Prosecution Insights
Browse Companies Examiners Firms Draft Your Response
Office ActionsHanscan Holdings Limited › 18840886
Last updated: May 29, 2026
Application No. 18/840,886

USER IDENTIFICATION SYSTEM

Non-Final OA §101§103
Filed
Aug 22, 2024
Priority
Feb 23, 2022 — NL 2031049 +1 more
Examiner
KABIR, JAHANGIR
Art Unit
2439
Tech Center
2400 — Computer Networks
Assignee
Hanscan Holdings Limited
OA Round
1 (Non-Final)
81%
Grant Probability
Favorable
1-2
OA Rounds
1y 7m
Est. Remaining
99%
With Interview

Interview Optional

+37.0% interview lift. Examiner has a relatively high allowance rate (81%); +37.0% interview lift. A written response may suffice.
Based on 557 resolved cases, 2023–2026

Examiner Intelligence

KABIR, JAHANGIR View full profile →
Grants 81% — above average
81%
Career Allowance Rate
449 granted / 557 resolved
+22.6% vs TC avg
Strong +37% interview lift
Without
With
+37.0%
Interview Lift
resolved cases with interview
Typical timeline
3y 4m
Avg Prosecution
19 currently pending
Career history
570
Total Applications
across all art units

Statute-Specific Performance

§101
1.2%
-38.8% vs TC avg
§103
92.1%
+52.1% vs TC avg
§102
2.4%
-37.6% vs TC avg
§112
1.4%
-38.6% vs TC avg
Black line = Tech Center average estimate • Based on career data from 557 resolved cases

