CTFR 18/884,768 CTFR 95661 Notice of Pre-AIA or AIA Status 07-03-aia AIA 15-10-aia The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA. Response to Amendment Claims 1-20 are currently pending and have been considered below. Claims 1, 11 and 18 are independent claims. Claims 18-19 have been cancelled. Claims 21-22 are new. Response to Arguments Claims 1-20 have been amended, therefore the USC 112 rejections have been withdrawn. Applicant’s arguments with respect to claim 1-17 and 21-22 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument. Allowable Subject Matter Claims 3, 13 and 22 would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims because the prior art of record fails to teach or suggest training, using training data comprising attributes of a security request, a neural network comprising one or more machine learning models to predict authenticity of the security request and determining whether authentication should occur based on the predicted authenticity of the security request. Claim Rejections - 35 USC § 103 07-20-aia AIA The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. 07-21-aia AIA Claim s 1, 4, 9, 11, 14 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Dispensa(US Publication No. 20080120711 A1) in view of Gordon(US Publication No. 2019/004942 A1) . Regarding Claim 1: Dispensa discloses: A computing system for an IP address recognition gateway bypassing multi-factor authentication, the system comprising: at least one processor (Dispensa,[0016], System hardware 220 includes a processor 222 ) ; a communication interface communicatively coupled to the at least one processor (Dispensa, [0017], Memory 230 includes an operating system 240 for managing operations of computer 208 . In one embodiment, operating system 240 includes a hardware interface module 254 that provides an interface to system hardware 220 …); and one or more memory devices storing executable code, wherein execution of the executable code causes the at least one processor to: receive, from a user device, a security request for an IP address of the user device to be stored as a pre-authorized device for future authentication instances incorporating multi-factor authentication, the request being received after authentication credentials have been verified to provide the user device with access to a secure user profile (Dispensa, [0074], The user account could then be used to track browsing history, make more intelligent decisions about advertising content to be presented, or offer other value-added services. Users of the service would then be prompted to log in to the website (or to the downloaded client software) using the established authentication credentials. Optionally, a cookie-based login persistence mechanism can be supported, allowing the user to go for a period of time without the need to log in.); the IP address of the user device to a list of pre-authorized devices, the list of pre-authorized devices associated with the secure user profile (Dispensa, Abstract, in response to a determination that the user is authorized to access one or more resources, initiate, a secondary authentication request, and transmit the secondary authentication request from the network element to the user via a second communication channel, different from the first communication channel.); identify, via the IP address recognition gateway, the IP address of the user device is attempting to access the secure user profile (Dispensa, [0092], the authentication server 930 may store in a memory module such as cache memory the results of a primary authentication request initiated by a user, alone or in combination with the results of a secondary authentication response provided by the user. The results may be stored in for a predetermined period of time or for a dynamic period of time); compare the IP address to stored devices on the list of pre-authorized devices associated with the secure user profile (Dispensa, [0093], in some embodiments of the authentication server 930 may detect the network address from which the primary authentication request is initiated and may compare the network address with a list of approved network addresses stored in a memory module); determine that the user device is pre-authorized to bypass the multi-factor authentication (Dispensa, [0092], The authentication server 930 may require that subsequent primary authentication requests be initiated from the same network address in order to bypass the secondary authentication request. Thus, in some embodiments the authentication server 930 may detect the network address from which the primary authentication request is initiated and may store the network address in a memory module.); and authorize the user device to access the secure user profile (Dispensa, Abstract, a primary authentication request transmitted from a user from a first device, process the primary authentication request to determine whether the user is authorized to access one or more resources). Dispensa does not disclose: train, using training data, a neural network that includes one or more machine learning models that are configured to predict authenticity of the security request wherein the training data includes attributes of the security request predict, via the neural network, the authenticity of the security request store , based on the predicted authenticity of the security request, Gordon discloses: train, using training data, a neural network that includes one or more machine learning models that are configured to predict authenticity of the security request wherein the training data includes attributes of the security request (Gordon, [0070], All labeled data is then segregated into 3 containers of training data, evaluation data, and test data. Training data windows are passed through the network, and the output is compared to the label of that window to compute the error. [0068], To train the network, backpropagation is used using stochastic gradient descent (SGD). [0068], To achieve this, a deep neural network with a convolutional component is used, [0059], one or several convolutional neural network layers are constructed. [0061], convolutional layers, 2 dense layers, and one SoftMax layer will be described. [0069], A SoftMax layer (regression) uses those mappings to make a prediction. [0072], outputs a probability that they were generated by the current (authorized) subject. [0074], component computes a binary authentication, probability, confidence and/or binary decision about whether the current subject is authenticated based on their behavior. For the given business case); predict, via the neural network, the authenticity of the security request (Gordon, [0069], A SoftMax layer (regression) uses those mappings to make a prediction in Component 7 e 350 , which is then converted to a probability that the given window was generated by the current subject in Component 7 f 360 . [0072], Preprocessed data windows gathered from the subject are passed to the classification component which outputs a probability that they were generated by the current (authorized) subject. [0074], This component computes a binary authentication, probability, confidence and/or binary decision about whether the current subject is authenticated based on their behavior); store , based on the predicted authenticity of the security request, (Gordon, [0069], A SoftMax layer (regression) uses those mappings to make a prediction in Component 7 e 350 , which is then converted to a probability that the given window was generated by the current subject in Component 7 f 360 .