DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This action is responsive to communication filed on 12/31/2025.
Claims 1-20 are subject to examination.
This amendment and applicant’s arguments have been fully considered and entered by the Examiner.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1-17, 19-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Shuman et al. U.S. Patent # 9,094,519 (hereinafter Shuman) in view of Law et al U.S. Patent Publication # 2022/0138298 (hereinafter Law)
With respect to claim 1, Law teaches a method, comprising:
-transmitting, by a first device during a communication session between the first device and a second device, a challenge to an identity of a user of the second device to at least one of a server or the second device (i.e. transmitting an authentication challenge message or signal which may be responded by the called party using third computing device by entering secret pin between calling party and called party) (column 12 lines 17-42)
-receiving, by a processing device at the first device and based on the challenge during the communication session between the first device and the second device, a response from the server indicating a verification status of the identity of the user of the second device (i.e. answering authentication challenge answer and if answer correct, establishing connection) (column 12 lines 17-42), wherein the response is based on associations of trusted identifications (IDs) (i.e. PIN answer) and biometric IDs (i.e. finger print scan or iris scan) maintained by the server (i.e. biometric finger print scan, PIN maybe evaluated against data stored in the server)(column 23 lines 29-42), and wherein the response is further based on biometric data of the user from the second device (column 12 lines 17-42)(column 23 lines 36-41); and
-presenting, at the first device during the communication session, an indication of the response(Fig. 3D, entering PIN)(column 15 lines 5-13)
Although Shuman implicitly teaches biometric IDs maintained by the server, Law explicitly teaches wherein the response is based on associations of trusted identifications (IDs) (Paragraph 38-39) and biometric IDs (i.e. public key and private key related to biometrics) maintained by the server (Paragraph 36-37). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement Law’s teaching in Shuman’s to come up with having biometric IDs maintained by the server. The motivation for doing so would be so the IS server attests to the authentication of a user by sending challenge to the user device and authenticating the response using the FIDO protocol and also verifying biometric data.
With respect to claim 2, Shuman teaches the method of claim 1, further comprising: receiving, at the first device during the communication session, a selection of a user interface (UI) element corresponding to the challenge (Fig. 3D, entering PIN), wherein the transmitting the challenge comprises transmitting the challenge based on the selection of the UI element (Fig. 3D, entering PIN)(column 15 lines 5-13).
With respect to claim 3, Shuman teaches the method of claim 1, wherein the communication session comprises at least one of an audio call, a video call (Fig. 2a-d), or an extended reality (XR) session.
With respect to claim 4, Shuman teaches the method of claim 1, wherein the biometric data comprises at least one of facial data of the user, iris data of the user, fingerprint data of the user (i.e. finger print scan or iris scan), or voice data of the user (column 23 lines 29-42).
With respect to claim 5, Shuman teaches the method of claim 1, wherein the trusted IDs include a trusted ID of the user (i.e. PIN answer) and the biometric IDs (i.e. finger print scan or iris scan) include a biometric ID of the user of the second device (i.e. finger print scan or iris scan), the verification status indicates that the identity of the user of the second device is verified based on the trusted ID, the biometric ID, and the biometric data, and the presenting the indication of the response comprises presenting graphical data on a display at the first device indicating that the identity of the user of the second device is verified (column 24 lines 43-57).
With respect to claim 6, Shuman teaches the method of claim 1, wherein the trusted IDs fail to include a trusted ID of the user and the biometric IDs fail to include a biometric ID of the user of the second device, the verification status indicates that the identity of the user of the second device cannot be verified (column 12 lines 17-42)(column 23 lines 36-41), and the presenting the indication of the response comprises presenting graphical data on a display at the first device indicating that the identity of the user of the second device cannot be verified (column 24 lines 37-42).
With respect to claim 7, Shuman teaches the method of claim 1, wherein the trusted IDs fail to include a trusted ID of the user and the biometric IDs fail to include a biometric ID of the user of the second device (column 24 lines 37-42), and the receiving the response from the server indicating whether the identity of the user of the second device is verified comprises receiving an indication that a second server has verified the identity of the user (column 24 lines 43-57).
With respect to claim 8, Shuman and Law teaches the method of claim 1, but Shuman further teaches wherein the challenge requests the second device to transmit the biometric data of the user to the server (column 23 lines 36-41, 63-67)(column 24 lines 1-9)
With respect to claim 9, Shuman teaches the method of claim 1, further comprising: establishing the communication session between the first device and the second device (i.e. answering authentication challenge answer and if answer correct, establishing connection) (column 12 lines 17-42) obtaining, at the first device, an identifier of the user of the second device from the communication session (column 23 lines 36-42); and displaying, at the first device, an identifier of the user of the second device, wherein the identifier of the user of the second device is displayed at the first device concurrently with the indication of the response (column 23 lines 36-42) (Fig. 3D, entering PIN)(column 15 lines 5-13)
With respect to claim 10, Shuman teaches the method of claim 1, wherein the challenge comprises an identifier of the user of the second device received by the first device during the communication session, and the verification status of the identity of the user is further based on a comparison between the identifier of the user of the second device and an identifier from a trusted ID (column 24 lines 43-57).
With respect to claim 11, Shuman teaches the method of claim 1,wherein the response includes an identifier from a trusted ID in the trusted IDs, the method further comprising: performing, at the first device, a comparison between the identifier from the trusted ID to an identifier of the user of the second device obtained via the communication session (column 24 lines 43-57), wherein the presenting the indication of the response is based on the comparison (column 24 lines 43-57).