Office Action

§101 §103
DETAILED ACTION This Office Action is in response to the application 18/840886, filed on 08/22/2024. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . As per the Preliminary Amendment filed on 08/26/2024, claims 1-9, 11-18, 20-26, and 28-36 are pending in this application, claims 1, 3, 15, 23, and 30-33 are independent. Priority/Continuity This application has relationship with PCT/EP2023/054615, filed on 02/23/2023, and has priority with foreign application NL2031049, filed on 02/23/2022. Information Disclosure Statement The information disclosure statement (IDS), submitted on 08/22/2024 and 11/18/2024, are in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the Examiner. Drawing Objections The set of the drawings is objected to because they are not informative. Device components illustrated in figure 1 should include text/legend describing name/label for numerically labeled component/element (at least for the major components that are recited in the claims), for one in the ordinary person in the field to easily understand the scope of the claimed invention that is described in the specification with reference to the figures. Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. The figure or figure number of an amended drawing should not be labeled as “amended.” If a drawing figure is to be canceled, the appropriate figure must be removed from the replacement sheet, and where necessary, the remaining figures must be renumbered and appropriate changes made to the brief description of the several views of the drawings for consistency. Additional replacement sheets may be necessary to show the renumbering of the remaining figures. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance. The Applicant is reminded that, similar to the claim amendment process, when changing/editing any figure of the drawing(s), requires re-submission of the whole set of the drawings, including all figures for the office to enter the drawing amendment (emphasis added). Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claim 35 is rejected under 35 U.S.C. 101 as being directed to non-statutory subject matter. As to claim 35, the claim is rejected under 35 U.S.C. 101 as being directed to non-statutory statutory subject matter. The claim is directed to a computer program per se because the claimed “computer program product” is not stored on any non-transitory computer-readable storage medium. See Warmerdam, 33 F.3d at 1361, 31 USPQ2d at 1760. The claim also recites “a computer readable storage medium;” The specification does not explicitly limit the claim computer readable medium to non-transitory medium. Under a recent precedential opinion, the scope of the recited “computer readable storage medium” encompasses transitory media such as signals or carrier waves, where, as here the Specification does not limit the computer readable storage medium to non-transitory forms. See Ex parte Mewherter, 107 USPQ2d 1857, 1862 (PTAB 2013) (precedential) (holding recited machine-readable storage medium ineligible under § 35 U.S.C. 101 since it encompassed transitory media). The Examiner respectfully suggests that the claim be amended to either “A computer program product stored on a non-transitory computer-readable storage medium” or “A computer program product stored on a computer-readable storage device” to make the claim statutory under 35 USC 101; (emphasis added). Claim Interpretations The following is a quotation of 35 U.S.C. 112(f): (f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. The following is a quotation of pre-AIA 35 U.S.C. 112, sixth paragraph: An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.’ The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art. The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is invoked. As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph: (A) the claim limitation uses the term "means" or "step" or a term used as a substitute for "means" that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; (B) the term "means" or "step" or the generic placeholder is modified by functional language, typically, but not always linked by the transition word "for" (e.g., "means for") or another linking word or phrase, such as "configured to" or "so that"; and (C) the term "means" or "step" or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. Use of the word "means" (or "step") in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. Absence of the word "means" (or "step") in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. Claim limitations in this application that use the word "means" (or "step") are being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word "means" (or "step") are not being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. This application includes one or more claim limitations that do not use the word "means," but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier. Such claim limitation(s) is/are: “network module arranged to receive;” and “processing unit arranged to validate/send,” recited in claim 30; “communication module arranged to receive/provide,” and “processing module arranged to validate/issue,” recited in claim 31; “communication module arranged to receive/send,” recited in claim 32; “network module arranged to receive,” “processing unit arranged to validate/send,” “communication module arranged to receive/provide,” “processing module arranged to receive/provide,” an access controller for requesting, and “a communication module arranged to receive/provide,” and “processing module to validate/issue, and “communication module arranged to,” recited in claim 33. Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof. If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, applicant may: (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-9, 11-18, 20-26, and 28-36 are rejected under 35 U.S.C. 103 as being unpatentable over Hoyos et al (“Hoyos,” US 2014/0337930, published on 11/13/2014), in view of Baumgarte et al (“Baumgarte,” US 2023/0164145, filed on 11/24/2021). As to claim 1, Hoyos teaches a method of identifying a user, requesting identification confirmation and providing authorisation confirmation and identification to a computer controlled access point in an electronic access control system comprising an electronic personal computing device, an electronic access controller and a trusted platform server (Hoyos: pars 0012-0013, 0031, 0041, 0120; Fig 1, a system and method for user access to access, from user device [i.e., electronic personal computing device], an access-controlled environment (ACE) (e.g., device that controls an electronic door lock providing access to a restricted location, a web-server or institution computing system) [i.e., access point], controlled by a remote computing device [i.e. access control system], involving a system server [i.e., trusted platform] for access request authorization process) the method comprising: receiving, by the electronic personal computing device, a controller access data request identifying an access process (Hoyos: pars 0026, 0118-0119, 0137, user attempts to access a networked environment that is access-controlled. Detecting that the user