[0072], This component consumes current observations from the subject and a trained model and outputs an indicator of whether that data fits the current model.[0072], This component consumes current observations from the subject and a trained model and outputs an indicator of whether that data fits the current model. Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Dispensa’s multifactor authentication by enhancing Dispensa’s systems and methods for secure network computing and multifactor authentication to ensure that the users credentials, logon information, or other information or to process the initial authentication as taught by Gordon in order to ensure that only legitimate device are enrolled as pre-authorized devices. The motivation is to enhance the security of the authentication system by improving the accuracy of authentication decisions and reducing the unauthorized users or devices. Regarding Claim 4: The computing system of claim 1, Dispensa in view of Gordon disclose wherein execution of the executable code further causes the at least one processor to: receive a removal request from a computing device, the removal request initiating removal of the IP address of the user device from the list of pre-authorized devices (Dispensa, [0054], At operation 565 the data received in the AppTunnel is removed and passed to the process (i.e., the web browser) for further processing and presentation to a user via a suitable interface such as, e.g., a display. Operations 560 - 565 may be repeated until, at operation 570 , there is no more data to tunnel, whereupon operations terminate.); and based on receiving the removal request, remove the IP address from the list of pre-authorized devices (Dispensa, [0058], At operation 730 the data is removed from the secure tunnel established by AppTunnels. In one embodiment, the AppTunnels client attached to the browser in the client computing device 110 a, 110 b, 110 c removes the received data from the tunnel and, at operation 735 , forwards the data to the web browser). Regarding Claim 9: The computing system of claim 1, Dispensa in view of Gordon disclose wherein verification of the authentication credentials to provide the user device with access to the secure user profile includes the multi-factor authentication (Dispensa, [0097], a the authentication server may implement a pre-authentication process. After receiving the primary authentication credentials, the authentication system can attempt to pre-authenticate them using a different API interface, rather than pre-authenticating to the target server itself. ). Regarding Claim 11: Dispensa discloses: A computer-implemented method, comprising: receiving, from a user device, a security request for an IP address of the user device to be stored as a pre-authorized device for future authentication instances incorporating multi-factor authentication, the request being received after authentication credentials have been verified to provide the user device with access to a secure user profile (Dispensa, [0074], The user account could then be used to track browsing history, make more intelligent decisions about advertising content to be presented, or offer other value-added services. Users of the service would then be prompted to log in to the website (or to the downloaded client software) using the established authentication credentials. Optionally, a cookie-based login persistence mechanism can be supported, allowing the user to go for a period of time without the need to log in.); the IP address of the user device to a list of pre-authorized devices, the list of pre-authorized devices associated with the secure user profile (Dispensa, Abstract, in response to a determination that the user is authorized to access one or more resources, initiate, a secondary authentication request, and transmit the secondary authentication request from the network element to the user via a second communication channel, different from the first communication channel.); identifying, via the IP address recognition gateway, the IP address of the user device is attempting to access the secure user profile (Dispensa, [0092], the authentication server 930 may store in a memory module such as cache memory the results of a primary authentication request initiated by a user, alone or in combination with the results of a secondary authentication response provided by the user. The results may be stored in for a predetermined period of time or for a dynamic period of time); ; comparing the IP address to stored devices on the list of pre-authorized devices associated with the secure user profile (Dispensa, [0093], in some embodiments of the authentication server 930 may detect the network address from which the primary authentication request is initiated and may compare the network address with a list of approved network addresses stored in a memory module) ; determining that the user device is pre-authorized to bypass the multi-factor authentication (Dispensa, [0092], The authentication server 930 may require that subsequent primary authentication requests be initiated from the same network address in order to bypass the secondary authentication request. Thus, in some embodiments the authentication server 930 may detect the network address from which the primary authentication request is initiated and may store the network address in a memory module.); and authorizing the user device to access the secure user profile (Dispensa, Abstract, a primary authentication request transmitted from a user from a first device, process the primary authentication request to determine whether the user is authorized to access one or more resources). Dispensa does not disclose: training, using training data, a neural network that includes one or more machine learning models that are configured to predict authenticity of the security request wherein the training data includes attributes of the security request; predicting, via the neural network, the authenticity of the security request; storing , based on the predicted authenticity of the security request, Gordon discloses: training, using training data, a neural network that includes one or more machine learning models that are configured to predict authenticity of the security request wherein the training data includes attributes of the security request (Gordon, [0070], All labeled data is then segregated into 3 containers of training data, evaluation data, and test data. Training data windows are passed through the network, and the output is compared to the label of that window to compute the error. [0068], To train the network, backpropagation is used using stochastic gradient descent (SGD). [0068], To achieve this, a deep neural network with a convolutional component is used, [0059], one or several convolutional neural network layers are constructed. [0061], convolutional layers, 2 dense layers, and one SoftMax layer will be described. [0069], A SoftMax layer (regression) uses those