With respect to claim 12, Shuman teaches the method of claim 1, wherein the comparison indicates that the identifier from the trusted ID is not equivalent to the identifier of the user of the second device obtained via the communication session (column 24 lines 37-42), and wherein the indication of the response indicates that the identifier from the trusted ID is not equivalent to the identifier of the user of the second device obtained via the communication session (column 24 lines 37-42)
With respect to claim 13, Shuman teaches the method of claim 1, wherein the transmitting the challenge, the receiving the response, and the presenting the indication of the response comprise transmitting the challenge, receiving the response, and presenting the indication of the response by way of a plug-in application (Fig. 3d) for a communication application executed by the first device (Fig. 3D, entering PIN)(column 15 lines 5-13)
With respect to claim 14, Shuman and Law teaches the method of claim 1, but Law further teaches wherein the trusted IDs comprise government issued IDs (Paragraph 38)
With respect to claim 15, Shuman teaches the method of claim 1, further comprising: ending the communication session based on the response indicating that the user of the second device cannot be verified or that the user of the second device is not verified (column 24 lines 37-42)
With respect to claims 16-17 respectively, teaches same limitations as claims 1-2 respectively, therefore rejected under same basis.
With respect to claims 19-20 respectively, teaches same limitations as claims 1-2 respectively, therefore rejected under same basis.
Claim(s) 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Shuman et al. U.S. Patent # 9,094,519 (hereinafter Shuman) in view of Law et al U.S. Patent Publication # 2022/0138298 (hereinafter Law) further in view of Khuong et al. U.S. Patent Publication # 2023/0206219 (Hereinafter Khuong)
With respect to claim 18, Shuman and Law teaches the system of claim 16, wherein the trusted IDs are driver license, but does not explicitly teach trusted IDs comprises Real IDs.
Khuong teaches driver license or government issued IDs as Real ID. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement Khuong’s teaching in Shuman and Law’s teaching to come up with having driver license and trusted IDs as Real IDs. The motivation for doing so would be because Real ID have security features designed to prevent tampering, counterfeiting or duplication of the driver’s licenses and identification cards for fraudulent purposes.
Response to Arguments
Applicant's arguments filed 12/31/2025 have been fully considered but they are not persuasive.
A). Applicant states Shuman and Law does not teach “transmitting, by a first device during a communication session between the first device and a second device, a challenge to an identity of a user of the second device to at least one of a server or the second device”.
Examiner respectfully disagree with the applicant because in column 12 lines 17-42, Shuman teaches transmitting, by a first device during a communication session between the first device and a second device, a challenge to an identity of a user of the second device to at least one of a server or the second device (i.e. transmitting an authentication challenge message or signal which may be responded by the called party using third computing device by entering secret pin between calling party and called party) (column 12 lines 17-42). First, the claim limitation states that “a challenge to an identity of a user of the second device to at least one of a server or the second device”. Hence, the challenge is to at least one of a server. In this case, Shuman teaches sending the challenge question and when the identity of the called party is confirmed with a correct authentication challenge answer received at the server computing device via the connection, the server computing device may establish and administer the call between the calling party using the application on the first computing device and the called party using the application.
Applicant states that authentication challenge message after a predetermined period of time expires. Examiner would like to point out that claim language states “transmitting, by a first device during a communication session…”. Hence, a challenge to an identity of a user of the second device can be sent during the session, it does not have to be in the beginning, or right away.
Furthermore, in column 12 lines 17-42, column 23 lines 36-41, Shuman teaches receiving, by a processing device at the first device and based on the challenge during the communication session between the first device and the second device, a response from the server indicating a verification status of the identity of the user of the second device (i.e. answering authentication challenge answer and if answer correct, establishing connection) (column 12 lines 17-42), wherein the response is based on associations of trusted identifications (IDs) (i.e. PIN answer) and biometric IDs (i.e. finger print scan or iris scan) maintained by the server (i.e. biometric finger print scan, PIN maybe evaluated against data stored in the server)(column 23 lines 29-42), and wherein the response is further based on biometric data of the user from the second device (i.e. supplying identification information that may be use to adequately authenticate the identity of the called party such as a PIN, a voice sample, a finger print scan, a retina scan) (column 12 lines 17-42)(column 23 lines 20-41).
Shuman teaches answering authentication challenge answer is received correctly, the server computing device ai the connection may establish and administer the call, wherein the response is based on association of trust IDs which is PIN answer and biometric IDs which is finger print scan or IRIS scan maintained by the user.
-presenting, at the first device during the communication session, an indication of the response(Fig. 3D, entering PIN)(column 15 lines 5-13)
Although Shuman implicitly teaches biometric IDs maintained by the server, Law explicitly teaches wherein the response is based on associations of trusted identifications (IDs) (Paragraph 38-39) and biometric IDs (i.e. public key and private key related to biometrics) maintained by the server (Paragraph 36-37). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement Law’s teaching in Shuman’s to come up with having biometric IDs maintained by the server. The motivation for doing so would be so the IS server attests to the authentication of a user by sending challenge to the user device and authenticating the response using the FIDO protocol and also verifying biometric data.
With respect to claim 16 and 19, applicant state, claim 16 and 19 recite similar features to those of claim 1, therefore same rationale applies. Hence, Examiner response of claim 1, same rationale applies for claim 16 and 19.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
A). Berookim et al. U.S. Patent Publication # 2022/0344016 which teaches about having government issued identification card as Real ID.
B). Frankel et al. U.S. Patent # 7,343,008 which teaches about identity based conferencing system wherein the system focuses on individual users instead of group of participants wherein invoking user identity and services are personalized for each user.
C). Larson et al. U.S. Patent # 11,882,118
THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DHAIRYA A PATEL whose telephone number is (571)272-5809. The examiner can normally be reached M-F 7:30am-4:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kamal B Divecha can be reached at 571-272-5863. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
DHAIRYA A. PATEL
Primary Examiner
Art Unit 2453
/DHAIRYA A PATEL/ Primary Examiner, Art Unit 2453