is attempting to access an ACE, the transaction request can include the access-control information identifying the ACE); requesting, by the electronic personal computing device, a user for user data identifying the user; receiving, by the electronic personal computing device, user data identifying the user (Hoyos: pars 0012-0013, 0026, 0071, user is prompted to authenticate using the user's preregistered mobile device. The user device receives user identifying information inputs from user); validating, by the electronic personal computing device, the received user data; if the user data is held to be valid (Hoyos: pars 0012-0013, 0026, the user is authenticated, by the mobile device, according to the user identifier that identifies the user and mobile device information), sending, by the electronic personal computing device, an access identification message to a trusted platform server; receiving, by the trusted platform server, an access identification message from an electronic personal computing device (Hoyos: pars 0119-0120, the user computing device transmits the authorization request to the system server. The system server can cross-reference the user and/or computing device identified in the request with database of user profiles); sending, by the trusted platform server, an identification confirmation message to the access controller (Hoyos: pars 0026, 0118-0119, 0137, enabling the system server to cause the appropriate user's mobile device to commence authentication. The system server can cross-reference the user and/or computing device identified in the request with database of user profiles to determine whether the user or device is associated with a user profile and, hence, is enrolled with the system); receiving, by the electronic access controller, an identification confirmation message from a trusted platform server (Hoyos: pars 0013, 0026, 0120, the system server communicates directly with the ACE back-end servers of the user’s access authorization); validating, by the electronic access controller; issuing, by the electronic access controller, an access authorisation to a computer controlled access point for granting access to the user (Hoyos: pars 0013, 0026, 0120, authorization module facilitates the authorized user to access to the access-controlled environment. If user is successfully authenticated, the system can electronically grant access to the networked environment that the user's trying to access). Hoyos does not explicitly teach request comprising a first access identifier; message comprising the first access identifier; sending message including a second access identifier, wherein the second access identifier is based on the first access identifier; and receiving the identification confirmation message comprising a second access identifier; and [validating] the second access identifier to the first access identifier, validating the second access identifier to the first access identifier, and granting access, if the first access identifier matches the second access identifier. However, in an analogous art, Baumgarte teaches request comprising a first access identifier; message comprising the first access identifier (Baumgarte: pars 0003, 0011, 0015 lock-specific access token [i.e. first access identifier] is received from a access requesting mobile device); sending message including a second access identifier, wherein the second access identifier is based on the first access identifier; and receiving the identification confirmation message comprising a second access identifier; validating the second access identifier to the first access identifier, and granting access, if the first access identifier matches the second access identifier (Baumgarte: pars 0003, 0015, 0021, 0057, receive a lock-specific access token from one of the plurality of node devices, and transmit the lock-specific access token [i.e., second access identifier in the message] to the lock device, and where the lock device is further authenticate the lock-specific access token [i.e., validating ]to confirm if it is true and accurate access token [i.e., matching with the first access identifier/token] in granting access). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Baumgart with the method/system of Hoyos to include the limitation(s), request comprising a first access identifier; message comprising the first access identifier; sending [message] including a second access identifier, wherein the second access identifier is based on the first access identifier; and receiving the identification confirmation message comprising a second access identifier; validating the second access identifier to the first access identifier, and granting access, if the first access identifier matches the second access identifier, where one would have been motivated for the benefit of providing with a means for using an access token as a access identifier, and validating the access token received from the mobile device with the access token received from a cooperative system, and upon successful matching validation, granting access to a controlled environment, such as, through the passageway, and controlled network device, etc. (Baumgarte: pars 0015, 0021, 0057). As to claim 2, the combination of Hoyos and Baumgarte teaches the method of claim 1, Hoyos and Baumgarte further teaches, further comprising: obtaining, by the electronic personal computing device, a user identifier token identifying at least one of the personal computing device and a user of the personal computing device; sending, by the electronic personal computing device, an access point identifier and the user identifier token to the trusted platform server, the sending identifying a request of the user to pass the computer controlled access point (Hoyos: pars 0012-0013, 0026, The user device receives user identifying information inputs from user, the user is authenticated, by the mobile device, according to the user identifier that identifies the user and mobile device information. transaction request including: a user identifier that identifies a user, and a mobile device identifier that identifies the mobile device, wherein the transaction request provides confirmation that the mobile device has authenticated the user [i.e. user identifier token]. Baumgarte: pars 0015, 0008, 0009, access request transmitted by the mobile device includes the lock identifier [i.e., access point identifier] of the lock device and a mobile device identifier of the mobile device); forwarding, by the trusted platform server, to the electronic access controller, the user identifier token; a pre-access request comprising a user identifier token identifying at least one of the personal computing device and a user of the personal computing device (Hoyos: pars 0013, 0026, 0120, the system server communicates directly with the ACE back-end servers of the user’s access authorization. Baumgarte: pars 0003, 0015, 0021, transmit the lock-specific access token to the lock device, and where the lock device is further authenticates the lock-specific access token in granting access); receiving, by the electronic access controller, from the trusted platform server, a pre-access request