mappings to make a prediction. [0072], outputs a probability that they were generated by the current (authorized) subject. [0074], component computes a binary authentication, probability, confidence and/or binary decision about whether the current subject is authenticated based on their behavior. For the given business case) ; predicting, via the neural network, the authenticity of the security request (Gordon, [0069], A SoftMax layer (regression) uses those mappings to make a prediction in Component 7 e 350 , which is then converted to a probability that the given window was generated by the current subject in Component 7 f 360 . [0072], Preprocessed data windows gathered from the subject are passed to the classification component which outputs a probability that they were generated by the current (authorized) subject. [0074], This component computes a binary authentication, probability, confidence and/or binary decision about whether the current subject is authenticated based on their behavior); storing , based on the predicted authenticity of the security request, (Gordon, [0069], A SoftMax layer (regression) uses those mappings to make a prediction in Component 7 e 350 , which is then converted to a probability that the given window was generated by the current subject in component 7 f 360/ [0072], This component consumes current observations from the subject and a trained model and outputs an indicator of whether that data fits the current model.[0072], This component consumes current observations from the subject and a trained model and outputs an indicator of whether that data fits the current model. Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Dispensa’s multifactor authentication by enhancing Dispensa’s systems and methods for secure network computing and multifactor authentication to ensure that the users credentials, logon information, or other information or to process the initial authentication as taught by Gordon in order to ensure that only legitimate device are enrolled as pre-authorized devices. The motivation is to enhance the security of the authentication system by improving the accuracy of authentication decisions and reducing the unauthorized users or devices. Regarding Claim 14: The computer-implemented method of claim 11, Dispensa in view of Gordon disclose further comprising: receiving a removal request from a computing device, the removal request initiating removal of the IP address of the user device from the list of pre-authorized devices (Dispensa, [0054], At operation 565 the data received in the AppTunnel is removed and passed to the process (i.e., the web browser) for further processing and presentation to a user via a suitable interface such as, e.g., a display. Operations 560 - 565 may be repeated until, at operation 570 , there is no more data to tunnel, whereupon operations terminate.); and based on receiving the removal request, removing the IP address from the list of pre-authorized devices (Dispensa, [0058], At operation 730 the data is removed from the secure tunnel established by AppTunnels. In one embodiment, the AppTunnels client attached to the browser in the client computing device 110 a, 110 b, 110 c removes the received data from the tunnel and, at operation 735 , forwards the data to the web browser). Regarding Claim 18: A computing system, comprising: at least one processor; a communication interface communicatively coupled to the at least one processor (Dispensa,[0016], System hardware 220 includes a processor 222 ) ; a communication interface communicatively coupled to the at least one processor (Dispensa, [0017], Memory 230 includes an operating system 240 for managing operations of computer 208 . In one embodiment, operating system 240 includes a hardware interface module 254 that provides an interface to system hardware 220 …) ; and one or more memory devices storing executable code, wherein execution of the executable code causes the at least one processor to: verify authentication credentials to provide a user device with access to a secure user profile (Dispensa, [0074], The user account could then be used to track browsing history, make more intelligent decisions about advertising content to be presented, or offer other value-added services. Users of the service would then be prompted to log in to the website (or to the downloaded client software) using the established authentication credentials. Optionally, a cookie-based login persistence mechanism can be supported, allowing the user to go for a period of time without the need to log in.); ; transmit a notification to the user device once the authentication credentials have been verified, the notification advising of an option to store an IP address of the user device to a list of pre-authorized devices for future authentication instances incorporating multi-factor authentication; receive, from the user device, a security request for the IP address of the user device to be stored to the list of pre-authorized devices as a pre-authorized device (Dispensa, [0074], The user account could then be used to track browsing history, make more intelligent decisions about advertising content to be presented, or offer other value-added services. Users of the service would then be prompted to log in to the website (or to the downloaded client software) using the established authentication credentials. Optionally, a cookie-based login persistence mechanism can be supported, allowing the user to go for a period of time without the need to log in.); the IP address of the user device to a list of pre-authorized devices, the list of pre-authorized devices associated with the secure user profile (Dispensa, Abstract, in response to a determination that the user is authorized to access one or more resources, initiate, a secondary authentication request, and transmit the secondary authentication request from the network element to the user via a second communication channel, different from the first communication channel.); identify, via an IP address recognition gateway, the IP address of the user device is attempting to access the secure user profile (Dispensa, [0092], the authentication server 930 may store in a memory module such as cache memory the results of a primary authentication request initiated by a user, alone or in combination with the results of a secondary authentication response provided by the user. The results may be stored in for a predetermined period of time or for a dynamic period of time); compare the IP address to stored devices on the list of pre-authorized devices associated with the secure user profile (Dispensa, [0093], in some embodiments of the authentication server 930 may detect the network address from which the primary authentication request is initiated and may compare the network address with a list of approved network addresses stored in a memory module); determine that the user device is pre-authorized to bypass the multi-factor authentication (Dispensa, [0092], The authentication server 930 may require that subsequent primary authentication requests be initiated from the same network address in order to bypass the secondary authentication request. Thus, in some embodiments the authentication server 930 may detect the network address from which