed, would improperly extend the “right to exclude” already granted in the patent. The subject matter claimed in the instant application is fully disclosed in the patent and is covered by the patent since the patent and the application are claiming common subject matter. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 21-40 are rejected under 35 U.S.C 103 as being unpatentable over Bleckert et al. (Bleckert), U.S. Pub. Number 2007/0032232, in view of Khalid et al. (Khalid), U.S. Pub. Number 2015/0089621. Regarding claim 21; Bleckert discloses a computer-implemented method for associating subscriber information with a user account, the method comprising: receiving a request to register subscriber information with a user account used to access a network-accessible service (par. 0027; fig. 4; to request a registration within the C/SGSN 301 and to gain access to the CN 30, the MS 1 sends an attach request signal 401 to the MSC/SGSN 301 to request to be registered; the Attach Request signal 401 includes an International Mobile subscriber Identity (IMSI) associated with the SIM/USIM 12 of MS 1.); obtaining, from a user associated with the user account, a subscriber identifier (par. 0028; fig. 4; the MS responds with an identity response signal 403 including the requested IMEI associated with ME 11.); transmitting, to a telecommunication network, a query for network-derived information associated with the subscriber identifier (par. 0028; fig. 4; after receiving the identity response signal 403, the serving MSC/SGSN 301 has both the IMSI number identifying the mobile subscriber as well as the IMEI number identifying the mobile equipment 1-1.); receiving, from the telecommunication network, a query response that comprises a network-derived hardware identifier associated by the telecommunication network with the subscriber identifier (par. 0029; fig. 4; sending an update location request signal 421 to the HLR/HSS 301; the transmitted location update request signal contains both IMSI as well as IMEI numbers.); obtaining, from a mobile communication device associated with the user, a hardware identifier (par. 0028; fig. 4; the MS responds with an identity response signal 403 including the requested IMEI associated with ME 11.); and associating, based on the comparing to detect the match, the subscriber identifier with the user account (pars. 0030-0032; the EIR 302 responds to the HLR/HSS with a check IMEI response signal including the requested permission status; a permission status confirming the validity of the ME 11 may be “white listed” or “gray listed” indicating that the ME 11 is deemed permitted to be used in the Mobile Network 5; a permission status not confirming the validity of the ME 11 may be “black listed” indicating that the ME 11 is deemed not permitted to be used in the Mobile Network 5.). Bleckert fails to explicitly disclose comparing the network-derived hardware identifier with the obtained hardware identifier, to detect whether the network-derived hardware identifier and the obtained hardware identifier match. However, in the same field of endeavor, Khalid discloses secure login for subscriber devices comprising comparing the network-derived hardware identifier with the obtained hardware identifier, to detect whether the network-derived hardware identifier and the obtained hardware identifier match (Khalid: pars. 0020 & 0034; comparing the user credentials 124 with stored security information and identify authorized subscriber devices 110 and users; identify that the hash token 128 is stored in a memory 108 of the subscriber device 110 and decide to automatically include the hash token 128 in an authentication request 120, without prompting the user of the subscriber device 110 for user credentials 124.). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Khalid into the method of Bleckert comprising comparing the network-derived hardware identifier with the obtained hardware identifier, to detect whether the network-derived hardware identifier and the obtained hardware identifier match to securely address user annoyance with repeated manual entry of user credentials in a way that preserves the security of network service login procedures (Khalid: par. 0003). Regarding claim 22; Bleckert and Khalid disclose the method of claim 21, Khalid further discloses comprising: receiving a request to create an account, associated with the user, for accessing the network-accessible service, the request comprising a username and a password; and maintaining, in response to the request, the user account, wherein the user account comprises the username and the password (Khalid: par. 0018; user credentials include various types of information that may be used to identify or authenticate a user or device such as password, swipe codes, fingerprints, voice prints, or other types of information typically entered into the subscriber device 110 to verify identity of the user of the subscriber device 110.). Regarding claim 23; Bleckert and Khalid disclose the method of claim 21, Bleckert further discloses comprising: receiving a request to access the network-accessible service, the request associated with the user account; obtaining the subscriber identifier associated with the user account; comparing the obtained subscriber identifier to a network-derived subscriber identifier; and generating an authorization indication based on the comparing of the