comprising the user identifier token; retrieving, from an electronic memory coupled to the electronic access controller, access data; verifying, based on the user identifier token and the access data, whether at least one of the personal computing device and the user thereof is allowed to pass the computer controlled access point; if the at least one of the personal computing device and the user thereof is allowed to pass the computer controlled access point, send a confirmation to the trusted platform server that the at least one of the personal computing device and the user is allowed to pass, based on the user identifier (Hoyos: pars 0013, 0026, the system server communicates directly with the ACE back-end servers of the user’s access authorization. the communication module further transmits the authorization notification to at least one remote computing device over a network, Baumgarte: pars 0003, 0015, 0058, upon successful authentication of granting access, transmit a notification of verification to the first node device); forwarding, by the trusted platform server, to the personal computing device, the confirmation; receiving, from the trusted platform server, by the personal computing device, the confirmation; wherein the requesting a user for user data identifying the user is executed upon receiving the confirmation ((Hoyos: pars 0139,0219, the authorization notification can be transmitted to the mobile device or the user computing device with which the user is attempting to gain access to an ACE using a transaction account. The system server 105 can also transmit an authorization notification to the computing device. Baumgarte: pars 0058, 0067, the mobile device receives a notification of the approved transaction. Forwards the notification to other node devices). As to claim 3, Hoyos teaches a method of providing identification to a computer controlled access point, in an electronic personal computing device (Hoyos: pars 0012-0013, 0031, 0041, 0120; Fig 1, a system and method for user access to access, from user device [i.e., electronic personal computing device], an access-controlled environment (ACE) (e.g., device that controls an electronic door lock providing access to a restricted location, a web-server or institution computing system) [i.e., access point], controlled by a remote computing device [i.e. access control system], involving a system server [i.e., trusted platform] for access request authorization process), the method comprising: receiving a controller access data request [ ] identifying an access process (Hoyos: pars 0026, 0118-0119, 0137, user attempts to access a networked environment that is access-controlled. Detecting that the user is attempting to access an ACE, the transaction request can include the access-control information identifying the ACE); requesting a user for user data identifying the user; receiving user data identifying the user (Hoyos: pars 0012-0013, 0026, 0071, user is prompted to authenticate using the user's preregistered mobile device. The user device receives user identifying information inputs from user); validating the received user data; if the user data is held to be valid (Hoyos: pars 0012-0013, 0026, the user is authenticated, by the mobile device, according to the user identifier that identifies the user and mobile device information); sending an access identification message [ ] to a trusted platform server (Hoyos: pars 0119-0120, the user computing device transmits the authorization request to the system server. The system server can cross-reference the user and/or computing device identified in the request with database of user profiles). Hoyos does not explicitly teach request comprising an access identifier; and message comprising the access identifier. However, in an analogous art, Baumgarte teaches request comprising an access identifier, (Baumgarte: pars 0003, 0011, 0015 lock-specific access token [i.e. first access identifier] is received from a access requesting mobile device); and message comprising the access identifier (Baumgarte: pars 0003, 0015, 0021, receive a lock-specific access token from one of the plurality of node devices, and transmit the lock-specific access token [i.e., second access identifier] to the lock device, and where the lock device is further authenticate the lock-specific access token in granting access). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Baumgart with the method/system of Hoyos to include the limitation(s), request comprising an access identifier; and message comprising the access identifier, where one would have been motivated for the benefit of providing with a means for using an access token as a access identifier, and validating the access token received from the mobile device with the access token received from a cooperative system, and upon successful matching validation, granting access to a controlled environment, such as, through the passageway, and controlled network device, etc. (Baumgarte: pars 0015, 0021). As to claim 4, the combination of Hoyos and Baumgarte teaches the method according to claim 3, Hoyos further teaches, further comprising receiving an access confirmation of the identification from the access controller; upon receiving the access confirmation of the identification from the access controller, obtaining access by the computer controlled access point in cooperation with the access controller (Hoyos: pars 0013, 0026, 0120, authorization module facilitates the authorized user to access to the access-controlled environment. If user is successfully authenticated, the system can electronically grant access to the networked environment that the user's trying to access). As to claim 5, the combination of Hoyos and Baumgarte teaches the method according to claim 3, Hoyos further teaches, wherein the validating comprises comparing the received user data to stored user data and the received user data is held to be valid if the received user data matches the stored user data (Hoyos: pars 0012-0013, 0026, the user is authenticated, by the mobile device, according to the user identifier that identifies the user and mobile device information with stored user profile data). As to claim 6, the combination of Hoyos and Baumgarte teaches the method according to claim 3, Hoyos further teaches, wherein the controller access data request comprises a link to the trusted platform server. (Hoyos: pars 0012-0013, user access to access, from user device, an access-controlled environment (ACE), controlled by a remote computing device, involving a system server for access request authorization process) As to claim 7, the combination of Hoyos and Baumgarte teaches the method according to claim 3, Hoyos further teaches, wherein the user data is biometric data related to a physical feature of the user (Hoyos: pars 0012-0013, 0026, 0030, user identifying information includes biometric information, such as images of the user's eye, facial images of the user [i.e., physical feature]). As to claim 8, the combination of Hoyos and Baumgarte teaches the method according to claim 3, Hoyos further teaches, wherein the access identification message further comprises user identifier data identifying