the primary authentication request is initiated and may store the network address in a memory module.); and authorize the user device to access the secure user profile (Dispensa, Abstract, a primary authentication request transmitted from a user from a first device, process the primary authentication request to determine whether the user is authorized to access one or more resources). Dispensa does not disclose: train, using training data, a neural network that includes one or more machine learning models that are configured to predict authenticity of the security request wherein the training data includes attributes of the security request; predict, via the neural network, the authenticity of the security request; store , based on the predicted authenticity of the security request, Gordon discloses: train, using training data, a neural network that includes one or more machine learning models that are configured to predict authenticity of the security request wherein the training data includes attributes of the security request (Gordon, [0070], All labeled data is then segregated into 3 containers of training data, evaluation data, and test data. Training data windows are passed through the network, and the output is compared to the label of that window to compute the error. [0068], To train the network, backpropagation is used using stochastic gradient descent (SGD). [0068], To achieve this, a deep neural network with a convolutional component is used, [0059], one or several convolutional neural network layers are constructed. [0061], convolutional layers, 2 dense layers, and one SoftMax layer will be described. [0069], A SoftMax layer (regression) uses those mappings to make a prediction. [0072], outputs a probability that they were generated by the current (authorized) subject. [0074], component computes a binary authentication, probability, confidence and/or binary decision about whether the current subject is authenticated based on their behavior. For the given business case); predict, via the neural network, the authenticity of the security request (Gordon, [0069], A SoftMax layer (regression) uses those mappings to make a prediction in Component 7 e 350 , which is then converted to a probability that the given window was generated by the current subject in Component 7 f 360 . [0072], Preprocessed data windows gathered from the subject are passed to the classification component which outputs a probability that they were generated by the current (authorized) subject. [0074], This component computes a binary authentication, probability, confidence and/or binary decision about whether the current subject is authenticated based on their behavior) ; store , based on the predicted authenticity of the security request (Gordon, [0069], A SoftMax layer (regression) uses those mappings to make a prediction in Component 7 e 350 , which is then converted to a probability that the given window was generated by the current subject in Component 7 f 360 .[0072], This component consumes current observations from the subject and a trained model and outputs an indicator of whether that data fits the current model.[0072], This component consumes current observations from the subject and a trained model and outputs an indicator of whether that data fits the current model. Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Dispensa’s multifactor authentication by enhancing Dispensa’s systems and methods for secure network computing and multifactor authentication to ensure that the users credentials, logon information, or other information or to process the initial authentication as taught by Gordon in order to ensure that only legitimate device are enrolled as pre-authorized devices. The motivation is to enhance the security of the authentication system by improving the accuracy of authentication decisions and reducing the unauthorized users or devices . 07-21-aia AIA Claim 2- 3, 10, 12-13 and 20 -22 is r ejected under 35 U.S.C. 103 as being unpatentable over D ispensa(US Publication No. 20080120711 A1) in view of Gordon (US Publication No. 2019/0044942 A1) in further view of Golan(US Publication No. 2005/0097320 A1) R egarding Claim 2: Dispensa in view of Gordon disclose: The computing system of claim 1… Dispensa in view of Gordon does not disclose: wherein the security request is a default automated request and execution of the executable code further causes the at least one processor to: transmit a verification request to the user device prior to storing the IP address, the verification request requesting verification from the user device that the IP address of the user device should be pre-authorized and receive, in response to the verification request, authorization for the IP address of the user device to be stored to the list of pre-authorized devices Golan discloses: wherein the security request is a default automated request and execution of the executable code further causes the at least one processor to: transmit a verification request to the user device prior to storing the IP address, the verification request requesting verification from the user device that the IP address of the user device should be pre-authorized (Golan, [0034], The risk engine or risk determination process may be altered in real-time based on the authentication result after an authentication challenge is presented. For example when fraud is suspected the security requirement may be raised, and the user may be asked for additional authentication. Based on the results of the additional authentication requirement the risk engine or the appropriate databases may be updated and fine-tuned.); and receive, in response to the verification request, authorization for the IP address of the user device to be stored to the list of pre-authorized devices (Golan, [0032], In operation 203 , the institution (e.g., via an online service application) may send a request to the risk based authentication local module 120 , which may forward the information it to the risk based authentication server 150 , via for example the user's web browser or via another method.). Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Dispensa in view of Gordon multifactor authentication by enhancing Dispensa in view of Gordon systems and methods for secure network computing and multifactor authentication to ensure that the users credentials, logon information, or other information or to process the initial authentication as taught by Golan in order to ensure a verification request to the user device prior to storing the IP address. The motivation is to enhance the security of MFA-bypass enrollment by ensuring that only the legitimate user intentionally authorizes the addition of a trusted IP. Regarding Claim 3: The computing system of claim 2, Dispensa in view of Gordon in further view of Golan disclose wherein execution of the executable code further causes the at least one processor to: log a date that the IP address of the user device was stored to the list of pre-authorized devices(Dispensa, [0072], IP address-based information may be used to correlate the anonymous user's browsing activities, for purposes including providing advanced service features (such as browsing history, enhanced status reporting, etc), selecting relevant advertising, or