obtained subscriber identifier and the network-derived subscriber identifier (Bleckert: par. 0024; the HLR/HSS 303 correlates the IMEI number associated with the ME 11 with the IMSI number associated with the mobile subscriber.). Regarding claim 24; Bleckert and Khalid disclose the method of claim 23, wherein Bleckert further discloses the network-derived subscriber identifier is received, from the telecommunication network, in response to a query for network-derived information associated with an identifier associated with the access request (Bleckert: par. 0029; fig. 4; sending an update location request signal 421 to the HLR/HSS 301; the transmitted location update request signal contains both IMSI as well as IMEI numbers.). Regarding claim 25; Bleckert and Khalid disclose the method of claim 21, Bleckert further discloses comprising: receiving a request to access the network-accessible service, the request associated with the user account (Bleckert: par. 0027; fig. 4; request a registration within the MSC/SGSN 301.); obtaining the subscriber identifier associated with the user account (Bleckert: par. 0028; fig. 4; the MS responds with an identity response signal 403 including the requested IMEI associated with ME 11.); receiving, from the telecommunication network, a network-derived hardware identifier associated with the obtained subscriber identifier; comparing the network-derived hardware identifier to a hardware identifier associated with the access request (Bleckert: pars.0029-30; perform a correlation to determine as to whether the received IMSI has been previously correlated with the received IMEI; the HLR/HSS send a check IMEI request signal to the EIR to request a validation of the IMEI.); and generating an authorization indication based on the comparing of the network-derived hardware identifier and the hardware identifier associated with the access request (Bleckert: pars. 0030-0032; the EIR 302 responds to the HLR/HSS with a check IMEI response signal including the requested permission status; a permission status confirming the validity of the ME 11 may be “white listed” or “gray listed” indicating that the ME 11 is deemed permitted to be used in the Mobile Network 5; a permission status not confirming the validity of the ME 11 may be “black listed” indicating that the ME 11 is deemed not permitted to be used in the Mobile Network 5.). Regarding claim 26; Bleckert and Khalid disclose the method of claim 25, wherein Bleckert further discloses the access request is received from a mobile communication device, and wherein the hardware identifier associated with the access request is obtained from the mobile communication device (Bleckert: pars.0029-30; perform a correlation to determine as to whether the received IMSI has been previously correlated with the received IMEI; the HLR/HSS send a check IMEI request signal to the EIR to request a validation of the IMEI.). Regarding claim 27; Bleckert and Khalid disclose the method of claim 21, wherein Bleckert further discloses the hardware identifiers are international mobile subscriber identities (IMSIs) or international mobile equipment identifies (IMEIs) (Bleckert: par. 0034; the HLR/HS 303 is suitable for performing a permission status check on Mobile Station (MS); the MS 1 is identifiable using a International Subscriber Identification (IMSI) as subscription related identification and using the IMEI as equipment related identification.). Regarding claim 28; Bleckert and Khalid disclose the method of claim 21, wherein Bleckert further discloses the subscriber identifier is a telephone number associated with a mobile telecommunication subscription (Bleckert: par. 0002; telephone number along with personal settings and user information.). Regarding claim 29; Bleckert and Khalid disclose the method of claim 21, wherein Bleckert further discloses the query for network-derived information is a SendRoutinglnformation (SRI) or an SRI-SM request (Bleckert: par. 0049; the OMC sends a permission status cancellation signal indicating the recent cancellation of network access permission to the HLR/HSS.). Regarding claim 30; Bleckert and Khalid disclose the method of claim 21, wherein Bleckert further discloses the subscriber identifier is associated with a mobile telecommunication subscription, and wherein the mobile telecommunication subscription is distinct from the network-accessible service (Bleckert: par. 0027; fig. 4; to request a registration within the C/SGSN 301 and to gain access to the CN 30, the MS 1 sends an attach request signal 401 to the MSC/SGSN 301 to request to be registered; the Attach Request signal 401 includes an International Mobile subscriber Identity (IMSI) associated with the SIM/USIM 12 of MS 1.). Regarding claim 31; Claim 31 is directed to a computer-implemented method which has similar scope as claim 1. Therefore, claim 1 remains un-patentable for the same reason. Regarding claims 32-40; Claims 32-40 are directed to the method of claim 31 which have similar scope as claims 22-30. Therefore, claims 32-40 remain un-patentable for the same reason. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to KHOI V LE whose telephone number is (571)270-5087. The examiner can normally be reached 9:00 AM - 5:00 PM EST. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on 571-272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /KHOI V LE/ Primary Examiner, Art Unit 2436