the user (Hoyos: pars 0119-0120, the user computing device transmits the authorization request to the system server. The system server can cross-reference the user and/or computing device identified in the request with database of user profiles). As to claim 9, the combination of Hoyos and Baumgarte teaches the method according to claim 3, Hoyos further teaches, wherein the access request comprises user identifier data identifying the user (Hoyos: pars 0012-0013, 0026, the user is authenticated, by the mobile device, according to the user identifier that identifies the user). As to claim 11, the combination of Hoyos and Baumgarte teaches the method according to claim 3, Hoyos further teaches, further comprising receiving, from the trusted platform server, a request for identification of the user, wherein the access identification message is sent in response to the request for identification of the user (Hoyos: pars 0013, 0026, 0120, the system server communicates directly with the ACE back-end servers of the user’s access authorization). As to claim 12, the combination of Hoyos and Baumgarte teaches the method according to claim 3, Hoyos further teaches, further comprising, prior to the receiving of a controller access data request, sending an access request to an access controller for initiating an access process (Hoyos: pars 0026, 0118-0119, 0137, user attempts to access a networked environment that is access-controlled. Detecting that the user is attempting to access an ACE, the transaction request can include the access-control information identifying the ACE). As to claim 13, the combination of Hoyos and Baumgarte teaches the method according to claim 12, Hoyos further teaches, wherein the access request comprises data identifying the user (Hoyos: pars 0119-0120, the user computing device transmits the authorization request to the system server. The system server can cross-reference the user and/or computing device identified in the request with database of user profiles). As to claim 14, the combination of Hoyos and Baumgarte teaches the method according to claim 3, Hoyos further teaches, further comprising: receiving an access point identifier identifying the computer controlled access point; obtaining a user identifier token identifying at least one of the personal computing device and a user of the personal computing device (Hoyos: pars 0012-0013, 0026, the user is authenticated, by the mobile device, according to the user identifier that identifies the user and mobile device information); sending the access point identifier and the user identifier token to the trusted platform server, the sending identifying a request of the user to pass the computer controlled access point; receiving, from the trusted platform server, a confirmation that the user is allowed to pass the computer controlled access point ; wherein the requesting a user for user data identifying the user is executed upon receiving the confirmation (Hoyos: pars 0012, 0026, 0118-0119, 0137, access-control information that identifies the access-controlled environment. Enabling the system server to cause the appropriate user's mobile device to commence authentication. The system server can cross-reference the user and/or computing device identified in the request with database of user profiles to determine whether the user or device is associated with a user profile and, hence, is enrolled with the system). As to claim 15, Hoyos teaches a method of requesting an identification confirmation message from an electronic personal computing device, in an electronic access controller (Hoyos: pars 0012-0013, 0031, 0041, 0120; Fig 1, a system and method for user access to access, from user device [i.e., electronic personal computing device], an access-controlled environment (ACE) (e.g., device that controls an electronic door lock providing access to a restricted location, a web-server or institution computing system) [i.e., access point], controlled by a remote computing device [i.e. access control system], involving a system server [i.e., trusted platform] for access request authorization process), the method comprising: receiving an access request from an electronic personal computing device; providing the electronic personal computing device with a controller access data request (Hoyos: pars 0026, 0118-0119, 0137, user attempts to access a networked environment that is access-controlled. Detecting that the user is attempting to access an ACE, the transaction request can include the access-control information identifying the ACE); receiving an identification confirmation message from a trusted platform server, the identification confirmation message (Hoyos: pars 0026, 0118-0119, 0137, enabling the system server to cause the appropriate user's mobile device to commence authentication. The system server can cross-reference the user and/or computing device identified in the request with database of user profiles to determine whether the user or device is associated with a user profile and, hence, is enrolled with the system); validating; issuing an access authorisation to a computer controlled access point for granting access to a user (Hoyos: pars 0013, 0026, 0120, authorization module facilitates the authorized user to access to the access-controlled environment. If user is successfully authenticated, the system can electronically grant access to the networked environment that the user's trying to access). Hoyos does not explicitly teach request comprising a first access identifier; message comprising a second access identifier; [validating] the second access identifier to the first access identifier; if the first access identifier matches the second access identifier. However, in an analogous art, Baumgarte teaches request comprising a first access identifier (Baumgarte: pars 0003, 0011, 0015 lock-specific access token [i.e. first access identifier] is received from a access requesting mobile device); message comprising a second access identifier; [validating] the second access identifier to the first access identifier; if the first access identifier matches the second access identifier (Baumgarte: pars 0003, 0015, 0021, receive a lock-specific access token from one of the plurality of node devices, and transmit the lock-specific access token [i.e., second access identifier] to the lock device, and where the lock device is further authenticate the lock-specific access token in granting access). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Baumgart with the method/system of Hoyos to include the limitation(s), request comprising a first access identifier; message comprising a second access identifier; [validating] the second access identifier to the first access identifier; if the first access identifier matches the second access identifier, where one would have been motivated for the benefit of providing with a means for using an access token as a access identifier, and validating the access token received from the mobile device with the access token received from a cooperative system, and upon successful matching validation, granting access to a controlled environment, such as, through the passageway, and controlled network device, etc. (Baumgarte: pars 0015, 0021). As to claims 16-18 and 20-22, the claim limitations are similar to the limitations of claims 1, 2 and 6, respectively, alone or in combination, and are rejected for the same reason set for the above for claims 1, 2, and 6. As to claim 23, Hoyos teaches a method of providing an authorisation confirmation to an access controller, in a trusted platform server (Hoyos: pars 0012-0013, 0031, 0041, 0120; Fig 1, a system and method for user access to access, from user device [i.e., electronic personal computing device], an access-controlled environment (ACE) (e.g., device that controls an electronic door lock providing access to a restricted location, a web-server or institution computing system) [i.e., access point], controlled by a remote computing device [i.e. access control system], involving a system server [i.e., trusted platform] for access request authorization process), the method comprising: receiving an access identification message [ ] from an electronic personal computing device (Hoyos: pars 0026, 0118-0119, 0137, enabling the system server to cause the appropriate user's mobile device to commence authentication. The system server can cross-reference the user and/or computing device identified in the request with database of user profiles to determine whether the user or device is associated with a user profile and, hence, is enrolled with the system); sending an identification confirmation message to the access controller (Hoyos: pars 0026, 0118-0119, 0137, enabling the system server to cause the appropriate user's mobile device to commence authentication. The system server can cross-reference the user and/or computing device identified in the request with database of user profiles to determine whether the user or device is associated with a user profile and, hence, is enrolled with the system). Hoyos does not explicitly teach request comprising a first access identifier; and message including a second access identifier, wherein the second access identifier is based on the first access identifier. However, in an analogous art, Baumgarte teaches request comprising a first access identifier (Baumgarte: pars 0003, 0011, 0015 lock-specific access token [i.e. first access identifier] is received from a access requesting mobile device); and message including a second access identifier, wherein the second access identifier is based on the first access identifier (Baumgarte: pars 0003, 0015, 0021, receive a lock-specific access token from one of the plurality of node devices, and transmit the lock-specific access token [i.e., second access identifier] to the lock device, and where the lock device is further authenticate the lock-specific access token in granting access). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Baumgart with the method/system of Hoyos to include the limitation(s), request comprising a first access identifier; message comprising the first access identifier; sending [message] including a second access identifier, wherein the second access identifier is based on the first access identifier; and receiving the identification confirmation message comprising a second access identifier; [validating] the second access identifier to the first access identifier, and [granting access], if the first access identifier matches the second access identifier, where one would have been motivated for the benefit of providing with a means for using an access token as a access identifier, and validating the access token received from the mobile device with the access token received from a cooperative system, and upon successful matching validation, granting access to a controlled environment, such as, through the passageway, and controlled network device, etc. (Baumgarte: pars 0015, 0021). As to claims 24-26, 28 and 29, the claim limitations are similar to the limitations of claims 1 and 2, respectively, alone or in combination, and are rejected for the same reason set for the above for claims 1 and 2. As to claim 30, the claim limitations are similar to the limitations of claim 3, and is rejected for the same reason set for the above for claim 3. As to claim 31, the claim limitations are similar to the limitations of claim 15, and is rejected for the same reason set for the above for claim 15. As to claim 32, the claim limitations are similar to the limitations of claim 23, and is rejected for the same reason set for the above for claim 23. As to claim 33, a system for identifying a user, requesting identification confirmation and providing authorisation confirmation and identification to a computer controlled access point, the system comprising: (a) an electronic personal computing device for providing identification to a computer controlled access point, the device comprising a network module arranged to receive a controller access data request comprising an access identifier identifying an access process (Hoyos: pars 0012-0013, 0031, 0041, 0120; Fig 1, a system and method for user access to access, from user device [i.e., electronic personal computing device], an access-controlled environment (ACE) (e.g., device that controls an electronic door lock providing access to a restricted location, a web-server or institution computing system) [i.e., access point], controlled by a remote computing device, involving a system server for access request authorization process): a user interface arranged to: request a user for user data identifying the user, and receive user data identifying the user Hoyos: pars 0012-0013, 0026, 0071, user is prompted to authenticate using the user's preregistered mobile device. The user device receives user identifying information inputs from user), a processing unit arranged to: validate the received user data (Hoyos: pars 0012-0013, 0026, the user is authenticated, by the mobile device, according to the user identifier that identifies the user and mobile device information); send, by means of the network module, if the user data is held to be valid, an access identification message comprising the access identifier to a trusted platform server (Hoyos: pars 0119-0120, the user computing device transmits the authorization request to the system server. The system server can cross-reference the user and/or computing device identified in the request with database of user profiles); (b) an electronic access controller for requesting an identification confirmation message from an electronic personal computing device, the device comprising: a communication module arranged to: receive an access request from a electronic personal computing device (Hoyos: pars 0026, 0118-0119, 0137, user attempts to access a networked environment that is access-controlled. Detecting that the user is attempting to access an ACE, the transaction request can include the access-control information identifying the ACE); provide the electronic personal computing device with a controller access data (Hoyos: pars 0026, 0118-0119, 0137, user attempts to access a networked environment that is access-controlled. Detecting that the user is attempting to access an ACE, the transaction request can include the access-control information identifying the