for other purposes.); and upon determining that a difference between the logged date and the current date surpasses the predefined duration threshold, initiate the multi-factor authentication (Dispensa, [0096], a user's primary authentication credentials to the authentication server without incurring unwanted side-effects. For example, logging into a web application using primary authentication credentials may cause the application to take actions such as creating a user session, logging a message, or the like that may be undesirable.). Dispensa does not disclose: compare, in response to receiving the authorization, a current date of the authorization and the logged date to a predefined duration threshold of permitted time for bypassing the multi-factor authentication to determine if the logged date is beyond the predefined duration threshold Golan discloses: compare, in response to receiving the authorization, a current date of the authorization and the logged date to a predefined duration threshold of permitted time for bypassing the multi-factor authentication to determine if the logged date is beyond the predefined duration threshold (Golan, [0079], IP address, IP address geo-location, time and date of the login (both GMT and adjusted to the local time zone), browser, cookies stored on the local computer, online login account, time it takes for the login page to download, time it takes the user to respond (to submit the login details), time it takes the user to enter the various fields or even the various letter, whether the user had to correct the details while he entered them.); Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Dispensa’s multifactor authentication by enhancing Dispensa’s systems and methods for secure network computing and multifactor authentication to ensure that the users credentials, logon information, or other information or to process the initial authentication as taught by Golan in order to ensure the person accessing the system is still the legitimate user and their session has not been hijacked. The motivation is to ensure that the authentication information (e.g., phone numbers or email addresses used for MFA) is current. If a user's contact information changes, the next re-authentication prompt will require them to use their updated information. Regarding Claim 10: Dispensa in view of Gordon disclose: The computing system of claim 1… Dispensa in view of Gordon do not disclose: wherein the security request for the IP address of the user device to be stored as the pre-authorized device is received in response to transmitting a notification to the user device once the authentication credentials have been verified, the notification advising of an option to store the IP address of the user device to the list of pre-authorized devices Golan discloses: wherein the security request for the IP address of the user device to be stored as the pre-authorized device is received in response to transmitting a notification to the user device once the authentication credentials have been verified, the notification advising of an option to store the IP address of the user device to the list of pre-authorized devices (Golan, [0032], The institution 100 (e.g., an online service provider) may perform the initial authentication using its standard methods. In one embodiment, the risk based authentication local module 120 and/or risk based authentication server 150 do not need to know the user's credentials, logon information, or other information or to process the initial authentication itself—it may simply receive the result of the login from the institution 100 . In operation 203 , the institution (e.g., via an online service application) may send a request to the risk based authentication local module 120 , which may forward the information it to the risk based authentication server 150 , via for example the user's web browser or via another method.). Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Dispensa in view of Gordon’s multifactor authentication by enhancing Dispensa in view of Gordon’s systems and methods for secure network computing and multifactor authentication to ensure that the user’s credentials, logon information, or other information or to process the initial authentication as taught by Golan in order to improve the integrity and transparency of the trusted device process. The motivation is to ensure that the trusted device enrollment is always deliberate user-initiated action rather that something that could occur automatically without the user’s awareness. Regarding Claim 12: Dispensa in view of Gordon discloses: The computer-implemented method of claim 11… Dispensa in view of Gordon does not disclose: wherein the security request is a default automated request and the method further includes: transmitting a verification request to the user device prior to storing the IP address, the verification request requesting verification from the user device that the IP address of the user device should be pre-authorized; and receiving, in response to the verification request, authorization for the IP address of the user device to be stored to the list of pre-authorized devices. Golan discloses: wherein the security request is a default automated request and the method further includes: transmitting a verification request to the user device prior to storing the IP address, the verification request requesting verification from the user device that the IP address of the user device should be pre-authorized (Golan, [0034], The risk engine or risk determination process may be altered in real-time based on the authentication result after an authentication challenge is presented. For example when fraud is suspected the security requirement may be raised, and the user may be asked for additional authentication. Based on the results of the additional authentication requirement the risk engine or the appropriate databases may be updated and fine-tuned.); and receiving, in response to the verification request, authorization for the IP address of the user device to be stored to the list of pre-authorized devices (Golan, [0032], In operation 203 , the institution (e.g., via an online service application) may send a request to the risk based authentication local module 120 , which may forward the information it to the risk based authentication server 150 , via for example the user's web browser or via another method.). Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Dispensa in view of Gordon multifactor authentication by enhancing Dispensa in view of Gordon systems and methods for secure network computing and multifactor authentication to ensure that the users credentials, logon information, or other information or to process the initial authentication as taught by Golan in order to ensure a verification request to the user device prior to storing the IP address. The motivation is to enhance the security of MFA-bypass enrollment by ensuring that only the legitimate user intentionally authorizes the addition of a trusted IP. Regarding Claim 13: The computer-implemented method of claim 12, Dispensa in view of Gordon in further view of Golan disclsoe further comprising: logging a date that the IP address of the user device was stored to the list of pre-authorized devices(Dispensa, [0072], IP address-based information may be used to correlate the anonymous user's browsing activities, for purposes including providing advanced service features (such as browsing history, enhanced status reporting, etc), selecting relevant advertising, or for other purposes.); upon determining that a difference between the logged date and the current date surpasses the predefined duration threshold, initiate the multi-factor authentication (Dispensa, [0096], a user's primary authentication credentials to the authentication server without incurring unwanted side-effects. For example, logging into a web application using primary authentication credentials may cause the application to take actions such as creating a user session, logging a message, or the like that may be undesirable.). Dispensa in view of Gordon do not disclose: comparing, in response to receiving the authorization, a current date of the authorization and the logged date to a predefined duration threshold of permitted time for bypassing the multi-factor authentication to determine if the logged date is beyond the predefined duration threshold Golan discloses: comparing, in response to receiving the authorization, a current date of the authorization and the logged date to a predefined duration threshold of permitted time for bypassing the multi- factor authentication to determine if the logged date is beyond the predefined duration threshold (Golan, [0079], IP address, IP address geo-location, time and date of the login (both GMT and adjusted to the local time zone), browser, cookies stored on the local computer, online login account, time it takes for the login page to download, time it takes the user to respond (to submit the login details), time it takes the user to enter the various fields or even the various letter, whether the user had to correct the details while he entered them.); Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Dispensa in view of Gordon multifactor authentication by enhancing Dispensa in view of Gordon systems and methods for secure network computing and multifactor authentication to ensure that the users credentials, logon information, or other information or to process the initial authentication as taught by Golan in order to ensure the person accessing the system is still the legitimate user and their session has not been hijacked. The motivation is to ensure that the authentication information (e.g., phone numbers or email addresses used for MFA) is current. If a user's contact information changes, the next re-authentication prompt will require them to use their updated information. Regarding Claim 21: Dispensa in view of Gordon disclose: The computing system of claim 18… Dispensa in view of Gordon do not disclsoe: wherein execution of the executable code further causes the at least one processor to: transmit a verification request to the user device prior to storing the IP address, the verification request requesting verification from the user device that the IP address of the user device should be pre-authorized and receive, in response to the verification request, authorization for the IP address of the user device to be stored to the list of pre-authorized devices Golan discloses: wherein execution of the executable code further causes the at least one processor to: transmit a verification request to the user device prior to storing the IP address, the verification request requesting verification from the user device that the IP address of the user device should be pre-authorized (Golan, [0034], The risk engine or risk determination process may be altered in real-time based on the authentication result after an authentication challenge is presented. For example when fraud is suspected the security requirement may be raised, and the user may be asked for additional authentication. Based on the results of the additional authentication requirement the risk engine or the appropriate databases may be updated and fine-tuned.) ; and receive, in response to the verification request, authorization for the IP address of the user device to be stored to the list of pre-authorized devices (Golan, [0032], In operation 203 , the institution (e.g., via an online service application) may send a request to the risk based authentication local module 120 , which may forward the information it to the risk based authentication server 150 , via for example the user's web browser or via another method.). Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Dispensa in view of Gordon multifactor authentication by enhancing Dispensa in view of Gordon systems and methods for secure network computing and multifactor authentication to ensure that the users credentials, logon information, or other information or to process the initial authentication as taught by Golan in order to ensure a verification request to the user device prior to storing the IP address. The motivation is to enhance the security of MFA-bypass enrollment by ensuring that only the legitimate user intentionally authorizes the addition of a trusted IP. Regarding Claim 22: The computing system of claim 21, Dispensa in view of Gordon in further view of Golan disclose wherein execution of the executable code further causes the at least one processor to: log a date that the IP address of the user device was stored to the list of pre-authorized devices(Dispensa, [0072], IP address-based information may be used to correlate the anonymous user's browsing activities, for purposes including providing advanced service features (such as browsing history, enhanced status reporting, etc), selecting relevant advertising, or for other purposes.); Dispensa in view of Gordon do not disclose: compare, in response to receiving the authorization, a current date of the authorization and the logged date to a predefined duration threshold of permitted time for bypassing the multi-factor authentication to determine if the logged date is beyond the predefined duration threshold; and upon determining that a difference between the logged date and the current date surpasses the predefined duration threshold, initiate the multi-factor authentication Golan discloses: compare, in response to receiving the authorization, a current date of the authorization and the logged date to a predefined duration threshold of permitted time for bypassing the multi-factor authentication to determine if the logged date is beyond the predefined duration threshold; and upon determining that a difference between the logged date and the current date surpasses the predefined duration threshold, initiate the multi-factor authentication (Golan, [0079], IP address, IP address geo-location, time and date of the login (both GMT and adjusted to the local time zone), browser, cookies stored on the local computer, online login account, time it takes for the login page to download, time it takes the user to respond (to submit the login details), time it takes the user to enter the various fields or even the various letter, whether the user had to correct the details while he entered them.); . 