ACE); receive an identification confirmation message from a trusted platform server, the identification confirmation message (Hoyos: pars 0013, 0026, 0120, the system server communicates directly with the ACE back-end servers of the user’s access authorization); and a processing module arranged to: issue, by means of the communication module, an access authorisation to a computer controlled access point for granting access to a user (Hoyos: pars 0013, 0026, 0120, authorization module facilitates the authorized user to access to the access-controlled environment. If user is successfully authenticated, the system can electronically grant access to the networked environment that the user's trying to access); and (c) a trusted platform server for providing authorisation confirmation to an access controller, the server comprising a communication module arranged to: receive an access identification from an electronic personal computing device (Hoyos: pars 0119-0120, the user computing device transmits the authorization request to the system server. The system server can cross-reference the user and/or computing device identified in the request with database of user profiles); send an identification confirmation message to the access controller (Hoyos: pars 0026, 0118-0119, 0137, enabling the system server to cause the appropriate user's mobile device to commence authentication. The system server can cross-reference the user and/or computing device identified in the request with database of user profiles to determine whether the user or device is associated with a user profile and, hence, is enrolled with the system). Hoyos does not explicitly teach a communication module arranged to: request comprising a first access identifier; message comprising the second access identifier; a processing module arranged to: validate the second access identifier to the first access identifier; and granting access, if the first access identifier matches the second access identifier; a communication module arranged to: receive message comprising a first access identifier; send confirmation message including a second access identifier, wherein the second access identifier is based on the first access identifier. However, in an analogous art, Baumgarte teaches a communication module arranged to: request comprising a first access identifier (Baumgarte: pars 0003, 0011, 0015 lock-specific access token [i.e. first access identifier] is received from a access requesting mobile device); message comprising the second access identifier; a processing module arranged to: validate the second access identifier to the first access identifier; and granting access, if the first access identifier matches the second access identifier; a communication module arranged to: receive message comprising a first access identifier; send confirmation message including a second access identifier, wherein the second access identifier is based on the first access identifier (Baumgarte: pars 0003, 0015, 0021, 0057, receive a lock-specific access token from one of the plurality of node devices, and transmit the lock-specific access token [i.e., second access identifier in the message] to the lock device, and where the lock device is further authenticate the lock-specific access token [i.e., validating ]to confirm if it is true and accurate access token [i.e., matching with the first access identifier/token] in granting access). request comprising a first access identifier; message comprising the first access identifier (Baumgarte: pars 0003, 0011, 0015 lock-specific access token [i.e. first access identifier] is received from a access requesting mobile device); sending message including a second access identifier, wherein the second access identifier is based on the first access identifier; and receiving the identification confirmation message comprising a second access identifier; validating the second access identifier to the first access identifier, and granting access, if the first access identifier matches the second access identifier (Baumgarte: pars 0003, 0015, 0021, 0057, receive a lock-specific access token from one of the plurality of node devices, and transmit the lock-specific access token [i.e., second access identifier in the message] to the lock device, and where the lock device is further authenticate the lock-specific access token [i.e., validating ]to confirm if it is true and accurate access token [i.e., matching with the first access identifier/token] in granting access). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Baumgart with the method/system of Hoyos to include the limitation(s), a communication module arranged to: request comprising a first access identifier; message comprising the second access identifier; a processing module arranged to: validate the second access identifier to the first access identifier; and granting access, if the first access identifier matches the second access identifier; a communication module arranged to: receive message comprising a first access identifier; send confirmation message including a second access identifier, wherein the second access identifier is based on the first access identifier, where one would have been motivated for the benefit of providing with a means for using an access token as a access identifier, and validating the access token received from the mobile device with the access token received from a cooperative system, and upon successful matching validation, granting access to a controlled environment, such as, through the passageway, and controlled network device, etc. (Baumgarte: pars 0015, 0021, 0057). As to claim 34, the claim is directed to a system, and the claim limitations are similar to the limitations of claim 1, and is rejected for the same reason set for the above for claim 1. As to claim 35, the claim is directed to a program product, and the claim limitations are similar to the limitations of claim 1, and is rejected for the same reason set for the above for claim 1. As to claim 36, the claim is directed to non-transitory medium, and the claim limitations are similar to the limitations of claim 1, and is rejected for the same reason set for the above for claim 1. Conclusion Any inquiry concerning this communication or earlier communications from the Examiner should be directed to Jahangir Kabir whose telephone number is (571) 270-3355. The Examiner can normally be reached on 9:00- 5:00 Mon-Thu. If attempts to reach the Examiner by telephone are unsuccessful, the Examiner’s supervisor, Luu Pham can be reached on (571) 270-5002. The fax number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from Patent Center and the Private Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from Patent Center or Private PAIR. Status information for unpublished applications is available through Patent Center and Private PAIR for authorized users only. Should you have questions about access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, Applicant is encouraged to use the USPTO Automated Interview Request (AIR) Form at https://www.uspto.gov/patents/uspto-automated- interview-request-air-form. /JAHANGIR KABIR/ Primary Examiner, Art Unit 2439
Read full office action