07-21-aia AIA Claim 5-8 and 15-17 is rejected under 35 U.S.C. 103 as being unpatentable over Dispensa(US Publication No. 20080120711 A1) in view of Gordon (US Publication No 2019/004942 A1) in further view of McLaughlin(US Publication No. 2014/0297527 A1) Regarding Claim 5: Dispnesa in view of Gordon disclose: The computing system of claim 1… Dispensa in view of Gordon does not disclose: wherein execution of the executable code further causes the at least one processor to ascertain authenticity of the security request, the ascertaining including identifying a geolocation of the IP address by corresponding with a server that maps IP addresses to geographic locations in real time McLaughlin discloses: wherein execution of the executable code further causes the at least one processor to ascertain authenticity of the security request, the ascertaining including identifying a geolocation of the IP address by corresponding with a server that maps IP addresses to geographic locations in real time (McLaughlin, [0047], as opposed to a hardware locating device 34 , the physical location of the initiating device 20 and the mobile device 24 may be determined using an IP address, cellular triangulation, multilateration of radio signals, Wi-Fi triangulation, lookup table containing a known location of the initiating device, or using any other suitable means. For example, for controllers of the initiating device (e.g., a brick and mortar merchant) having a verified address, the location of the initiating device 20 may be obtained by using a look up table (e.g., stored in the database 29 ) to determine the verified address of the initiating device 20 .). Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Dispensa in view of Gordon’s multifactor authentication by enhancing Dispensa in view of Gordon’s systems and methods for secure network computing and multifactor authentication to ensure that the users credentials, logon information, or other information or to process the initial authentication as taught by McLaughlin in order to ensure legitimate users can authorize MFA-bypass actions. The motivation is to reduce the risk of credential theft and phishing attacks while protecting the integrity of the trusted device list and aligns the system with standard industry fraud detection practices and improving account takeover resistance. Regarding Claim 6: The computing system of claim 5, Dispnesa in view of Gordon in further view of McLaughlin disclose wherein execution of the executable code further causes the at least one processor to compare the geolocation of the IP address to user data associated with the secure user profile, the user data including a user’s address, to determine whether the geolocation is within a predefined radius of the user’s address (McLaughlin, [0004], The method also includes determining a validity of the received user data by comparison with saved data stored in a database. If the received user data is determined valid, the method determines the physical location of the initiating device relative to the physical location of the mobile device associated with the user, identifies the user data as confirmed valid if the physical location of the initiating device relative to the physical location of the mobile device is within a predefined proximity, [0013], Additionally or alternatively, the physical location of at least one of the initiating device and the mobile device is determined using at least one of an IP address, cellular triangulation, multilateration of radio signals, and Wi-Fi triangulation.). Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Dispensa in further view of Gordon multifactor authentication by enhancing Dispensa in view of Gordon’s systems and methods for secure network computing and multifactor authentication to ensure that the user’s credentials, logon information, or other information or to process the initial authentication as taught by McLaughlin in order to ensure the request originates from a location. The motivation is to reduce the risk of malicious attack that where a user could attempt to enroll their own IP address as a trusted device to bypass future MFA challenges, by enforcing a proximity rule tied to the user’s verified address. Regarding Claim 7: The computing system of claim 5, Dispnesa in view of Gordon in further view of McLaughlin disclose wherein execution of the executable code further causes the at least one processor to compare the geolocation of the IP address to purchase data associated with the secure user profile, the purchase data including one or more purchase locations of one or more purchases made to one or more accounts associated with the secure user profile, to determine whether the geolocation is within a predefined radius of the one or more purchase locations( McLaughlin, [0036], The present invention provides a system and method for approving or disapproving a transaction requested by an initiating device (e.g., a cash register including a credit card reader) based on a physical location of a mobile device associated with a user relative to a physical location of the initiating device. A user attempting to perform a sensitive action (e.g., make a purchase using a credit card) at an initiating device provides user data to the initiating device. After validating the user data (e.g., credit card number and card security code), the system determines a mobile device (e.g., a mobile phone) associated with the user.). Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Dispensa in further view of Gordon multifactor authentication by enhancing Dispensa’s systems and methods for secure network computing and multifactor authentication to ensure that the user’s credentials, logon information, or other information or to process the initial authentication as taught by McLaughlin in order to ensure protection against credential theft and account takeover. The motivation is to enhance security by tying the trust decision to the user’s real historical behavior and by detecting suspicious or abnormal activity before allowing the user to register a trusted device. Regarding Claim 8: The computing system of claim 7, Dispnesa in view of Gordon in further view of McLaughlin disclose wherein the purchase data is filtered such that the one or more purchases are within a predefined time period (Dispensa, [0078], an authentication standard, which may permit a card issuer to authenticate the identity of the card member during an online Transaction (typically an online card purchase transaction, although it could be used for the sake of authentication other transactions as well)). Regarding Claim 15: Dispnesa in view of Gordon in further view disclose: The computer-implemented method of claim 11… Dispnesa in view of Gordon in further view does not disclose: further comprising ascertaining authenticity of the security request, the ascertaining including identifying a geolocation of the IP address by corresponding with a server that maps IP addresses to geographic locations in real time McLaughlin discloses: further comprising ascertaining authenticity of the security request, the ascertaining including identifying a geolocation of the IP address by corresponding with a server that maps IP addresses to geographic locations in real time (McLaughlin, [0047], as opposed to a hardware locating device 34 , the physical location of the initiating device 20 and the mobile device 24 may be determined using an IP address, cellular triangulation, multilateration of radio signals, Wi-Fi triangulation, lookup table containing a known location of the initiating device, or using any other suitable means. For example, for controllers of the initiating device (e.g., a brick and mortar merchant) having a verified address, the location of the initiating device 20 may be obtained by using a look up table (e.g., stored in the database 29 ) to determine the verified address of the initiating device 20 .). Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Dispensa in view of Gordon’s multifactor authentication by enhancing Dispensa in view of Gordon’s systems and methods for secure network computing and multifactor authentication to ensure that the users credentials, logon information, or other information or to process the initial authentication as taught by McLaughlin in order to ensure legitimate users can authorize MFA-bypass actions. The motivation is to reduce the risk of credential theft and phishing attacks while protecting the integrity of the trusted device list and aligns the system with standard industry fraud detection practices and improving account takeover resistance. Regarding Claim 16: The computer-implemented method of claim 15, Dispnesa in view of Gordon in further view of McLaughlin disclose further comprising comparing the geolocation of the IP address to user data associated with the secure user profile, the user data including a user’s address, to determine whether the geolocation is within a predefined radius of the user’s address (McLaughlin, [0004], The method also includes determining a validity of the received user data by comparison with saved data stored in a database. If the received user data is determined valid, the method determines the physical location of the initiating device relative to the physical location of the mobile device associated with the user, identifies the user data as confirmed valid if the physical location of the initiating device relative to the physical location of the mobile device is within a predefined proximity, [0013], Additionally or alternatively, the physical location of at least one of the initiating device and the mobile device is determined using at least one of an IP address, cellular triangulation, multilateration of radio signals, and Wi-Fi triangulation.). Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Dispensa in view of Gordon multifactor authentication by enhancing Dispensa in view of Gordon systems and methods for secure network computing and multifactor authentication to ensure that the user’s credentials, logon information, or other information or to process the initial authentication as taught by McLaughlin in order to ensure the request originates from a location. The motivation is to reduce the risk of malicious attack that where a user could attempt to enroll their own IP address as a trusted device to bypass future MFA challenges, by enforcing a proximity rule tied to the user’s verified address. Regarding Claim 17: The computer-implemented method of claim 15, Dispnesa in view of Gordon in further view of McLaughlin disclose further comprising comparing the geolocation of the IP address to purchase data associated with the secure user profile, the purchase data including one or more purchase locations of one or more purchases made to one or more accounts associated with the secure user profile, to determine whether the geolocation is within a predefined radius of the one or more purchase locations( McLaughlin, [0036], The present invention provides a system and method for approving or disapproving a transaction requested by an initiating device (e.g., a cash register including a credit card reader) based on a physical location of a mobile device associated with a user relative to a physical location of the initiating device. A user attempting to perform a sensitive action (e.g., make a purchase using a credit card) at an initiating device provides user data to the initiating device. After validating the user data (e.g., credit card number and card security code), the system determines a mobile device (e.g., a mobile phone) associated with the user.). Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Dispensa in view of Gordon’s multifactor authentication by enhancing Dispensa in view of Gordon’s systems and methods for secure network computing and multifactor authentication to ensure that the user’s credentials, logon information, or other information or to process the initial authentication as taught by McLaughlin in order to ensure protection against credential theft and account takeover. The motivation is to enhance security by tying the trust decision to the user’s real historical behavior and by detecting suspicious or abnormal activity before allowing the user to register a trusted device. Conclusion 07-40 AIA Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL . See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to MAYASA SHAAWAT whose telephone number is (571)272-3939. The examiner can normally be reached on M-F, 8 AM TO 5 PM. If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, JEFFREY PWU can be reached on (571)272-6789. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /MAYASA A. SHAAWAT/ Examiner, Art Unit 2433 /JEFFREY C PWU/ Supervisory Patent Examiner, Art Unit 2433 Application/Control Number: 18/884,768 Page 2 Art Unit: 2433 Application/Control Number: 18/884,768 Page 3 Art Unit: 2433 Application/Control Number: 18/884,768 Page 4 Art Unit: 2433 Application/Control Number: 18/884,768 Page 5 Art Unit: 2433 Application/Control Number: 18/884,768 Page 6 Art Unit: 2433 Application/Control Number: 18/884,768 Page 7 Art Unit: 2433 Application/Control Number: 18/884,768 Page 8 Art Unit: 2433 Application/Control Number: 18/884,768 Page 9 Art Unit: 2433 Application/Control Number: 18/884,768 Page 10 Art Unit: 2433 Application/Control Number: 18/884,768 Page 11 Art Unit: 2433 Application/Control Number: 18/884,768 Page 12 Art Unit: 2433 Application/Control Number: 18/884,768 Page 13 Art Unit: 2433 Application/Control Number: 18/884,768 Page 14 Art Unit: 2433 Application/Control Number: 18/884,768 Page 15 Art Unit: 2433 Application/Control Number: 18/884,768 Page 16 Art Unit: 2433 Application/Control Number: 18/884,768 Page 17 Art Unit: 2433 Application/Control Number: 18/884,768 Page 18 Art Unit: 2433 Application/Control Number: 18/884,768 Page 19 Art Unit: 2433 Application/Control Number: 18/884,768 Page 20 Art Unit: 2433 Application/Control Number: 18/884,768 Page 21 Art Unit: 2433 Application/Control Number: 18/884,768 Page 22 Art Unit: 2433 Application/Control Number: 18/884,768 Page 23 Art Unit: 2433 Application/Control Number: 18/884,768 Page 24 Art Unit: 2433 Application/Control Number: 18/884,768 Page 25 Art Unit: 2433 Application/Control Number: 18/884,768 Page 26 Art Unit: 2433 Application/Control Number: 18/884,768 Page 27 Art Unit: 2433 Application/Control Number: 18/884,768 Page 28 Art Unit: 2433 Application/Control Number: 18/884,768 Page 29 Art Unit: 2433 Application/Control Number: 18/884,768 Page 30 Art Unit: 2433 Application/Control Number: 18/884,768 Page 31 Art Unit: 2433 Application/Control Number: 18/884,768 Page 32 Art Unit: 2433 Application/Control Number: 18/884,768 Page 33 Art Unit: 2433