Prosecution Timeline

Aug 22, 2024
Application Filed
Dec 22, 2025
Non-Final Rejection mailed — §101, §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

17/980,232
Patent 12634259
SYSTEMS AND METHODS FOR ENHANCED ZTNA SECURITY
3y 6m to grant Granted May 19, 2026
18/006,094
Patent 12621288
Agentless Password Rotation for Baremetal Servers
3y 3m to grant Granted May 05, 2026
18/307,142
Patent 12615246
SESSION TIMEOUT USING ACCESS TOKEN REFRESH
3y 0m to grant Granted Apr 28, 2026
18/312,367
Patent 12585750
SYSTEMS AND METHODS FOR AUTHENTICATING A USER AT A PUBLIC TERMINAL
2y 10m to grant Granted Mar 24, 2026
18/652,759
Patent 12586440
Biometric Access Data Encryption
1y 10m to grant Granted Mar 24, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
81%
Grant Probability
99%
With Interview (+37.0%)
3y 4m (~1y 7m remaining)
Median Time to Grant
Low
PTA Risk
Based on 557 resolved cases by this examiner. Grant probability derived from career allowance rate.

Ready to respond to this office action?

IP Author drafts your complete OA response — amendments, arguments, and claim strategy — in minutes, not days.

Start Drafting Your Response →

Data sourced from USPTO Patent File Wrapper (daily) and Office Action Archive (weekly). Analysis generated by IP Author.

Data: USPTO Patent File Wrapper (daily) • Office Action Archive (weekly) • 89M+ prosecution events

© 2026 IP Author — Browse Office ActionsExaminersCompaniesFirms

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month